Kubernetes Defensive Monitoring with Prometheus - David de Torres Huerta & Mirco De Zorzi, Sysdig

less than 1 minute read

Abstract

A great ecosystem of applications and open source projects has emerged to cover different needs and use cases. However, most of the time we always think about using these applications in the use case that they have been designed for. One example is Prometheus, which is the graduated monitoring project in the CNCF. However, monitoring can become a complementary defensive tool for other projects like Falco. Its access via metrics to other kinds of information that is not available in the kernel calls and the ability to look back in the past, allows Prometheus to cover some blindspots that can be exploited by potential attackers. In this talk, David and Mirco will explore some interesting use cases and practical examples where Prometheus can be used for defensive monitoring, giving some ready to use examples and comparing the pros and cons of this approach with runtime security.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Kubernetes Defensive Monitoring with Prometheus - David de Torres Huerta & Mirco De Zorzi, Sysdig

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google