Tetragon 1.0: Kubernetes Security Observability & Runtime Enforcement with eBPF
Tetragon 1.0 - What is new? Performance overhead benchmarks, default observability policies, kubectl exec monitoring, and much more!
Video
Tetragon 1.0 has Landed: What’s New and Exciting in Kubernetes Security?
Cilium Tetragon has reached the 1.0 milestone with production ready Kubernetes-aware security observability and runtime enforcement – all powered by eBPF.
In this video join Cilium’s creator Thomas Graf and Security Product Manager Natalia Reka Ivanko as we explore the technical differentiators behind Tetragon, real-world use cases, overhead benchmarks and how it simplifies highly scaled Kubernetes security.
Tetragon 1.0 has arrived!
Join this introduction to Tetragon, a walkthrough of the amazing CLI, and opportunity to ask any questions with Isovalent’s Thomas Graf and Natalia Reka Ivanko.
Watch video to learn:
- How Tetragon uses lightweight eBPF programs for in-kernel collection and event filtering.
- Why Kubernetes awareness is fundamental to cloud native security, and how Tetragon correlates K8s identities with runtime metadata.
- What are the first use cases you should try with Tetragon, tracing kubectl exec, escalated privileges, file monitoring, and network events.
Speakers
Do you have any questions?Contact us
Related Content
Getting Started with Tetragon
Security Observability is a new paradigm that utilizes eBPF, a Linux kernel technology, to allow Security and DevOps teams, SREs, Cloud Engineers, and Solution Architects to gain real-time visibility into Kubernetes and helps to secure your production environment with Tetragon. Tetragon is an open source Security Observability and Runtime Enforcement tool from the makers of Cilium. It captures different process and network event types through a user-supplied configuration to enable security observability on arbitrary hook points in the kernel; then translates these events into actionable signals for a Security Team. The best way to learn about Security Observability and Cilium Tetragon is to read the book “Security Observability with eBPF” by Jed Salazar and Natalia Reka Ivanko. And the best way to have your first experience with Tetragon is to walk through this lab, which takes the Real World Attack example out of the book and teaches you how to detect a container escape step by step!
Tutorial: Setting Up a Cybersecurity Honeypot with Tetragon to Trigger Canary Tokens
Learn how to trigger Canary Tokens with Tetragon Tracing Policies.
