Detecting eBPF Malware with Tracee
Aqua Security
JULY 19, 2023
eBPF is a popular and powerful technology embedded in the Linux kernel. Lately, we have seen a rise in the number of eBPF based tools used for malicious goals such as rootkits ( ebpfkit, TripleCross ) and malwares ( pamspy ). It is widely used by many security tools for monitoring kernel activity to detect and protect organizations.
Let's personalize your content