Tetragon: Kubernetes Security Workshop with Copebit & AWS in Zurich
Join the team from Isovalent, Copebit & AWS for an instructor-led hands-on workshop on eBPF powered Kubernetes Security with Tetragon.
Register now!
- Tuesday, September 17
13:30 – 17:30 (meetup after)
AWS Switzerland Zurich OfficeMythenquai 10, 8002 Zürich, Switzerland
Meet us in Zurich to network and learn together about eBPF & Tetragon with the local community
Isovalent has joined forces with Copebit & AWS to organize a half-day workshop, where we will dive into presentations, demos, and hands-on labs around eBPF and Tetragon.
After the hard work is over, we’ll gather the local community for a meetup with plenty of drinks and bites to conclude the day on a high note and get to know each other. Sign up for the meetup here.
For this workshop you need to bring your own laptop.
Questions?
Please reach out to marketing@isovalent.com.
Agenda
- 13:30
Registration
- 14:00
Welcome and introduction by Copebit
- 14:30
Tetragon talk: “Adventures in the Kernel: Using eBPF and Tetragon for Runtime Metadata” by Isovalent
Come adventure in the kernel with eBPF programs. This talk looks at top use cases around eBPF and Tetragon, whereby sitting in the kernel offers interesting benefits for collecting, aggregating, and filtering security-significant data at near-zero overhead.
Learn how to associate process binary information up to the network traffic that it spawns, we also discuss network health metrics, file monitoring, and compliance attestation in cloud native environments. - 15:00
Networking break
- 15:30
Lab 1: Getting Started with eBPF
eBPF is the new standard to program Linux kernel capabilities in a safe and efficient manner without requiring to change kernel source code or loading kernel modules. It has enabled a new generation of high-performance tooling to be developed covering networking, security, and observability use cases.
This lab takes the opensnoop example out of the book and teaches you to handle an eBPF tool, watch it loading its components and even add your own tracing into the source eBPF code.
- 16:15
Networking break
- 16:45
Lab 2: Getting Started with Tetragon
Tetragon is an open source Security Observability and Runtime Enforcement tool from the makers of Cilium. It captures different process and network event types through a user-supplied configuration to enable security observability on arbitrary hook points in the kernel; then translates these events into actionable signals for a Security Team.
This lab takes the Real World Attack example out of the book and teaches you how to detect a container escape step by step!
- 17:30
Closing (meetup starts at 18:00)