eBPF is an amazing technology but it brings to the table some pitfalls like the well-known portability issues and the continuous fights with the kernel verifier. Falco, the CNCF runtime security project, faces these challenges day by day trying to support a wide spectrum of kernels, but now things are changing! This talk presents the ongoing effort from the Falco community to build a modern eBPF probe that leverages the most exciting novel features! What are the challenges involved? What are the benefits of this approach and how can we leverage them? Andrea and Jason will answer these questions by sharing their experience and by providing some development guidelines and best practices. The session will dive into the use of modern BPF features such as `ring-buffer`, `global variables`, and `BTF-enabled programs`, showing concrete production-ready examples!