Tracing syscalls, watching files, and catching command injection using the Linux kernel audit framework with a vulnerable ICMP tool as the attack surface
Read tutorial →Kubernetes runtime security using OPA Gatekeeper admission policies and Falco runtime detection
Read tutorial →Fileless in-memory attacks in Kubernetes using memfd_create syscall with Docker and Perl
Read tutorial →