What is eBPF ? born out of a need for a better Linux tracing tool. first released in a limited capacity in 2014 with Linux 3.18, making full use of eBPF at least Linux 4.4 or above eBPF can run sandboxed programs in the Linux kernel without changin...

eBPF-based Security Observability and Runtime Enforcement - GitHub - cilium/tetragon: eBPF-based Security Observability and Runtime Enforcement