all InfoSec news
Pitfalls of relying on eBPF for security monitoring (and some solutions)
Security Boulevard securityboulevard.com
By Artem Dinaburg eBPF (extended Berkeley Packet Filter) has emerged as the de facto Linux standard for security monitoring and endpoint observability. It is used by technologies such as BPFTrace, Cilium, Pixie, Sysdig, and Falco due to its low overhead and its versatility. There is, however, a dark (but open) secret: eBPF was never intended […]
The post Pitfalls of relying on eBPF for security monitoring (and some solutions) appeared first on Security Boulevard.
berkeley packet filter cilium dark ebpf endpoint extended berkeley packet filter falco filter guides linux low monitoring observability packet security security monitoring solutions standard sysdig technologies