In this post, I want to scratch at the surface of a very interesting technology that Elastic’s Universal Profiler and Security solution both use called eBPF and explain why it is a critically important technology for modern observability. I’ll talk a little bit about how it works and how it can be used to create powerful monitoring solutions — and dream up ways eBPF could be used in the future for observability use cases.

Bots have been in the news a lot lately. Before committing to the Twitter takeover, Elon Musk cited huge bot numbers as a hurdle in completing the deal. Social media bots have also been blamed for interfering in elections and other political processes in recent years. Despite the current focus on bots, they’re not a new phenomenon. Bots have been around for decades — and some have caused serious damage to businesses around the world.

According to one survey, 94% agree that AIOps is “important or very important” to manage network and cloud applications performance. AIOps intends to help customers contextualize humongous data volumes and streamline IT operations with automation. As IT infrastructure grows in complexity, alerts flood IT Ops centers and Ops teams drown in managing the deluge.

During the pandemic, approximately 60% of full-time and part-time employees in the U.S. worked remotely. Firms weren’t ready for their employees to work remotely, but many employers quickly realized the benefits of remote work. As remote work became more common, the number of cyber criminals increased drastically. IT professionals have never been more cautious with their work security.

The awaited OpenSSL 3.0.7 patch was released on Nov. 1. The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786), which affect all OpenSSL v3 versions up to 3.0.6. These vulnerabilities are remediated in version 3.0.7, which was released Nov. 1. The vulnerabilities fixed include two stack-based buffer overflows in the name constraint checking portion of X.509 certificate verification.

On Tuesday, November 8, 2022, VMware disclosed three critical-severity vulnerabilities impacting VMware Workspace ONE Assist Server versions 21.x and 22.x. If successfully exploited, the reported vulnerabilities could lead to a threat actor obtaining administrative access to the application without the need to authenticate.

The Medibank hack began with the theft of credentials belonging to an individual with privileged access to Medibank’s internal systems. These credentials were sold and purchased on the dark web by an unconfirmed buyer who used them to gain access to Medibank’s internal system.

One of the primary challenges that our security analysts encounter is where and how to best use their time. Monitoring and reviewing the constant influx of data and alerts produced by our client’s networks whilst also finding the time to keep on top of trending and emerging threats is no mean feat, and not particularly conducive to a healthy work-life balance…

For far too long, the cybersecurity industry has subscribed to a flawed methodology — one that is based on the notion that organizations can avoid security threats through obscurity and secrecy. The assumption is that keeping security controls and processes covert makes products and data inherently more secure against cyber threats within the networks we defend. However, even the most sophisticated cybersecurity defenses are no match for well-funded, highly motivated adversaries.

Russia’s military incursion against Ukraine began on February 24, 2022, with a massive ground attack supported by several cyber incidents. This activity set the stage for what would become an active hybrid war fought in two domains: cyber and ground warfare.