In the dynamic cloud-native environment, applications need constant observability and monitoring to identify and mitigate risks from malicious activities before they evolve into security breaches and compliance risks. Calico Cloud runtime security is the enforcement of security policies and threat detection across network, process, file, and system behavior of containerized workloads. Calico Cloud uses eBPF probes to baseline workload behavior and build a statistical model of file system activity, network activity, process profile, syscalls initiated or attempted by the workload. Any deviations from this baseline are evaluated against indicators of compromise to generate alerts.

Attend this informational webinar to learn:

• What is to eBPF and explain how it can be used for enhanced observability for containerized workloads
• How Calico Cloud’s runtime security features work under the hood.
• How Calico Cloud uses eBPF to power its container runtime security solution.