Name: Finding the Needles in a Haystack: Identifying Suspicious Behaviors with eBPF - Jeremy Cowan & Wasiq Muhammad, Amazon Web Services
Start: 2023-02-01T16:40:00-0800
End: 2023-02-01T17:15:00-0800

Back To Schedule

Finding the Needles in a Haystack: Identifying Suspicious Behaviors with eBPF - Jeremy Cowan & Wasiq Muhammad, Amazon Web Services

Feedback form is now closed.

As the popularity of Kubernetes has grown, so has its appeal as a target. In an increasingly hostile environment, the ability to quickly flag suspicious behaviors and investigate and identify their source is becoming crucial. In this talk you will learn how AWS is using eBPF to identify a variety of security risks, e.g. communication with known command and control systems, Tor clients, cryptocurrency miners, and other malicious activity. You will also hear why AWS put eBPF above other options and the lessons they learned along the way.

Speakers

Jeremy Cowan

Developer Advocate Manager, Amazon Web Services

Jeremy Cowan, Developer Advocate Manager. Jeremy has been a huge proponent of containers since 2016 when containers we beginning to emerge as a reasonable way to package and run applications. Since joining AWS in 2015, Jeremy has been a Solutions Architect, Container Specialist, Developer... Read More →

Wasiq Muhammad

Principal Security Engineer, Amazon Web Services

Muhammad Wasiq, Principal Security Engineer. Muhammad Wasiq currently researches and develops threat detection capabilities for Amazon GuardDuty. He has worked on multiple areas of Information Security. Lately he has been spending a good chunk of his time on container threat landscape... Read More →

ebpf needle haystack pdf

Wednesday February 1, 2023 4:40pm - 5:15pm PST
Room 612

Detections + Incidents + Response

Content Experience Level Intermediate
Presentation Slides Attached Yes

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Jeremy Cowan

Wasiq Muhammad