Name: Using eBPF to Bring Kubernetes-Aware Security to the Linux Kernel - Dan Wendlandt, Isovalent
Start: 2019-05-21T15:55:00+0200
End: 2019-05-21T16:30:00+0200

Barcelona, Spain
May 20–23, 2019
Click here for more information and registration

View Conference Venue and Sponsor Showcase Map

Back To Schedule

Using eBPF to Bring Kubernetes-Aware Security to the Linux Kernel - Dan Wendlandt, Isovalent

Feedback form is now closed.

eBPF is a powerful Linux kernel technology that has recently become available in mainstream Linux distributions, enabling radically deeper visibility into and control over many aspects of operating system behavior.

In this talk, we will cover the basics of eBPF and then dive into a hands-on exploration of use cases where eBPF-based technologies like Cilium and BCC can enable security visibility and isolation well beyond what is possible with traditional Linux security primitives, Examples include:

1. Auditing the set of syscalls made by users who access pods via "kubectl exec".
2. Network visibility and access control that distinguishes between a sidecar and primary container inside a single pod.
3. API-layer visibility into inter-service connectivity, even if the connection is encrypted using TLS.

Speakers

Dan Wendlandt

Cofounder & CEO, Isovalent

Dan has been a leader in open source networking and security since helping start the Open vSwitch (OVS) project while at Nicira. OVS became the most popular software-defined networking platform for Linux and as part of that work Dan created and acted at the project technical lead... Read More →

KubeCon Europe wendlandt ebpf 2019 pdf

Tuesday May 21, 2019 15:55 - 16:30 CEST
Hall 8.0 C2

Security + Identity + Policy

Skill Level Advanced (Expert level experience)
Link to Session Recording https://youtu.be/7PXQB-1U380

KubeCon + CloudNativeCon Europe 2019

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Dan Wendlandt