Aqua Blog

Itamar Maouda

Hunting Rootkits with eBPF: Detecting Linux Syscall Hooking Using Tracee

Hunting Rootkits with eBPF: Detecting Linux Syscall Hooking Using Tracee

Picture of Itamar Maouda
Itamar Maouda
April 21, 2022

Today, cloud native platforms are increasingly using eBPF-based security technology. It enables the monitoring and analysis of applications’ runtime behavior by creating safe hooks for tracing internal functions and capturing important data for forensic purposes. Tracee is an open source runtime security and forensics …

Continue reading ›
All posts

Subscribe to Email Updates

Popular Posts

Filter by Topic

Show more...

    Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure and secure running workloads wherever they are deployed.

    Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions and cloud VMs.

Copyright © 2023 Aqua Security Software Ltd.