☁️ 🐘 Learn how to manage complex cloud environments with #Coroot Co-Founder Peter Zaitsev’s keynote at @p2d2! https://p2d2.cz/en/
Join January 28th, 15:35–16:25 (GMT+1) to sharpen your cloud-native #postgres observability with topics such as #eBPF and automatic discovery mechanisms for High Availability postgres clusters.
#softwarelibre #opensource #freesoftware #DevOps #SRE #kubernetes #observability #cloud #databases #postgreSQL #highavailability
Cisco Live Protect is powered by Tetragon #eBPF https://www.cisco.com/site/us/en/products/networking/cloud-networking/nexus-platform/live-protect/index.html
As it is my last week at Cisco Isovalent, glad to see early experiments of kernel CVEs/Exploits protections (patching) using #eBPF becoming real Products: Tetragon CVEs Mitigations and Cisco Live Protect! thanks to all Tetragon team!
https://isovalent.com/blog/post/isovalent-runtime-security-118/#cve-mitigation
RustNet v0.17.0 released 🎉
What's New:
- Landlock sandbox & capability dropping (Linux security)
- eBPF thread-to-process name resolution
- New CLI options: --no-sandbox, --sandbox-strict
- Platform code reorganization
Installation:
Fedora/RHEL: COPR | Ubuntu: PPA | Arch: AUR
macOS: Homebrew | Windows: Chocolatey | FreeBSD: pkg
🔗 https://github.com/domcyrus/rustnet/releases/tag/v0.17.0
#RustLang #Rust #Linux #Networking #OpenSource #Terminal #TUI #Security #eBPF #landlock
Мониторинг в Linux на уровне ядра. Краткое практическое введение в eBPF+Cilium
Добрый день, всем читающим данную статью. Недавно эксперементируя с eBPF для разработки нового функционала своей EDR для linux-серверов , я столкнулся с огромной проблемой: на просторах интернета есть огромный пласт статей по теории работы с eBPF, однако кратких практических статей как работать с BPF мной найдено не было. Если быть более точным, то такие статьи есть, однако, они не дают понимания функционала. В общем, в данной статье хотелось бы написать краткий гайд по работе с eBPF с уклоном в практику
https://habr.com/ru/articles/972602/
#eBPF #bpf #go #edr #разработка #мониторинг #трассировка #ядро #ядро_linux #linux
Kprobes и где они обитают
Про eBPF уже сказано и написано достаточно много, поэтому я хочу сделать следующий шаг и чуть глубже рассмотреть практические аспекты работы c таким механизмом, как kprobe , который позволяет использовать функции ядра Linux для динамического запуска пользовательского кода. Статья поможет ответить на вопросы: - Как понять, какую функцию ядра выбрать для использования с механизмом kprobe? - С чего начать ее поиск? - Какими инструментами пользоваться? kprobe — это, по сути, ловушка, или брейкпоинт, который можно установить почти в любом месте кода ядра Linux.
https://habr.com/ru/companies/pt/articles/972442/
#ebpf #kprobes #linux #linux_kernel #container_security #контейнеризация #tetragon #ftrace #bpftrace #open_source
This is what I did for the
eBPF Summit: Hackathon Edition 2025
Caetra uses eBPF (extended Berkeley Packet Filters) to try secure a Linux machine against physical threats, or at least be aware about a potential attack, monitoring kernel kprobes related with hardware interactions. It uses BPF Compiler Collection BCC to do the kernel tracing and manipulation program.
In order to notify the user or cybersecurity team uses @ThinkstCanary and/or TelegramBot.
December again. Christmas is getting near, winter is coming*, and... The call for proposals for the eBPF Devroom at FOSDEM'26 is about to close. Today is your last chance to submit! If you have things to say about eBPF, send an abstract ⚙️ 🐝
https://ebpf.io/fosdem-2026.html
* Subject to availability in your hemisphere
Yesterday I discovered #eBPF while searching for a way to more directly monitor #Linux processes.
It let's you write sandboxed programs that are ran directly by a runtime in the kernel, with all of the power that entails.
I spent ~22 hours straight tinkering with it, it is fascinating, the documentation is a bit obtuse but the API isn't that hard to use.
I won't use it for anything right now but I want to think of some little project to test it in the near future.
☀️The deeply detailed talk from ulexec and secoalba from @inversive_xyz about reverse engineering #Solana #eBPF binaries with #radare2 was built on top of several improvements for the elf bin parser and the architecture support for the 64bit #BPF.
All that stuff was also included in the last r2-6.0.6 release:
- esil emulation of bytecode
- pseudo decompilation
- AI-based disassembly
- bpf-specific elf relocs
- bpf-specific analysis plugin to extract strings
- document every bpf instruction
- support multiple "cpu" models
- binary patching and assembling BPF instructions
Cook some popcorns and take notes because their presentation was really detailed! Worth watching!
🎥 https://www.youtube.com/watch?v=IAt-HgKPN88
✂️ ☁️ Gartner estimates companies overspend on cloud services by up to 70%. Sound about right? Learn how to use the #opensource tool #Coroot to gain an in-depth understanding of your bill and cut costs: https://coroot.com/blog/how-to-reduce-your-cloud-costs-with-coroot/
Get visibility into per-application costs, idle and underutilized resources, over-provisioned apps, and cross-AZ and egress traffic.
#observability #DevOps #cloud #SRE #tech #AI #softwarelibre #opensource #monitoring #tech #Linux #eBPF #AWS #GCP #Azure
Did you know that you can call helper function bpf_for_each_map_elem() in eBPF programs to run a callback function on all elements in a map?
... If you did, please consider submitting a talk about your eBPF-related work to the FOSDEM Devroom! Send your abstract by Monday, 1st December ⚙️ 🐝
https://ebpf.io/fosdem-2026.html
Tetragon: лучшие практики и нюансы разработки Tracing Policy
Привет! Меня зовут Виталий Шишкин, я эксперт продукта Container Security в Positive Technologies. За годы работы над продуктом MaxPatrol 10 мы строили аудит Linux на базе подсистемы Auditd, которая решала свою задачу и достаточно просто настраивалась, но ситуация поменялась с появлением контейнеров, которые Auditd корректно поддерживать не умеет. Поэтому эта задача потребовала не просто смену решения для аудита системы, но и создание целого продукта, который сможет учитывать особенности Kubernetes и используемые им технологии ядра Linux.
https://habr.com/ru/companies/pt/articles/970318/
#tetragon #linux #cloud_native #информационная_безопасность #аудит_безопасности #kubernetes #auditd #kprobes #ebpf
#Kubernetes bootcamps, workshops, and 40+ keynotes from industry experts. Join the international community of #DevOps enthusiasts at #DevOpsCon, Dec. 2nd, in Germany and streaming online: https://devopscon.io/munich/
Kris Buytaert is a long-time #opensource evangelist and DevOps expert. Catch his talk to learn what sets #Coroot apart from other open observability tools and how to deploy it your ecosystem!
#Linux #eBPF #SRE #o11y #kubernetes #monitoring #tech #AI #softwarelibre #freesoftware
🔭 Modern systems demand real-time insight and resilience — and eBPF has become essential for today’s DevOps and cloud teams.
In “eBPF Essentials: Security and Observability (LFWS304),” a 1-day instructor-led workshop, you’ll deploy eBPF programs, build observability pipelines, and enforce runtime security in Kubernetes.
Finish the day with practical, verifiable skills — and a badge to prove it.
🔗 Enroll today: https://training.linuxfoundation.org/training/ebpf-essentials-security-and-observability-lfws304/
eBPF là một engine thực thi trong kernel Linux, cho phép chạy các chương trình an toàn và hiệu quả. Nó tương tự như việc đưa JavaScript vào kernel, mở ra khả năng quan sát và theo dõi hệ thống sâu hơn. Bài viết này giải thích về eBPF và ứng dụng của nó trong observability.
#eBPF #observability #linux #programming #tech #côngnghệ #lậptrình #linuxkernel
RE: https://hachyderm.io/@qeole/115462889461317376
eBPF Devroom at FOSDEM 2026: Submission is open until 1st December. Please remember to send your abstracts!
#fosdem #fosdem2026 #eBPF
Compte-rendu, et mise en œuvre complète, de l'atelier #eBPF au #CapitoleDuLibre, un bloqueur de pub #DNS en eBPF https://www.bortzmeyer.org/ebpf-capitole-libre.html
Et le bilan complet, une fois le programme terminé : https://www.bortzmeyer.org/ebpf-capitole-libre.html
Want an-all #opensource stack? No problem. GlassFlow v2.4 is here with pipeline editing, kerberos-secured #Kafka clusters, and significantly optimized ingestion performance: https://github.com/glassflow
Pair with #Coroot for out-of-the-box observability with AI-powered root cause analysis. Now with multi-cluster support: https://github.com/coroot/coroot
The future is #FOSS 🐧💚 🪲🐝
#kubernetes #monitoring #observability #sysadmin #Linux #eBPF #softwarelibre #k8 #baremetal #VM #AI #tech #glassflow
