@kevsecurity profile picture
Kevin Sheldrake @kevsecurity

Hacker, coder, etc. Isovalent where I work on Tetragon. ex-Microsoft Sysinternals, including #Sysmon For Linux #eBPF

Joined February 2021
  • Tweets 291
  • Following 256
  • Followers 875
10 Photos and videos
Kevin Sheldrake retweeted
Iceman
@herrmann1001
3 Jun 2024
Ran into @kevsecurity
1
1
15
1,347
Going to #deepsec. HMU in the bar - I’ll be the one reading a hypnosis book.
554
Kevin Sheldrake retweeted
44CON@44CON
5 Sep 2023
Find out more information about all the workshops happening at #44CON on our website - 44con.com/44con-2023-talks-a…
1
1
498
Kevin Sheldrake retweeted
44CON@44CON
5 Sep 2023
We're pleased to announce that Kev Sheldrake (@kevsecurity) will be running a hands-on workshop on "Hands On YAML To BPF With Tetragon" at #44CON2023
1
2
3
742
Kevin Sheldrake retweeted
Cilium@ciliumproject
18 Aug 2023
🐝 It's Today! 🐝 In two hours, Join @lizrice and @kevsecurity as they explore the networking improvements in Tetragon in this episode of eCHO. eBPF & Cilium Office Hours Friday, 18th August 2023 - 9 am ET / 3 pm CEST Livestream: youtube.com/watch?v=CiNnro9o…
3
4
3,519
Kevin Sheldrake retweeted
Cilium@ciliumproject
17 Aug 2023
🐝REMINDER🐝 This Friday @lizrice and @kevsecurity will be exploring "Networking improvements in Tetragon" eBPF & Cilium Office Hours Friday, 18th August 2023 - 9 am ET / 3 pm CEST Livestream👇 youtube.com/watch?v=CiNnro9o…
2
5
1,864
Kevin Sheldrake retweeted
Cilium@ciliumproject
16 Aug 2023
This Friday @lizrice and @kevsecurity will be exploring "Networking improvements in Tetragon" eBPF & Cilium Office Hours Friday, 18th August 2023 - 9 am ET / 3 pm CEST Livestream👇 youtube.com/watch?v=CiNnro9o…
4
9
2,075
Kevin Sheldrake retweeted
44CON@44CON
14 Aug 2023
We are delighted to announce that @kevsecurity will be delivering his talk "Detection And Blocking With BPF Via YAML" at #44CON2023. Yes - this is a followup from last year, by request. This is one not to miss!
1
3
10
2,033
Kevin Sheldrake retweeted
SteelCon@Steel_Con
7 Aug 2023
Replying to @ZephrFish @myexploit2600 @brianwhelton @AtomicMaya_ @irsdl @PolarToffee @ach_fooey @sailingbikeruk @sandh0t @christruncer
Detecting And Blocking With BPF Via YAML by @kevsecurity youtu.be/vdKiuTlHInA

Detecting And Blocking With BPF Via YAML by Kev Sheldrake

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

youtube.com
1
3
5
677
Kevin Sheldrake retweeted
Niko@nikopissanidis
21 Jun 2023
Are you on our mailing list? Four Pre-Event [PE] talks just drop for all of you to enjoy! Topics include: #eBPF, #Risk, #UFOSINT, #DevSecOps! by.. @kevsecurity @IBRice101 @KOAkinci @talhakarakumru, Julian Botham, Pavle Bozalo #BSidesAth lnkd.in/dMKe5Jhj
2
2
697
Kevin Sheldrake retweeted
Security BSides Athens@BSidesAth
21 Jun 2023
Are you on our mailing list? Four Pre-Event [PE] talks just drop for all of you to enjoy! Topics include: #eBPF, #Risk, #UFOSINT, #DevSecOps! by.. @kevsecurity @IBRice101 @KOAkinci @talhakarakumru, Julian Botham, Pavle Bozalo #BSidesAth
1
9
14
2,515
Who's coming to cons? I'll be speaking at: * BT Snoopcon, 22/23 June * Troopers, 28-30 June * Steelcon, 8 July Come and find out what you can do with #eBPF by writing a little bit of YAML!
6
517
Kevin Sheldrake retweeted
Security BSides Athens@BSidesAth
11 Jun 2023
Pre-Event, Talk 18 - What is eBPF and Why Should You Care!, Kev Sheldrake, @kevsecurity, bsidesath.gr/tracks.php#:~:t…

1
1
388
I will be speaking at @WEareTROOPERS on "Detecting And Blocking With BPF Via YAML". Come for the YAML, stay for the #BPF / #ebpf. Harness the power of BPF by using Tetragon and configuring it with YAML. Hook practically any kernel function.
2
14
2,481
Kevin Sheldrake retweeted
Bill Mulligan 🐝🐝🐝@breakawaybilly
22 Feb 2023
🐝Turn YAML into eBPF bytecode 🐝 Sound too good to be true? Check out the latest Tetragon docs from @mtardy_ github.com/cilium/tetragon/t…
Tracing Policy TracingPolicy is a user-configurable Kubernetes custom resource (CR) that allows users to trace arbitrary events in the kernel and optionally define actions to take on a match, for enforcement for example. Currently, two types of events are supported: kprobes and tracepoints, but others may be added in the future (e.g., uprobes) by following a similar approach. Note that TracingPolicy can be considered low-level since they require knowledge about the Linux kernel and containers to be written correctly. In the future, we are considering to add a high-level RuntimeSecurityPolicy which would take this complexity away. For the complete custom resource definition (CRD) refer to the YAML file cilium.io_tracingpolicies.yaml. One practical way to explore the CRD is to use kubectl explain against a Kubernetes API server on which it is installed, for example kubectl explain tracingpolicy.spec.kprobes provides field-specific documentation and details on kprobe spec. For bare met

ALT Tracing Policy TracingPolicy is a user-configurable Kubernetes custom resource (CR) that allows users to trace arbitrary events in the kernel and optionally define actions to take on a match, for enforcement for example. Currently, two types of events are supported: kprobes and tracepoints, but others may be added in the future (e.g., uprobes) by following a similar approach. Note that TracingPolicy can be considered low-level since they require knowledge about the Linux kernel and containers to be written correctly. In the future, we are considering to add a high-level RuntimeSecurityPolicy which would take this complexity away. For the complete custom resource definition (CRD) refer to the YAML file cilium.io_tracingpolicies.yaml. One practical way to explore the CRD is to use kubectl explain against a Kubernetes API server on which it is installed, for example kubectl explain tracingpolicy.spec.kprobes provides field-specific documentation and details on kprobe spec. For bare met

2
22
72
10,621
Load more