In this episode of The ONE Podcast, we take a deeper dive into the technical side of cybersecurity. Our guest is Geri Revay, Principal Security Researcher at Fortinet, who discusses a powerful kernel technology - eBPF (Extended Berkeley Packet Filter) - and how it’s being repurposed by malware authors.

We explore how eBPF, originally designed to enhance performance and observability in Linux systems, is now being abused to gain stealthy, kernel-level access, evade detection, and even hide malicious activity. Geri shares insights into the real-world risks, defensive strategies, and why awareness and preparation are essential as eBPF expands from Linux into Windows environments.

This episode is based on Geri’s ONE Conference session, “Threat From The Inside: eBPF Used by Malware.” More information about this session can be found on: https://app.recaphub.co/one-conference-2025/content/iU7N6Y5wH

Connect with Geri Revay: https://www.linkedin.com/in/gergelyrevay/⁠