Loading…
Tuesday November 12, 2024 10:40am - 11:05am MST
Least privilege is a very old concept that is well understood and already implemented in the cloud native landscape by Security Teams. It is often encountered when they deploy an application and will be asked: what privileges does this workload require? Join John and Natalia to learn how eBPF allows to implement least privileged policies by injecting code inline into the kernel and keeping the application overhead minimal! This will be a fun talk which evaluates eBPF-based least privileged policies against a list of known CVEs by showing a live demo. We will show how eBPF can be used to implement the least privileged principle by monitoring every process and system call execution, networking and file access, or even stack traces combining this data to create a known ordering and making the attacker's job immensely harder. We will finish by explaining where this technology shines and where we are continuing to improve to block the next generation of security attacks.
Speakers
avatar for Natalia Reka Ivanko

Natalia Reka Ivanko

Sr. Product Manager, Isovalent, now part of Cisco
Natalia Ivanko is a Sr. Product Manager at Isovalent, and now part of Cisco, leading an eBPF-based Runtime Security Product, Tetragon. She has been  previously a Security Engineer with a strong background in Linux, Container and Cloud Security. Passionate about building things that... Read More →
Tuesday November 12, 2024 10:40am - 11:05am MST
Salt Palace | Level 1 | Grand Ballroom B
  Cilium + eBPF Day, Benefits of eBPF

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link