The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server Stack

How Linux BPF Is Transforming Security Monitoring


Listen Later

On episode 55 of The Linux Podcast, Lucas and Luna explore how BPF (Berkeley Packet Filter) has evolved from a packet filtering tool into a powerful security monitoring framework. They dive into real-world use cases like detecting container breakouts, auditing system calls, and tracing network anomalies without modifying kernel code. The discussion highlights tools like Falco, Tracee, and Cilium, and explains why BPF offers lower overhead compared to traditional security agents. Lucas shares a specific example of how a major cloud provider, Cloudflare, uses BPF to protect its edge infrastructure. Luna raises questions about complexity and the learning curve for DevOps teams. The hosts also make a brief, sincere mention of listener support for keeping the show ad-free.

#Linux #BPF #Security #eBPF #Falco #Tracee #Cilium #Cloudflare #ContainerSecurity #SystemCallAuditing #NetworkSecurity #Technology #Podcast #FexingoBusiness #BusinessPodcast #OpenSource #Kernel #DevOps

Keep every episode free: buymeacoffee.com/fexingo

...more
View all episodesView all episodes
Download on the App Store

The Linux Podcast with Fexingo: Open Source Operating Systems, Distros, and Server StackBy Fexingo