In this session, an overview will be presented on how you can use eBPF technology to safeguard your CI/CD pipelines to catch malicious behaviours that may get introduced as your software evolves.

The example for this talk will use Tracee, an Open Source project. We will show how to protect against supply chain attacks in a commonly used environment like GitHub Actions using another a very common technique (but also an attack vector) of making a Pull Request.