Loading…
October 11, 2021
Los Angeles, California + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.
Back To Schedule
Monday, October 11 • 11:40am - 11:50am
Generating seccomp policies with eBPF - Marga Manterola, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Seccomp is one of the security mechanisms that can be used in Kubernetes to restrict the system calls that a process running inside a container can execute. In order to use it, the user must define a seccomp profile with the list of allowed system calls. In many cases it’s not very easy to understand what the system calls a process could require are, especially if the user deploying the application is not its developer.
In this lightning talk Marga will present the Seccomp Policy Advisor, an eBPF-based tool that captures all the syscalls that a pod executes to suggest a seccomp profile. Marga will present a demonstration of this tool and will cover its implementation briefly and shows how it integrates with the Kubernetes Security Profiles Operator.
Speakers
avatar for Marga Manterola

Marga Manterola

Principal Engineering Manager, Microsoft
A Debian Developer and Open Source enthusiast, Marga has been working with Linux for over 15 years. She worked as an SRE at Google for almost 8 years, in the team maintaining the internal Linux distribution used by Google engineers. Then moved to Kinvolk, where she worked on various... Read More →

GeneratingSeccompPoliciesWitheBPF pdf
Monday October 11, 2021 11:40am - 11:50am PDT
Room 408 AB + Online
  Lightning Talk, Security with eBPF