Much like the game Among Us, Bad faith actors can sneak into our spaceship aka containerized workloads anytime. It now comes to the crew members to eliminate the threat.

Similarly even if we secure our supply chain, there will always be threat actors that can attack at runtime. It is not a matter of if but when. There's a need to enforce security at runtime to contain damages as it happens.

Containers are not black boxes, Just sand-boxing around them isn't enough, we need to profile our entities inside our containers, and enforce zero trust rules.

But achieving zero trust is non trivial especially with the highly dynamic nature of modern containerized workloads.

This session will be about understanding the entities inside our containers, trying to identify assets that are exposed to entities inside containers, explore our crew members eBPF and LSMs who will help us identify and quarantine breaches at runtime minimizing our attack surface in the process.