Introducing eBPFGuard: A Library for Inline Mitigation of Threats using LSM Hooks

Hello, Deepfence community! We have some exciting news to share. We are thrilled to announce that eBPFGuard, our groundbreaking open-source Rust library, is becoming an integral part of our cutting-edge commercial solution for threat detection and mitigation, ThreatStryker!

What does this mean for you? In a cybersecurity landscape that's becoming increasingly complex and sophisticated, you need a solution that is equally advanced and robust. That's where eBPFGuard steps in. By integrating eBPFGuard into ThreatStryker, we're taking a giant leap forward in our exploitation detection capabilities. This dynamic duo will provide alerts and make mitigation decisions, applying the most suitable solutions directly at the host kernel level, right where you need it the most.

‍eBPFGuard is a product of our passion for securing digital landscapes. If you want to read more about how we utilize eBPF more generally within our security tools, read our blog post, “Aya: your tRusty eBPF Companion.” Developed by the brilliant minds at Deepfence, it protects applications from exploitation by selectively blocking specific kernel function calls based on user-defined policies. The best part? It does this without having you deal with the kernel directly, reducing complexity while maximizing efficiency.

Leave a Comment