Back To Schedule
Wednesday, February 1 • 4:40pm - 5:15pm
Finding the Needles in a Haystack: Identifying Suspicious Behaviors with eBPF - Jeremy Cowan & Wasiq Muhammad, Amazon Web Services

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As the popularity of Kubernetes has grown, so has its appeal as a target. In an increasingly hostile environment, the ability to quickly flag suspicious behaviors and investigate and identify their source is becoming crucial. In this talk you will learn how AWS is using eBPF to identify a variety of security risks, e.g. communication with known command and control systems, Tor clients, cryptocurrency miners, and other malicious activity. You will also hear why AWS put eBPF above other options and the lessons they learned along the way.

avatar for Jeremy Cowan

Jeremy Cowan

Developer Advocate Manager, Amazon Web Services
Jeremy Cowan, Developer Advocate Manager. Jeremy has been a huge proponent of containers since 2016 when containers we beginning to emerge as a reasonable way to package and run applications. Since joining AWS in 2015, Jeremy has been a Solutions Architect, Container Specialist, Developer... Read More →

Wasiq Muhammad

Principal Security Engineer, Amazon Web Services
Muhammad Wasiq, Principal Security Engineer. Muhammad Wasiq currently researches and develops threat detection capabilities for Amazon GuardDuty. He has worked on multiple areas of Information Security. Lately he has been spending a good chunk of his time on container threat landscape... Read More →

Wednesday February 1, 2023 4:40pm - 5:15pm PST
Room 612
  Detections + Incidents + Response