October 11, 2021
Los Angeles, California + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.
Monday, October 11 • 11:10am - 11:40am
LSM BPF Change Everything - Leonardo Di Donato, Elastic & KP Singh, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Much is being said on security recently. Almost as much was said about tracing the syscalls happening in the Linux Kernel with BPF. Aside from all the buzz, we need to appraise some gaps in the current narrative. We need to fill in the gaps in the actual syscall execution flow to avoid attackers using them. Here enters the game the general security hooks for Linux, namely LSMs, and their integration with BPF. LSMs via BPF will change everything. They're still relatively unexplored, so this talk aims at giving a pragmatic overview of LSMs via BPF. Join me to discover why I believe their integration with BPF is paramount in the security context and how to effectively use them.

avatar for Leonardo Di Donato

Leonardo Di Donato

Senior Software Engineer
Leo is an Open Source Senior Software Engineer with a fondness for Security, eBPF, and Linux in general. He loves to mix such low-level concepts with Kubernetes and Cloud Native stuff. He's a core maintainer of Falco, the CNCF tool for Runtime Security, focusing on its low-level tech... Read More →
avatar for KP Singh

KP Singh

Staff Software Engineer, Google
KP Singh is the author and maintainer of the mainline eBPF LSM (a.k.a KRSI) for flexible security audit and policy enforcement on Linux. At Google, he leads the effort to build telemetry and detection software deployed on Google's corp, prod and cloud endpoints spanning different... Read More →

Monday October 11, 2021 11:10am - 11:40am PDT
Room 408 AB + Online