The blog post features an interview with Rafael David Tinoco, an engineer at Garnet, discussing the development of Jibril, a runtime security engine. The conversation covers the evolution of Jibril from GitHub Actions runtime secu...
About:
Teodor J. Podobnik is an eBPF enthusiast focused on making it accessible through practical insights and open-source contributions.
Website:
Specializations:
Interests:
Outgoing Links:
Subscribe to RSS:
The article discusses the inefficiencies of traditional pub-sub brokers like RabbitMQ and ActiveMQ, which operate in user space, causing latency and reduced throughput due to kernel-user space transitions. It highlights a research...
The article discusses a method for bot detection using TCP fingerprinting with eBPF, focusing on identifying unique patterns in web requests. It explains how different operating systems implement TCP protocol variations, which can...
The blog post discusses the importance of monitoring DNS traffic to protect against various DNS-centric threats, such as DDoS attacks and data exfiltration. It introduces a tool called DNS-Trace, which utilizes eBPF technology to ...
The post discusses the critical role of the User Plane Function (UPF) in 5G networks, focusing on its responsibilities in packet routing, QoS enforcement, and policy application. It highlights the limitations of traditional UPFs o...
The post discusses the challenges of code signing for eBPF programs due to the on-the-fly modifications made by eBPF loaders like libbpf. It introduces a two-phase signing model to maintain a chain of trust: the first phase involv...
The author recounts a challenging debugging session triggered by a PagerDuty alert, where an API's response times spiked unexpectedly despite normal metrics across various monitoring tools. After exhausting traditional troubleshoo...
The article discusses the development and optimization of the Cimon eBPF agent, focusing on engineering challenges related to system observability, performance monitoring, and security in CI/CD environments. It emphasizes the impo...
The blog post discusses Out of Memory (OOM) kills in Linux systems, particularly in containerized environments like Kubernetes and Docker. It explains how OOM kills occur when a container exceeds its memory limits, leading to proc...
Dynamic runtime security policies in eBPF can enhance security by allowing child processes to inherit minimal permissions from their parent processes using efficient bitmasking techniques.
The post discusses the implementation of eBPF to enhance runtime security in GitHub Actions, providing CI/CD pipelines with improved network visibility and protection. It covers an introduction to eBPF, its applications by compani...
The interview with Nikolay Sivko, Founder and CEO of Coroot, covers various aspects of the observability market, including the necessity of Coroot, its advantages over existing solutions, and the challenges of zero-code instrument...
The blog post outlines the creation of an IP-in-IP Direct Server Return Load Balancer that allows packets to be routed across multiple networks using eBPF/XDP technology.
The blog post outlines the development of an eBPF/XDP load balancer and introduces Direct Server Return to improve efficiency and client IP visibility.
The post discusses the challenges of ensuring eBPF programs work across multiple kernel versions and introduces Little VM Helper (LVH) as a solution to automate testing using GitHub Actions. It explains how LVH simplifies the proc...
The blog post discusses how to determine the availability of eBPF helper functions for specific program types across different kernel versions. It highlights the use of bpftool to list supported program types and helpers, while al...
The author reflects on their journey of writing the eBPFChirp newsletter over the past year, sharing insights from their experiences in technical writing, the challenges faced on platforms like Medium, and the transition to Substa...
The interview with Henrik Rexed, a CNCF Ambassador and Staff Engineer at Dynatrace, explores the role of CNCF Ambassadors in supporting open-source projects, the limitations of traditional observability in modern architectures, an...
In an interview with Avi Lumelsky, an AI Security Researcher at Oligo Security, the discussion revolves around the intersection of AI and runtime protection. Key topics include the importance of understanding system performance be...
In an interview with Karim Traiaia, Co-founder of Kerno, the discussion covers the inception of Kerno, the challenges of acquiring early customers, the role of eBPF in their technology, and how they manage data from observability ...
The blog post features an interview with Bill Mulligan, discussing various aspects of eBPF, including his daily work life, initial encounters with eBPF, misconceptions about its security, signals for enterprise adoption, emerging ...
The author discusses the evolution of the eBPFChirp newsletter, emphasizing the need for hands-on learning in technology. To address the friction of running code locally, the author introduces online coding labs hosted on the ixim...
Interactive coding labs are more effective for learning, as demonstrated by a new tutorial on building an eBPF/XDP NAT-based Layer 4 load balancer.
The post encourages readers to share eBPFChirp with friends, highlighting a referral program that rewards subscribers with benefits for bringing in new readers. It outlines the rewards structure based on the number of referrals an...