Security Observability with eBPF

Kubernetes has become the de facto cloud operating system, making it a rich target for both passive and direct attackers. In fact, the largest concern most organizations have with Kubernetes is securing their production environments. But Kubernetes doesn't include observability or a default security configuration to discern if your pods or clusters have been attacked or compromised.

With this report, authors Jed Salazar and Natalia Reka Ivanko help you discover how secure your Kubernetes environment actually is. Using the new eBPF security observability paradigm, security and DevOps teams, SREs, cloud engineers, and solution architects will gain real-time visibility into Kubernetes security. You'll learn how eBPF provides historical and current metrics to help you track improvements and degradations over time.

This report helps you:

• Learn how pre-cloud network security and threat detection changed with the arrival of Kubernetes, and how you can finally solve them with eBPF
• Examine the core security observability events you should monitor, and which events translate into actionable signals for your security team
• Develop prevention policies to block attacks at different stages, rather than retroactively detecting them
• Learn how eBPF creates an improved prevention policy and framework over traditional security tools