Cilium Tetragon

Introducing Tetragon for eBPF-based Security Observability & Runtime Enforcement

Tetragon is the latest open source project from the Cilium community. It enables incredibly deep visibility with filtering and aggregation directly built into the eBPF collector to deliver visibility at depth with minimal overhead.

Watch the recording now!

Cilium Tetragon

A Tetragon deep dive with Thomas Graf and John Fastabend on:

  • Automatic detection of namespace, capabilities, and privilege escalation with real-time enforcement
  • Using the amazing Tetragon CLI to inspect system, application, and network behavior
  • Hubble & Timescape integration for a graphical representation with historic context to run forensics and incident analysis use cases


Related Content

Getting Started with Tetragon

Security Observability is a new paradigm that utilizes eBPF, a Linux kernel technology, to allow Security and DevOps teams, SREs, Cloud Engineers, and Solution Architects to gain real-time visibility into Kubernetes and helps to secure your production environment with Tetragon. Tetragon is an open source Security Observability and Runtime Enforcement tool from the makers of Cilium. It captures different process and network event types through a user-supplied configuration to enable security observability on arbitrary hook points in the kernel; then translates these events into actionable signals for a Security Team. The best way to learn about Security Observability and Cilium Tetragon is to read the book “Security Observability with eBPF” by Jed Salazar and Natalia Reka Ivanko. And the best way to have your first experience with Tetragon is to walk through this lab, which takes the Real World Attack example out of the book and teaches you how to detect a container escape step by step!

Tetragon – eBPF-based Security Observability & Runtime Enforcement

Introduction to Tetragon - eBPF-based Security Observability & Runtime Enforcement

Can I Use Tetragon without Cilium? Yes!

Can you use Tetragon without Cilium? Yes you can! Learn how in this tutorial based walkthrough, get up & running in your environment today!

Can I Use Tetragon without Cilium? Yes!
Dean Lewis