Kirjahaku

What is eBPF? With this revolutionary technology, you can write custom code that dynamically changes the way the kernel behaves. It's an extraordinary platform for building a whole new generation of security, observability, and networking tools. This practical book is ideal for developers, system administrators, operators, and students who are curious about eBPF and want to know how it works. Author Liz Rice, chief open source officer with cloud native networking and security specialists Isovalent, also provides a foundation for those who want to explore writing eBPF programs themselves. With this book, you will: Learn why eBPF has become so important in the past couple of years Write basic eBPF code, and manipulate eBPF programs and attach them to events Explore how eBPF components interact with Linux to dynamically change the operating system's behavior Learn how tools based on eBPF can instrument applications without changes to the apps or their configuration Discover how this technology enables new tools for observability, security, and networking

To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers, operators, and security professionals assess security risks and determine appropriate solutions. Author Liz Rice, VP of open source engineering at Aqua Security, looks at how the building blocks commonly used in container-based systems are constructed in Linux. You'll understand what's happening when you deploy containers and learn how to assess potential security risks that could affect your deployments. If you run container applications with kubectl or docker and use Linux command-line tools such as ps and grep, you're ready to get started. Explore attack vectors that affect container deployments Dive into the Linux constructs that underpin containers Examine measures for hardening containers Understand how misconfigurations can compromise container isolation Learn best practices for building container images Identify container images that have known software vulnerabilities Leverage secure connections between containers Use security tooling to prevent attacks on your deployment

As containerized and cloud native applications become foundational to modern software infrastructure, the need for a deep, conceptual understanding of their security implications has never been more urgent. Container Security, second edition, offers a rigorous yet practical examination of the technologies that underpin container platforms-equipping developers, operations professionals, and security practitioners with the mental models needed to evaluate risk and enhance resilience. Written by Liz Rice, a recognized authority in cloud native security, this updated edition builds on the foundational principles from the first edition while incorporating today's evolving threat landscape, modern tooling, and advancements in platforms like Kubernetes and Linux. Readers will gain a firm grasp of the architectural components behind containers and the Linux primitives that support them, fostering a systems-level understanding of both vulnerabilities and mitigation strategies. Examine the technical underpinnings of containers through a security-focused lens Evaluate evolving risks and defenses across container runtimes and orchestration platforms Analyze the implications of modern tooling including eBPF and AI-driven approaches Apply core principles to assess and secure real-world deployments in dynamic environments