Explore the intricacies of eBPF and its role in ensuring runtime cloud security with Austin Gadient, Vali Cyber’s CTO and Co-Founder, at his SANS Hackfest presentation titled “A Compendium of Exploits and Bypasses for eBPF-based Cloud Security”.
In this presentation you’ll discover…
- The weaknesses in eBPF-based cloud security solutions
- Techniques that may be used to bypass eBPF defenses such as: resource consumption attacks, memory map exploits, vulnerabilities in the eBPF verifier, time of check-time of use exploits, and agent tampering.
- Possible mitigations for these vulnerabilities.
Example C++ code and Bash scripts for each technique are provided to enhance the experience, allowing viewers to experiment on their own. All code examples are open source and readily available for download.