Security Observability with eBPF

Kubernetes has become the de facto cloud operating system, making it a rich target for both passive and direct attackers. In fact, the largest concern most organizations have with Kubernetes is securing their production environments. Kubernetes does not offer a default observability or a security configuration to discern if your pods or clusters have been attacked or compromised.

We have been working on Security Observability at Isovalent when we decided to collaborate with O’Reilly to author a book that gives an overview on how to secure your Kubernetes environment. Using the new eBPF security observability paradigm, security and DevOps teams, SREs, cloud engineers, and solution architects will gain real-time visibility into Kubernetes security. In this book, we also cover how eBPF provides historical and current metrics to help you track improvements and degradations over time.

This report will help you:

• Learn how pre-cloud network security and threat detection changed with the arrival of Kubernetes—and how you can finally solve them with eBPF
• Examine the core security observability events you should monitor, and which events translate into actionable signals for your security team
• Develop prevention policies to block attacks at different stages, rather than retroactively detecting them
• Learn how eBPF creates an improved prevention policy and framework over traditional security tools

Click here to download the book! And if you are attending KubeCon Europe 2022 in Valencia, Spain, come by our Isovalent booth S21 to pick up your copy!

We’d love to hear your thoughts on the book (and feedback, if you have some for us). Find us in the Cilium and eBPF slack!