Securing Cloud Native Applications with eBPF (Early Release)

It's highly unusual today for application developers to build their own software from the ground up. They rely instead on open source projects and prebuilt libraries to bring products to market faster at reduced costs. But hackers are increasingly and aggressively targeting open source components as a way to break into the supply chain. And Kubernetes is a rich target.

This practical book introduces the uses and benefits of eBPF-based security observability, specifically how eBPF-based runtime security tools can provide deep visibility into both the host and Kubernetes workloads. You'll learn how to reduce the attack surface of your production environment and mitigate vulnerabilities in your software supply chain and open source dependencies.

Authors Jed Salazar from Chainguard and Natalia Reka Ivanko from Isovalent explain how to

Use cutting-edge cryptography to create application identities that are verified at runtime
Provide low overhead and near-real-time security observability into a production system to continuously verify and maintain the trust built in your supply chain
Effectively respond to security incidents, cut off attack vectors, and determine exactly when and how the attacks happened
Identify the compromised data and assess the risk to other system components
Minimize your attack surface and continually harden your production environment
Apply additional mitigations and rebuild trust in the environment