Podcasts about ebpf

Modern software platforms are increasingly composed of diverse microservices, third-party APIs, and cloud resources. The distributed nature of these systems makes it difficult for engineers to gain a clear view of how their systems behave, which can slow down troubleshooting and increase operational risk. groundcover is an observability platform that uses eBPF sensors to capture The post Engineering in the Age of Agents with Yechezkel Rabinovich appeared first on Software Engineering Daily.

On September 8 the world saw the npm supply chain attack. Fortunately the community reacted in record time to avert a disaster. In todays episode we have Constanze Roedig, Key Researcher at SBA Research, who introduces us to the new buddy of SBoM (Software Bill of Materials): SBoB (Software Bill of Behaviors) and her thoughts on how that new approach to fingerprinting software can help cyber security teams. What's a BoB? It's a detailed runtime behavior profile of software. It expands on the static validation option through SBOMs as it allows security teams to validate the correct execution behavior of deployed software at deploy time or continuously in production. Thanks to eBPF, a malicious behavior such as opening non expected ports or accessing non expected files can therefore be detected.Listen to Constanze who shares the work she and Vadim Bauer, Owner of 8gear, have done on this topic. You will learn about how software vendors can create their own SBOBs, ship them with their container images and how security teams can get alerted or enforce any detected malicious behavior. Make sure to check out their GitHub repo, star it if you like it and try their hands-on tutorial!Links:Constanze LinkedIn: https://www.linkedin.com/in/croedig/Vadim LinkedIn: https://www.linkedin.com/in/vadim-bauer/OBobCtl GitHub Repo: https://github.com/k8sstormcenter/bobctlCloud Native Summit Munich Talk: https://www.youtube.com/watch?v=XETuwndd_mw&index=11&pp=iAQBnpm supply chain attack: https://www.infosecurity-magazine.com/news/npm-supply-chain-attack-averted/

Redox is embracing Wayland, Ubuntu is supporting CUDA, and Fedora is introducing Fedora Forge. The eBPF foundation has $100,000 worth of grant money to award, BcacheFS works out DKMS packaging, and Mesa moves towards guidelines for AI code. Fedora 43 and Plasma 6.5 both hit beta this week, with releases coming soon. For tips, we have Semaphore UI for managing ansible and other DevOps tools, wpctl set-profile for more WirePlumber management, and Terminus for gamifying command line learning. You can catch the show notes at https://bit.ly/3KdSukS and enjoy! Host: Jonathan Bennett Co-Hosts: Ken McDonald and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

With quantum computers threatening to compromise today's encryption in just a few years, businesses around the world are working to audit and remediate their exposure. Global bank Santander bank began its quantum computing audit program by first acknowledging a core problem: they didn't actually know what cryptography they were using across their systems. To address this, Santander Global Tech head of quantum tech Mark Carney told a recent SANS Institute conference, the bank launched a discovery exercise, mapping out cryptographic assets and aligning them with evolving standards. They partnered with Microsoft and GitHub to extend CodeQL, enabling static code analysis that could identify weak or outdated cryptography hidden in code, despite variations in naming and APIs. In parallel, they built dynamic monitoring tools using eBPF, which allowed them to tap into network traffic, extract cipher suites, handshake details, and key usage, and then aggregate the data. This revealed, for example, that about a quarter of traffic in their lab environment was already negotiating hybrid post quantum computing (PQC) connections. You can listen to all of the Quantum Minute episodes at https://QuantumMinute.com. The Quantum Minute is brought to you by Applied Quantum, a leading consultancy and solutions provider specializing in quantum computing, quantum cryptography, quantum communication, and quantum AI. Learn more at https://AppliedQuantum.com.

This episode is sponsored by P0 Security. Visit p0.dev/idac to learn why P0 is the easiest and fastest way to implement just-in-time, short-lived, and auditable access to your entire infrastructure stack, like servers, databases, Kubernetes clusters, cloud consoles, and cloud services, for users as well as non-human identities.In this sponsor spotlight episode, Jim and Jeff are joined by Shashwat Sehgal, CEO and founder of P0 Security, to discuss the evolving challenges of privileged access management in modern, cloud-native environments. Shashwat explains how traditional PAM solutions often create friction for developers, leading to over-provisioning and security risks, and how P0 is tackling this problem with a developer-first, just in time (JIT) access model. The conversation covers the core problems with developer productivity, how P0's use of technologies like eBPF provides deep visibility and control without agents, the "Priority Zero" philosophy, and how a JIT approach simplifies audits and compliance. They also discuss the competitive landscape and what sets P0 Security apart from traditional and open-source solutions.Learn more about P0: https://www.p0.dev/idacConnect with Shashwat: https://www.linkedin.com/in/shashwatsehgal/Chapter Timestamps:00:00 - Podcast Intro00:29 - Sponsor Introduction: P0 Security01:38 - What is the problem P0 Security is trying to solve?03:52 - Defining "Just-in-Time" (JIT) Access06:21 - The challenge with traditional PAM for developers08:23 - How P0 provides access without agents using eBPF12:15 - What does the user experience look like?15:58 - Supporting various infrastructure and access protocols19:15 - How does P0 handle session recording and auditing?22:20 - Is this a replacement for Privileged Access Management (PAM)?26:40 - The story behind the name P0 Security29:20 - Who is the ideal customer for P0?33:15 - Handling break-glass scenarios36:04 - Discussing the competitive landscape42:30 - How is P0 deployed? (Cloud vs. On-prem)46:50 - The future of P0 and the "Priority Zero" philosophy50:32 - Final thoughts: "Access is our priority zero."Connect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywords:P0 Security, Shashwat Sagal, Privileged Access Management, PAM, Just-in-Time Access, JIT, Developer Security, Cloud-Native Security, Hybrid Cloud, eBPF, Kubernetes, IAM, Identity and Access Management, Cybersecurity, Zero Trust, Ephemeral Access, Developer Experience, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. • Recent reporting from DataBreaches has added yet another twist to the attribution puzzle between Scattered Spider and ShinyHunters. https://databreaches.net/2025/08/03/are-scattered-spider-and-shinyhunters-one-group-or-two-and-who-did-france-arrest/• A recent disclosure on the oss-security mailing list detailed a set of 11 vulnerabilities in the Linux kernel's eBPF subsystem, originally reported by security researcher “Van1sh” to both the kernel security team and the linux-distros list on July 19. https://www.openwall.com/lists/oss-security/2025/08/03/1• Microsoft's Microsoft Active Protections Program, or MAPP, is designed to shorten the time between vulnerability discovery and patch deployment by giving trusted security vendors early access to vulnerability details. https://nattothoughts.substack.com/p/when-privileged-access-falls-into• US law enforcement, in coordination with multiple international partners, has taken action against the BlackSuit ransomware group — also known as Royal — resulting in the seizure of four servers, nine domains, and approximately $1 million in cryptocurrency. https://www.darkreading.com/vulnerabilities-threats/blacksuit-ransomware-infrastructure-law-enforcementSupport our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.

Neste episódio do Kubicast, recebemos Giulia Bordignon, mais conhecida como SpaceCoding, para uma conversa inspiradora e cheia de provocações sobre a jornada de mulheres na tecnologia. Giulia é desenvolvedora backend, criadora de conteúdo, mestre em Engenharia de Computação e uma das vozes mais ativas sobre representação feminina em TI. O papo vai muito além do clichê e mergulha em temas estruturais como formação acadêmica, barreiras de entrada e as sutilezas do preconceito.Da graduação no interior ao mestrado em IAGiulia compartilha sua trajetória desde os primeiros contatos com a tecnologia, ainda no interior, até a decisão de seguir uma carreira acadêmica. A escolha pela graduação foi movida por uma busca por estabilidade financeira e por influências culturais sobre profissões "respeitadas". Ao longo da conversa, ela revela como disciplinas como contabilidade e administração pareceram limitadas até ela encontrar na tecnologia uma forma de unir criatividade, desafio intelectual e impacto real.Barreiras, bloqueios e viradas de chaveO episódio também expõe o quão traumático pode ser o primeiro contato com conteúdos técnicos para pessoas sem referências. Giulia relata como seu primeiro curso técnico em informática, focado em redes, a afastou da área por um tempo. Mais tarde, a vivência na graduação e o contato com IA mudaram completamente sua percepção sobre tecnologia.Mestrado: formação ou ego?Um dos momentos mais provocativos é quando Giulia, com bom humor, diz que vai fazer o doutorado apenas para ser chamada de "doutora". A frase ironiza a diferença entre motivações pessoais e valor de mercado, mostrando como muitas vezes os títulos acadêmicos não são reconhecidos na mesma medida fora do ambiente universitário.Tecnologia, corpo e bem-estarOutro ponto alto do episódio é a discussão sobre vida ativa e ergonomia. Giulia comenta como a prática de esportes sempre esteve presente na sua vida, inclusive durante a pandemia, quando encontrou na musculação uma nova forma de manter o corpo ativo. Essa relação com a saúde física se estende também ao cuidado com o ambiente de trabalho remoto, como o uso de mesas ajustáveis, cadeiras adequadas e pausas para alongamento.Conteúdo como ferramenta de representaçãoPor fim, o podcast entra em temas como a exposição nas redes, o impacto de haters e a responsabilidade (e o peso) de ser uma voz ativa por mais diversidade em tech. Giulia fala com franqueza sobre os ataques que já sofreu e sobre como isso só reforça a necessidade de continuar ocupando espaços.Para quem busca reflexões reais sobre tecnologia, formação e diversidade, este episódio é uma aula.O Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

Hoje a conversa foi com o Guilherme Oki, um verdadeiro veterano do SRE e Cloud, que já navegou por ambientes de infraestrutura em fintechs, jogos e agora está numa startup stealth (sim, aquele mistério que te deixa curioso até o final). Falamos de Kubernetes em large scale, desafios de rede, geodistribuição e aquele eterno dilema do multi-cloud: usar ou fugir?Exploramos desde o que realmente significa trabalhar em "grande escala" (não, seu EKS com 10 nodes não conta), até questões mais cabeludas como Federation, eBPF, Cilium, e como lidar com as dores reais da escalabilidade em ambientes críticos.Tudo isso com uma pegada técnica, sem perder o bom humor. Cola com a gente nesse episódio que está simplesmente imperdível para quem vive ou quer viver no mundo de Kubernetes e infraestrutura moderna.Capítulos principais do episódio:00:00 - Abertura03:00 - O que é grande escala07:30 - Geodistribuição11:00 - Multi-cloud vale a pena?14:40 - Desafios de rede19:30 - Federation de clusters24:10 - Cilium e eBPF30:00 - Infra para jogos34:20 - Padronização em escala38:10 - Limites do Kubernetes42:00 - Controle com Cilium46:30 - Bugs e UDP50:40 - Gerenciado vs autonomiaLinks Importantes:- Guilherme Oki - https://www.linkedin.com/in/guilherme-oki-1a649b115/- João Brito - https://www.linkedin.com/in/juniorjbnParticipe de nosso programa de acesso antecipado e tenha um ambiente mais seguro em instantes!https://getup.io/zerocveO Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

In this episode, recorded live at DevWorld 2025 in Amsterdam, we sit down with Dave McAllister, Senior Open Source Technologist at NGINX, for a fast-paced, thought-provoking—and surprisingly funny—conversation about observability, statistics, and Kubernetes traffic management.Dave takes us on a journey through the real meaning behind metrics like mean, median, and mode, and explains why so many DevOps teams misread their alerts and dashboards. Using eye-opening anecdotes (yes, including one about beer sales and marriage licenses), he breaks down the danger of acting on misleading correlations and why using the wrong statistical model can lead to chaos.We also dive deep into the future of Ingress versus the Gateway API, the evolution of NGINX's role in Kubernetes environments, and what makes some tools “just good enough” while others aim for performance and reliability at scale.Expect insights on everything from Poisson distributions to eBPF, all wrapped in Dave's sharp storytelling style and decades of open source experience.Stuur ons een bericht.Support the showLike and subscribe! It helps out a lot.You can also find us on:De Nederlandse Kubernetes Podcast - YouTubeNederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTokDe Nederlandse Kubernetes PodcastWhere can you meet us:EventsThis Podcast is powered by:ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

Today on The Business of Open Source I spoke with Liz Rice, Chief Open Source Officer at Isovalent, which is now part of Cisco. We addressed two subjects: How to be successful as a company that donates their project to the CNCF, and the story of Isovalent's acquisition by Cisco and the role open source played in that acquisition. We talked about: Trademarks. This is a very important part of what you donate when you donate a project to the CNCF (or other foundations). We talked about what you can and can not do with the name and logo of “your” project when it becomes part of the CNCF, and what that means for the competitive landscape you're a part of. How to best take advantage of the marketing benefits that being part of the CNCF brings. How to create a link between the CNCF project and the company that donated it. The role that Cilium and eBPF played in Isovalent's acquisition by Cisco. Why Isovalent's relationship with open source is valuable to Cisco in and of itself. How open source companies can increase the likelihood that they'll be able to continue investing in open source post-acquisition. Why it's so important to find opportunities for collaboration. Want help making the link between your CNCF project and your commercial product? You might want to work with me. 

В новом выпуске Виктор побеседовал с ключевыми лицами конференции DevOpsConf, которая через неделю отмечает 10 лет.  В выпуске мы поговорили с cовладелецемгенеральным директором компании «Флант» Александром Титовым и  CTO @ Flocktory Дмитрием Зайцевым о истории конференции, современных трендах в докладах и мире IT в целом. И конечно затронули такие трендовые темы как eBPF :)  ССЫЛКИ

Tyler Flint, CEO of qpoint.io, joins host Robert Blumen for a conversation about managing external vendor dependencies, including several best practices for adoption. They start with a look at internal versus external services, including details such as the footprint of external services within a micro-services application, and difficulties organizations have tracking their service consumption, quantifying service consumption, and auditing external services. Tyler also discusses the security implications of external services, including authentication and authorization. They examine metrics and monitoring, with recommendations on the key metrics to collect, as well as acceptable error rates for external services. From there they consider what can go wrong, how to respond to external service outages, and challenges related to testing external services. The episode wraps up with a discussion of qPoint's migration from a proxy-based solution to one based on eBPF kernel probes. Brought to you by IEEE Computer Society and IEEE Software magazine.

We have stories to share, guests joining us, insights from our week at Planet Nix, and Brent's big bombshell.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. River: River is the most trusted place in the U.S. for individuals and businesses to buy, sell, send, and receive Bitcoin. Support LINUX UnpluggedLinks:

The GeekNarrator memberships can be joined here: https://www.youtube.com/channel/UC_mGuY4g0mggeUGM6V1osdA/joinMembership will get you access to member only videos, exclusive notes and monthly 1:1 with me. Here you can see all the member only videos: https://www.youtube.com/playlist?list=UUMO_mGuY4g0mggeUGM6V1osdA------------------------------------------------------------------------------------------------------------------------------------------------------------------About this episode: ------------------------------------------------------------------------------------------------------------------------------------------------------------------In this episode, Kaivalya Apte and Frederic Branczyk talk about observability, focusing on continuous profiling and the role of eBPF. They discuss the evolution of profiling techniques, the importance of systematic data collection, and the challenges faced in maintaining low overhead while gathering detailed performance metrics.Frederic shares insights from his extensive experience with Prometheus and Kubernetes, emphasizing the transformative impact of continuous profiling on software performance optimization. This conversation delves into the intricacies of eBPF (Extended Berkeley Packet Filter) and its applications in profiling and performance analysis. The discussion covers the capabilities of eBPF in extending the kernel safely, the mechanisms of user space profiling, and the handling of process terminations. It also explores memory and network profiling techniques, the challenges of profiling in different programming environments, and the limitations of eBPF in certain use cases. The conversation concludes with valuable resources for those interested in learning more about eBPF and profiling techniques.Chapters:00:00 Introduction to Observability and Profiling01:17 Frederic's Background and Expertise02:11 The Importance of Continuous Profiling06:46 The Value of Continuous Profiling11:20 Understanding Profiling Data19:09 Data Structures and Performance in Profiling32:35 The Role of eBPF in Profiling42:48 Introduction to eBPF and Its Capabilities48:32 User Space Profiling and Memory Management51:39 Handling Process Termination and Agent Recovery55:27 Memory and Network Profiling Techniques01:01:33 Profiling in Different Programming Environments01:11:47 Use Cases and Limitations of eBPF in Profiling01:13:54 Resources for Learning eBPF and Profiling Techniques------------------------------------------------------------------------------------------------------------------------------------------------------------------Like building real stuff?------------------------------------------------------------------------------------------------------------------------------------------------------------------Try out CodeCrafters and build amazing real world systems like Redis, Kafka, Sqlite. Use the link below to signup and get 40% off on paid subscription.https://app.codecrafters.io/join?via=geeknarrator------------------------------------------------------------------------------------------------------------------------------------------------------------------Link to other playlists. LIKE, SHARE and SUBSCRIBE------------------------------------------------------------------------------------------------------------------------------------------------------------------Database internals series: https://youtu.be/yV_Zp0Mi3xsPopular playlists:Realtime streaming systems: https://www.youtube.com/playlist?list=PLL7QpTxsA4se-mAKKoVOs3VcaP71X_LA-Software Engineering: https://www.youtube.com/playlist?list=PLL7QpTxsA4sf6By03bot5BhKoMgxDUU17Distributed systems and databases: https://www.youtube.com/playlist?list=PLL7QpTxsA4sfLDUnjBJXJGFhhz94jDd_dModern databases: https://www.youtube.com/playlist?list=PLL7QpTxsA4scSeZAsCUXijtnfW5ARlrsNStay Curios! Keep Learning!

We are digging into a superpower inside your Linux Kernel. How eBPF works, and how anyone can take advantage of it.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. River: River is the most trusted place in the U.S. for individuals and businesses to buy, sell, send, and receive Bitcoin. Support LINUX UnpluggedLinks:

Hi, Spring fans! In this installment I talk to Johannes Bechberger, Java engineer working on profilers and their underlying technology in the SapMachine team at SAP. His work today comprises many open-source contributions and his blog, where he regularly writes on in-depth profiling and debugging topics. He also works on hello-ebpf, the first eBPF library for Java.

News includes the announcement of PythonX for Python interoperability in Elixir, groundbreaking academic work on compiling Elixir to eBPF for Linux kernel-level operations, and exciting AI-powered Phoenix application demos from Chris McCord. We also dive into the current state of the Elixir job market, discussing the shift away from remote work and the challenges facing junior and mid-level developers, sharing practical tips for job seekers in today's market. Other topics include the announcement of Goatmire conference tickets, new developments in the Nx ecosystem, and more! Show Notes online - http://podcast.thinkingelixir.com/243 (http://podcast.thinkingelixir.com/243) Elixir Community News https://gigalixir.com/thinking (https://gigalixir.com/thinking?utm_source=thinkingelixir&utm_medium=shownotes) – Visit Gigalixir.com to sign up and get 20% off your first year. Or use the promo code "Thinking" during signup. https://hexdocs.pm/pythonx/Pythonx.html (https://hexdocs.pm/pythonx/Pythonx.html?utm_source=thinkingelixir&utm_medium=shownotes) – Documentation for PythonX, a new library for Python interoperability in Elixir https://github.com/livebook-dev/pythonx (https://github.com/livebook-dev/pythonx?utm_source=thinkingelixir&utm_medium=shownotes) – PythonX GitHub repository https://dashbit.co/blog/running-python-in-elixir-its-fine (https://dashbit.co/blog/running-python-in-elixir-its-fine?utm_source=thinkingelixir&utm_medium=shownotes) – Blog post explaining Python integration in Elixir https://samrat.me/running-ml-models-in-elixir-using-pythonx/ (https://samrat.me/running-ml-models-in-elixir-using-pythonx/?utm_source=thinkingelixir&utm_medium=shownotes) – Guide on running ML models using PythonX https://bsky.app/profile/josevalim.bsky.social/post/3liyrfvlth22c (https://bsky.app/profile/josevalim.bsky.social/post/3liyrfvlth22c?utm_source=thinkingelixir&utm_medium=shownotes) – José Valim announces focus on interoperability for 2025 https://github.com/elixir-nx/fine (https://github.com/elixir-nx/fine?utm_source=thinkingelixir&utm_medium=shownotes) – Fine, a new C++ and Elixir library for more ergonomic NIFs in Elixir https://www.youtube.com/watch?v=CoFNns01VjA (https://www.youtube.com/watch?v=CoFNns01VjA?utm_source=thinkingelixir&utm_medium=shownotes) – Video presentation about compiling Elixir to eBPF https://homepages.dcc.ufmg.br/~fernando/publications/papers/CGO25_Kael.pdf (https://homepages.dcc.ufmg.br/~fernando/publications/papers/CGO25_Kael.pdf?utm_source=thinkingelixir&utm_medium=shownotes) – Academic paper on compiling Elixir to eBPF https://github.com/lac-dcc/honey-potion (https://github.com/lac-dcc/honey-potion?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir package for eBPF compilation https://x.com/chris_mccord/status/1892957017825771848 (https://x.com/chris_mccord/status/1892957017825771848?utm_source=thinkingelixir&utm_medium=shownotes) – Chris McCord demos AI-powered Phoenix app creation https://x.com/chris_mccord/status/1894229609945710798 (https://x.com/chris_mccord/status/1894229609945710798?utm_source=thinkingelixir&utm_medium=shownotes) – Demo of Claude 3.7 generating a themed Phoenix blog with authentication https://bsky.app/profile/lawik.bsky.social/post/3liym6ggrn62p (https://bsky.app/profile/lawik.bsky.social/post/3liym6ggrn62p?utm_source=thinkingelixir&utm_medium=shownotes) – Goatmire conference announcement https://goatmire.com/#tickets (https://goatmire.com/#tickets?utm_source=thinkingelixir&utm_medium=shownotes) – Goatmire conference tickets on sale for September 10-12, 2025 in Varberg, Sweden Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Guest Information - https://www.linkedin.com/in/kimberly-erni/ (https://www.linkedin.com/in/kimberly-erni/?utm_source=thinkingelixir&utm_medium=shownotes) – Kimberly Erni on LinkedIn Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

Bret and Nirmal reunite for their traditional annual Holiday Special episode of breaking down the most significant developments in cloud native from 2024 and sharing predictions for 2025.

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.ptcpdump is an eBPF-based version of tcpdump that adds process information to each packet. It supports filtering by process ID, process name, container ID, and Kubernetes pod name. In a recent implementation, Target's cybersecurity team adopted TLSH (Trend Micro Locality Sensitive Hash) to improve their malware detection capabilities. Huntress recently issued a threat advisory regarding active exploitation of a zero-day vulnerability affecting Cleo's file transfer software, specifically impacting LexiCom, VLTrader, and Harmony versions up to 5.8.0.21. Sublime Security recently analyzed a phishing campaign that impersonates Microsoft SharePoint to deliver the XLoader malware.Palo Alto Networks' Unit 42 team has uncovered a new packer-as-a-service (PaaS) operation named HeartCrypt, which has been active since July 2023 and began sales in February 2024. HeartCrypt is designed to obfuscate malware, making detection by security solutions more challenging.

In this episode, recorded at Kubecon NA in Salt Lake City, we spoke about about Kubernetes security with Shauli Rozen, co-founder and CEO of ARMO Security. From the challenges of runtime protection to the potential of CADR (Cloud Application Detection and Response), Shauli breaks down the gaps in traditional CSPM tools and how Kubernetes plays a central role in cloud security strategy. The episode gets into the "Four C's" of cloud security: Cloud, Cluster, Container, Code, why runtime data, powered by eBPF, is critical for modern security solutions, the rise of CADR and how Kubernetes is reshaping the landscape of DevOps and security collaboration. Guest Socials: Shauli's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (01:46) A bit about Shauli and ARMO (02:26) Bit about open source project Kubescape (03:59) What is Runtime Security in Kubernetes? (06:50) CDR and Application Security (08:57) What is ADR and CADR? (09:55) How is CADR different to ASPM + DAST? (12:18) Kubernetes Usage and eBPF (15:35) Does your CSPM do coverage for Kubernetes? (16:24) What to include in 2025 Cybersecurity Roadmap? (19:09) Does everyone need CADR? (21:35) Who is looking at the Kubernetes Security Logs? (23:17) The future of Kubernetes Security (25:26) The Fun Section

This week, Groundcover CEO and Co-Founder Shahar Azulay joins us to talk eBPF and what's next in observability.

W 58 odcinku podcastu #napodsluchu rozmawiamy z Łukaszem Bromirskim z Cisco Systems, który przybliża nam to, jak zmienił się świat firewalli w ostatnich latach. Rozmawiamy o: * Co zastępuje stare firewalle pakietowe, stanowe, IPS-y i sandboksy? * Czy uczenie maszynowe (AI) ma sens jeśli chodzi o filtrację ruchu sieciowego? * Czy da się wykryć złośliwy ruch patrząc jedynie na ruch zaszyfrowany?* Czy sztuczna inteligencja zastąpi administratorów?* Czym jest Hypershield i eBPF? * Co i w jakiej kolejności wymieniać w swojej infrastrukturze na "nowszy model"?

Despite decades of mitigation efforts, SYN flooding attacks continue to increase in frequency and scale, and adaptive adversaries continue to evolve. In this talk, I will briefly introduce some background on the SYN flooding attack, existing defenses via SYN cookies and challenges to scale them to very high line rate (100Gbps+), and then present our latest work SmartCookie (USENIX Security '24). SmartCookie's innovative split-proxy defense design leverages high-speed programmable switches for fast and secure SYN cookie generation and verification, while implementing a server-side agent using eBPF to enable scalability for serving benign traffic. SmartCookie can defend against attack rate up to 130+ million packet per second with no packet loss, while also achieving 2x-6.5x lower end-to-end latency for benign traffic compared to existing switch-based hardware defenses. About the speaker: Xiaoqi Chen recently joined as an assistant professor at the School of Electrical and Computer Engineering, Purdue University. His research focuses on utilizing algorithm design for high-speed network data planes to improve network measurement and telemetry, implement closed-loop optimization for intelligent resource allocation and congestion control, as well as to enable novel approaches for enhancing network security and privacy.

Guest: Daniel Shechter, Co-Founder and CEO at Miggo Security Topics: Why do we need Application Detection and Response (ADR)? BTW, how do you define it? Isn't ADR a subset of CDR (for cloud)?  What is the key difference that sets ADR apart from traditional EDR and CDR tools? Why can't I just send my application data - or eBPF traces - to my SIEM and achieve the goals of ADR that way? We had RASP and it failed due to instrumentation complexities. How does an ADR solution address these challenges and make it easier for security teams to adopt and implement? What are the key inputs into an ADR tool? Can you explain how your ADR correlates cloud, container, and application contexts to provide a better  view of threats? Could you share real-world examples of types of badness solved for users? How would ADR work with other application security technologies like DAST/SAST, WAF and ASPM? What are your thoughts on the evolution of ADR? Resources: EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud EP143 Cloud Security Remediation: The Biggest Headache? Miggo research re: vulnerability ALBeast “WhatDR or What Detection Domain Needs Its Own Tools?” blog “Making Sense of the Application Security Product Market” blog “Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem“ book

Bret and Nirmal are joined by Chris Kühl and Jose Blanquicet, the maintainers of Inspektor Gadget, the new eBPF-focused multitool, to see what it's all about.Inspektor Gadget, aims to solve some serious problems with managing Linux kernel-level tools via Kubernetes. Each security, troubleshooting, or observability utility is packaged in an OCI image and deployed to Kubernetes (and now Linux directly) via the Inspektor Gadget CLI and framework.Be sure to check out the live recording of the complete show from September 12, 2024 on YouTube (Stream 277).★Topics★Inspektor Gadget websiteInspektor Gadget DocsGitHub RepositoryCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host Chris Kühl - Guest Jose Blanquicet - Guest (00:00) - Intro (01:33) - Why Inspektor Gadget? (05:49) - Who is Inspektor Gadget For? (21:07) - Windows Nodes Support (22:15) - Stress Testing and OOM (26:50) - Ensuring Safe Use of eBPF Tools (32:42) - Future Roadmap and Platform Support (36:17) - Getting Started with Inspektor Gadget You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

In this episode, we dive deep into a recent and highly sophisticated SSH intrusion attack that was discovered in the Linux kernel. We'll discuss how the attackers were able to inject a backdoor into a critical compression library, leveraging social engineering tactics to become a trusted maintainer over several years. The attack was designed to bypass security checks and evade detection, even from advanced techniques like eBPF monitoring. We'll explore the technical details of how the backdoor was triggered, the potential impact on various Linux distributions, and the broader implications for software supply chain security. This incident highlights the challenges of maintaining trust in open-source projects and the need for robust security measures to protect critical infrastructure. Join us as we unpack this fascinating case and consider the lessons it holds for the future of secure software development.

Episode #467 consacré à Kubescape Avec Matthias Bertschy Références:  – Repo github de Kubescape: https://github.com/kubescape/kubescape/– Site de la CNCF avec tous les projets: https://landscape.cncf.io/– Admission Controller utilisant CEL:https://kubernetes.io/docs/reference/access-authn-authz/validating-admission-policy/– Site officiel de eBPF: https://ebpf.io/ Note: l'Admission Controller avec CEL est stable depuis la version 1.30 (et pas 1.31). The post Kubescape appeared first on NoLimitSecu.

Bret is joined by Shahar Azulay, Groundcover CEO and Co-Founder, to discuss their new approach to fully observe K8s and its workloads with a "hybrid observability architecture."Groundcover is a new, cloud-native, eBPF-based platform that designed a new model for how observability solutions are architected and priced. It is a product that can drastically reduce your monitoring, logging, and tracing costs and complexity, it stores all its data in your clusters and only needs one agent per host for full observability and APM. We dig into the deployment, architecture, and how it all works under the hood.Be sure to check out the live recording of the complete show from June 27, 2024 on YouTube (Stream 272). Includes demos.★Topics★Groundcover Discord ChannelGroundcover Repository in GitHubGroundcover YouTube ChannelJoin the Groundcover SlackCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Shahar Azulay - Guest (00:00) - Intro (03:16) - Shahar's Background and GroundCover's Origin (06:34) - Where Did the Hybrid Idea Come From? (12:11) - GroundCover's Deployment Model (18:21) - Monitoring More than Kubernetes (20:32) - eBPF from the Ground Up (23:58) - How Does Groundcover read eBPF Logs? (32:06) - GroundCover's Stack and Compatibility (36:18) - The Importance of PromQL (37:41) - Groundcover Also OnPrem and Managed (49:35) - Getting Started with Groundcover (52:15) - Groundcover Caretta (54:55) - What's Next for Groundcover? You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Brendan Gregg details how eBPF can help us have no more blue Fridays, Misty De Meo thinks GitHub is starting to feel like legacy software, Gavin D. Howard does not want Rust to be used for everything, The Notion team published a deep dive into how they used the WASM version of SQLite to improve browser performance & Gregor Ojstersek writes up how to build good relationships inside and outside your engineering teams.

Brendan Gregg details how eBPF can help us have no more blue Fridays, Misty De Meo thinks GitHub is starting to feel like legacy software, Gavin D. Howard does not want Rust to be used for everything, The Notion team published a deep dive into how they used the WASM version of SQLite to improve browser performance & Gregor Ojstersek writes up how to build good relationships inside and outside your engineering teams.

Brendan Gregg details how eBPF can help us have no more blue Fridays, Misty De Meo thinks GitHub is starting to feel like legacy software, Gavin D. Howard does not want Rust to be used for everything, The Notion team published a deep dive into how they used the WASM version of SQLite to improve browser performance & Gregor Ojstersek writes up how to build good relationships inside and outside your engineering teams.

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 4, 2023. Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole new generation of infrastructure tools for networking, observability, and security. Let's explore eBPF and understand its value for security, and how it's used to secure network connectivity in the Cilium project, and for runtime security observability and enforcement in Cilium's sub-project, Tetragon. Segment Resources: Download "Learning eBPF": https://isovalent.com/learning-ebpf Buy "Learning eBPF" from Amazon: https://www.amazon.com/Learning-eBPF-Programming-Observability-Networking/dp/1098135121 Cilium project: https://cilium.io Tetragon project: https://tetragon.cilium.io/ Show Notes: https://securityweekly.com/vault-asw-11

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 4, 2023. Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole new generation of infrastructure tools for networking, observability, and security. Let's explore eBPF and understand its value for security, and how it's used to secure network connectivity in the Cilium project, and for runtime security observability and enforcement in Cilium's sub-project, Tetragon. Segment Resources: Download "Learning eBPF": https://isovalent.com/learning-ebpf Buy "Learning eBPF" from Amazon: https://www.amazon.com/Learning-eBPF-Programming-Observability-Networking/dp/1098135121 Cilium project: https://cilium.io Tetragon project: https://tetragon.cilium.io/ Show Notes: https://securityweekly.com/vault-asw-11

Check out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on April 4, 2023. Following on from her successful title "Container Security", Liz has recently authored "Learning eBPF", published by O'Reilly. eBPF is a revolutionary kernel technology that is enabling a whole new generation of infrastructure tools for networking, observability, and security. Let's explore eBPF and understand its value for security, and how it's used to secure network connectivity in the Cilium project, and for runtime security observability and enforcement in Cilium's sub-project, Tetragon. Segment Resources: Download "Learning eBPF": https://isovalent.com/learning-ebpf Buy "Learning eBPF" from Amazon: https://www.amazon.com/Learning-eBPF-Programming-Observability-Networking/dp/1098135121 Cilium project: https://cilium.io Tetragon project: https://tetragon.cilium.io/ Show Notes: https://securityweekly.com/vault-asw-11

In episode 11 of How It's Tested, Eden Full Goh sits down with Yechezkel Rabinovich of Groundcover to delve into the evolving landscape of observability. They explore the high costs of early observability measures and how Groundcover aims to make these processes more accessible and affordable. Yechezkel shares insights on eBPF, the rise of Flora, and the impact of using an open-source stack. Discover how Groundcover's innovative testing methods and commitment to metrics are reshaping engineering practices and what the future holds for this pioneering platform.

Infrastructure engineer and Kubernetes ingress-Nginx maintainer James Strong joins host Robert Blumen to discuss the Kubernetes networking layer. The discussion draws on content from Strong's book on the topic and covers a lot of ground, including: the Kubernetes network's use of different IP ranges than the host network; overlay network with its own IP ranges compared to using expanded portions of the host network ranges; adding routes with kernel extension points; programming kernel extension points with IP tables compared to eBPF; how routes are updated as the host network gains or loses nodes, the use of the Linux network namespace to isolate each pod; routing between pods on the same host; routing between pods across the host network; the container-network interface (CNI); the CNI ecosystem; differences between CNIs; choosing a CNI when running on a public cloud service; the Kubernetes service abstraction with a cluster-wide IP address; monitoring and telemetry of the Kubernetes network; and troubleshooting the Kubernetes network. Brought to you by IEEE Software magazine and IEEE Computer Society.

Ever wondered what it's like to attend one of the biggest cybersecurity conferences in the world? Join us as Tim shares his exhilarating experience at the RSA conference, a spectacle even grander than Cisco Live. This episode uncovers the latest innovations and trends in cybersecurity, from the importance of telemetry data collection to the buzz around Cisco's new HyperShield and the potential impact of eBPF technology. Plus, we delve into the subtle strategies of major players like Palo Alto opting for offsite engagements, providing a unique perspective on the evolving landscape of cybersecurity events.Have you ever thought about the implications of an AI company regulating its own safety practices? In this episode, we tackle the controversial formation of an internal safety team at OpenAI and what this means for the industry's future. We also break down the fierce competition between Microsoft and Google, pondering how new partnerships, like the one between Prosimo and Palo Alto Networks, are redefining zero trust in multi-cloud environments. The financial ripple effects of deploying distributed security models are discussed, comparing the strategies of industry stalwarts like Aviatrix and Alkira.AI-driven deepfake scams are on the rise and getting more sophisticated by the day. This episode highlights a recent case where employees at British engineering firm Arup were deceived into transferring substantial funds, spotlighting the urgent need to address these vulnerabilities. We also navigate the complexities of managing SaaS and network operations in challenging environments like China. From China Telecom's dominance to the strategic use of AliCloud, and the innovative moves by Alkira and ManageEngine, we cover practical insights that can help you stay ahead in this rapidly changing tech landscape. Don't miss this jam-packed episode filled with eye-opening discussions and invaluable information.Check out the Fortnightly Cloud Networking NewsVisit our website and subscribe: https://www.cables2clouds.com/Follow us on Twitter: https://twitter.com/cables2cloudsFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatjArt of Network Engineering (AONE): https://artofnetworkengineering.com

Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta, Co-Founder and CTO of RAD Security, to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world. We speak about the significance of behavioural baselining, the limitations of signature-based detection, the role of tools like eBPF in enhancing real-time security measures and the importance of proactive security measures and the need for a paradigm shift from reactive alert-based systems to a more silent and efficient operational model. Guest Socials:⁠ Jimmy's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (03:12) A bit about Jimmy Mesta (03:48) What is Cloud Native Security? (05:15) How is Cloud Native different to traditional approach? (07:37) What is eBPF? (09:12) Why should we care about eBPF? (11:51) Separating the signal from the noise (13:48) Challenges on moving to Cloud Native (15:58) Proactive Security in 2024 (17:02) Whose monitoring Cloud Native alerts? (23:10) Getting visibility into the complexities of Kubernetes (24:24) Skillsets and Resources for Kubernetes Security (27:54) The Fun Section Resources spoke about the during the interview: OWASP Kubernetes Top Ten

What if the future of cloud-native networking could revolutionize everything you thought you knew about Kubernetes? Join us on this episode of Cables 2 Clouds as we continue our "Cloud Demystified" series with a deep dive into Kubernetes networking. We're thrilled to have Nicolas Vibert, a seasoned pro from Isovalent with nearly two decades of experience at Cisco, VMware, and HashiCorp. Together, we explore the essentials of Kubernetes networking through the innovative lens of Cilium, a CNI specifically designed for cloud-native environments. Nico shares his unique journey of learning Kubernetes from a network engineer's perspective, emphasizing the critical role of hands-on experience and mentorship. We also discuss the creation of hands-on labs and educational materials tailored for network engineers. This segment is loaded with analogies to help traditional network professionals grasp key Kubernetes concepts with ease.Ever wondered how Kubernetes orchestrates its complex networking operations? We break down the intricacies of the Kubernetes control plane, likening it to traditional network engineering concepts for clarity. Discover the limitations of Kubernetes' default networking tool, kube-proxy, and why modern CNIs like Cilium offer a more efficient solution for large-scale deployments. Nico explains how Cilium leverages eBPF maps for effective traffic routing and load balancing within Kubernetes clusters. Tune in for invaluable insights into the evolving landscape of cloud-native networking solutions.Check out the Fortnightly Cloud Networking NewsVisit our website and subscribe: https://www.cables2clouds.com/Follow us on Twitter: https://twitter.com/cables2cloudsFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatjArt of Network Engineering (AONE): https://artofnetworkengineering.com

eBPF is a kernel technology enabling high-performance, low overhead tools for networking, security and observability. In simpler terms: eBPF makes the kernel programmable!Tune in to this episode whether you have never heard about eBPF, using eBPF based tools such as bcc, Cillium, Falco, Tetragon, Inspector Gadget ... or whether you are developing your own eBPF programs!Liz Rice, Chief Open Source Officer at Isovalent, kicks this episode off with a brief introduction of eBPF, explains how it works, which use cases it has enabled and why eBPF can truly give you super powers! In our conversation we dive deeper into the performance aspects of eBPF: how and why tools like Cillium outperforms classical network load balancers, how performance engineers can use it and how the Kernel internally handles eBPF extecutions.We discussed a lot of follow up material - here are all the relevant links:Liz's slide deck on "Unleashing the kernel with eBPF": https://speakerdeck.com/lizrice/unleashing-the-kernel-with-ebpfeBPF Documentary on YouTube: https://www.youtube.com/watch?v=Wb_vD3XZYOALearning eBPF GitHub repo accompanying her book: https://github.com/lizrice/learning-ebpf eBPF website: https://epbf.ioLiz on LinkedIn: https://www.linkedin.com/in/lizrice/ 

How is eBPF impacting Kubernetes Network Security? In this episode, recorded LIVE at Kubecon EU Paris 2024, Liz Rice, Chief Open Source Officer at Isovalent took us through the technical nuances of eBPF and its role in enabling dynamic, efficient network policies that go beyond traditional security measures. She also discusses Tetragon, the new subproject under Cilium, designed to enhance runtime security with deeper forensic capabilities. A great conversation for anyone involved in Kubernetes workload management, offering a peek into the future of cloud-native technologies and the evolving landscape of network security. Guest Socials: ⁠Liz's Linkedin⁠ Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp Questions asked: (00:00) Introduction (01:46) A bit about Liz Rice (02:11) What is eBPF and Cilium? (03:24) SC Linux vs eBPF (04:11) Business use case for Cilium (06:37) Cilium vs Cloud Managed Services (08:51) Why was there a need for Tetragon? (11:20) Business use case for Tetragon (11:32) Projects related to Multi-Cluster Deployment (12:45) Where can you learn more about eBPF and Tetragon (13:50) Hot Topics from Kubecon EU 2024 (15:07) The Fun Section (15:35) How has Kubecon changed over the years? Resources spoken about during the interview: Cilium Tetragon eBPF

Prepare to be wowed as we unveil the game-changing Cisco HyperShield, a marvel of Cisco's recent foray into eBPF enabled applications and distributed security architecture. Discover the power of this innovative tool, which has transformed the isovalent acquisition into a cornerstone of modern cybersecurity. In today's episode, we dissect the shadow data plane concept that Cisco has cleverly integrated, allowing for an ingenious blue-green deployment testing strategy that could redefine network protection. And hold onto your hats, because the integration of server DPUs and Cisco's smart switches in this equation is nothing short of a technological ballet, ensuring that your data remains secure during even the most harrowing of digital tempests.Venture further with us as we navigate the often tumultuous tech landscape, where the reemergence of management networks takes center stage, and the playful notion of "dad networks" conjures imagery of a new metadata frontier. The episode heats up with the drama of HashiCorp and OpenTofu's legal skirmish over code forking, a saga as enthralling as any courtroom thriller. On a lighter note, we cast a spotlight on Aviatrix's Network Insights API, a beacon of hope for cloud network visibility, and muse over its potential to play well with the likes of Prometheus and Datadog. This segment is like a masterclass in the latest advancements shaking up the network technology sphere.To cap off, we tackle the enigma of AI monetization, sympathizing with the plight of companies drowning in operational costs yet gasping for revenue. The tale of a billion-dollar valued company now caught in financial quicksand serves as a cautionary backdrop for our discussion. Additionally, we scrutinize the potent sway of product reviews through the lens of a high-profile YouTuber's takedown of an AI wearable, sparking debate and contemplation on the true power wielded by influencers. So, strap in for a roller-coaster ride of insights and revelations that promise to stir the pot of your technological curiosity.Previous Episode mentioning Humane AI:https://www.cables2clouds.com/2129055/13981452-ep-20-cloud-costs-and-values-for-leaders-with-eyvonne-sharpCheck out the Fortnightly Cloud Networking NewsVisit our website and subscribe: https://www.cables2clouds.com/Follow us on Twitter: https://twitter.com/cables2cloudsFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatjArt of Network Engineering (AONE): https://artofnetworkengineering.com

In this episode from KubeCon Paris 2024, we spoke to Loris Degioanni, Co-Founder and CTO of Sysdig about Open Source Project, Falco that celebrated its graduation this year at KubeconEU, Loris shared with us this proud moment and journey from writing the 1st lines of code to its critical role in protecting Kubernetes environments, and the future roadmap post-graduation. We spoke about the gap between traditional security measures and the dynamic needs of modern infrastructures. Guest Socials: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Loris's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp 00:00 Introduction 01:13 A bit about Loris 01:44 What does graduation mean for Falco? 02:58 What is Falco? 04:59 eBPF and Falco 06:01 Why eBPF is secure? 07:11 Runtime Security in Kubernetes 10:32 ROI for leaders for Runtime Security Tools 12:50 Preventative Security vs Runtime Security 14:08 Runtime Security in Modern Environments 16:42 Whats the Future for Falco? 18:31 The Fun Questions

Where there are containers, there is networking. Today we dig into the networking that underlies Kubernetes, the open source orchestration platform for container-based applications. Our guest Karim El Jamali takes us through the essential concepts: Nodes, pods, clusters, CNIs, virtual ethernet pairs, ingress controller, eBPF, and service meshes. As container-based applications grow in popularity, it's... Read more »

Where there are containers, there is networking. Today we dig into the networking that underlies Kubernetes, the open source orchestration platform for container-based applications. Our guest Karim El Jamali takes us through the essential concepts: Nodes, pods, clusters, CNIs, virtual ethernet pairs, ingress controller, eBPF, and service meshes. As container-based applications grow in popularity, it's... Read more »

Where there are containers, there is networking. Today we dig into the networking that underlies Kubernetes, the open source orchestration platform for container-based applications. Our guest Karim El Jamali takes us through the essential concepts: Nodes, pods, clusters, CNIs, virtual ethernet pairs, ingress controller, eBPF, and service meshes. As container-based applications grow in popularity, it's... Read more »

Guest is Bill Mulligan. Bill is Community Pollinator at Isovalent working on Cilium and eBPF. We learned how to properly pronounce Isovalent and what it actually means. We also spoke in depth about eBPF, Cilium, network function in Kubernetes and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week The Kubernetes legacy Linux package repositories are going away in January 2024 Kubernetes 1.29 is now available on GKE in the Rapid Channel The Vmware Tanzu Application Catalog is fully compliant with the SLSA Level 3 AWS extended support for Kubernetes minor versions pricing update The Kubernetes Contributor Summit Paris CFP is Open, closes Feb 4th KubeCon and CloudNativeCon EU 2024 co-located events agenda is live The Cloud Native Glossary is now available in French Blixt a new experimental LoadBalancer based on the Gateway API and eBPF Links from the interview Bill Mulligan: LinkedIn Twitter/X Covalent bonds on Wikipedia Isovalent Hybridization on Wikipedia Isovalent company site BPF - Berkeley Packet Filtering eBPF project site Fast by Friday: Why eBPF is Essential - Brendan Gregg GKE Dataplane V2 Cilium project site Hubble documentation Cilium Service Mesh Cilium annual report Cilium Certified Associate (CCA) CCA Study Guide from Isovalent on GitHub Istio Certified Associate (ICA) Certified Kubernetes Administrator (CKA) Certified Kubernetes Application Developer (CKAD) Kubernetes and Cloud Native Associate (KCNA) Resources to prepare for the CCA certification Isovalent library The World of Cilium Cisco acquired Isovalent Developing eBPF Apps in Java BGP in eBPF

This week’s Network Break examines why Cisco bought eBPF startup Isovalent (hint: it’s about cloud-native networking), why Broadcom is cranking up pressure on VMware resellers and customers (hint: it’s about money), and why Google Cloud is sort of dropping fees for customers who want to exit the cloud (hint: it’s about getting out ahead of... Read more »

I sat down with Gal Elbaz, the co-founder and CTO of Oligo Security, to discuss the vulnerabilities and challenges within open-source software. Gal Elbaz, renowned for his pivotal discovery of a critical vulnerability in an open source library used by Instagram, brings his extensive experience and knowledge to the forefront. He will discuss his journey from being a security researcher at Check Point to founding Oligo Security. This transition marks a significant shift from identifying vulnerabilities to developing robust solutions for open source security.   The episode also highlights Oligo Security's innovative approach to tackling the vulnerabilities in open source software. Special attention is given to their recent discovery, 'ShellTorch', a critical vulnerability within TorchServe, a component of the PyTorch ecosystem. This discovery is particularly noteworthy considering TorchServe's widespread use across major global corporations.   I learn how Oligo Security leverages eBPF-powered platforms to enable security teams to efficiently identify, prioritize, and respond to real and relevant threats in pre-deployment and post-deployment environments. This approach marks a significant departure from traditional methods that often overwhelm security teams with theoretical threats.