Safeguard
Tag

ebpf

Safeguard articles tagged "ebpf" — guides, analysis, and best practices for software supply chain and application security.

20 articles

Container Security

Deploying Falco for Runtime Security in 2026

A pragmatic deployment guide for Falco 0.41 in production Kubernetes: driver selection, rule tuning, alert routing, and the operational debt teams underestimate.

Jan 22, 20265 min read
Buyer's Guides

Best runtime container security tools

A practical comparison of runtime container security tools, from eBPF-based monitoring to commercial threat detection platforms, and what to weigh before buying.

Nov 11, 20259 min read
Cloud Security

Runtime Threat Detection in Cloud-Native Environments

Static analysis catches known vulnerabilities. Runtime detection catches exploitation. Here is how to implement runtime threat detection for containerized workloads.

Aug 18, 20256 min read
Application Security

eBPF and OpenTelemetry: The New Instrumentation Layer for...

eBPF and OpenTelemetry are becoming AppSec's new runtime instrumentation layer, catching supply chain attacks like the xz backdoor that static scanners miss entirely.

Jul 23, 20257 min read
Container Security

eBPF Security Controls: A Production Experience Report

Field notes on running Tetragon, Falco, and Cilium eBPF controls in production Kubernetes clusters, with observed overhead, policy traps, and kernel constraints.

Dec 20, 20245 min read
Kubernetes Security

Cilium Network Security in Kubernetes: Beyond Basic Network Policies

Cilium uses eBPF to provide network security that standard Kubernetes NetworkPolicies cannot match. Here is what it adds and how to configure it.

Dec 12, 20225 min read
Runtime Security

eBPF for Security Monitoring: What It Can and Cannot Do

eBPF is being called the future of security observability. It is genuinely powerful, but it is not a magic bullet for runtime security.

Aug 12, 20225 min read
Container Security

Container Runtime Security Monitoring: Catching What Scanners Miss

Image scanning finds known vulnerabilities before deployment. Runtime monitoring catches actual exploitation, zero-days, and behavioral anomalies after deployment. You need both.

Jun 8, 20225 min read
ebpf (Page 2) — Safeguard Blog