eBPF Security Checklist for DevSecOps

List of some best practices to eBPF for DevSecOps

echo 1 > /proc/sys/net/core/bpf_jit_harden

setcap cap_bpf=e /path/to/program

echo 0 > /proc/sys/kernel/perf_event_paranoid

bpftrace -e 'tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }'

bpftool prog load secmon.bpf /sys/fs/bpf/

bpftool map create /sys/fs/bpf/my_map type hash key 4 value 4 entries 1024

apt-get update && apt-get upgrade libbpf-tools

Table of contents