Cilium Tetragon is a flexible Kubernetes-aware security observability and runtime enforcement tool that applies policy and filtering directly with eBPF, allowing for reduced observation overhead, tracking of any process, and real-time enforcement of policies. We will walk through some attack scenarios in Kubernetes and how we can leverage Tetragon’s eBPF powered security observability to observe and retroactively detect these attacks.
Presented by:
Tetragon