Config Management Camp 2024 Ghent

eBPF-based Security Observability & Runtime Enforcement with Cilium Tetragon
2024-02-06, 14:50–15:40, B.2.015

eBPF is used in several cloud native security tools. In this talk we’ll dive into demos and code to explore how eBPF can be used for the next generation of security enforcement tooling. This talk will cover:
- Why enforcing NetworkPolicy with eBPF has been in place for years, but preventive security for applications has taken longer.
- How Phantom attacks can compromise the use of basic system call hooks.
- How other eBPF attachment points, such as BPF LSM, can be used for preventive security.

Raphaël is a Senior Technical Marketing Engineer with Cloud Native networking and security specialists Isovalent, creators of the Cilium eBPF-based networking project. He works on Cilium, Hubble & Tetragon and the future of Cloud-Native networking & security using eBPF.

An early adept of the DevOps principle, he has been a practitioner of Configuration Management and Agile principles in Operations for many years, with a special involvement in the Puppet and Terraform communities over the years.

This speaker also appears in: