GitHub - cilium/tetragon: eBPF-based Security Observability and Runtime Enforcement

Cilium’s new Tetragon component enables powerful real-time, eBPF-based Security Observability and Runtime Enforcement. Tetragon detects and is able to react to security-significant events, such as Process execution events System call activity I/O activity including network & file access When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that is, it understands Kubernetes identit

[citypw]

Tetragon：セキュリティ製品のself-protection につて事例研究 https://hardenedvault.net/jp/blog/2022-05-25-vspp/

[udzura]

“The base kernel should support BTF or the BTF file should be placed where Tetragon can read it”