Safeguard
Tag

tetragon

Safeguard articles tagged "tetragon" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Kubernetes Security

Falco vs. Tetragon vs. Tracee: choosing a Kubernetes runtime security tool

Falco graduated CNCF in February 2024, Tetragon enforces in-kernel, and Tracee ships 330+ prebuilt eBPF detections — here's when each one actually wins.

Jul 11, 20267 min read
Container Security

Runtime security tools for Kubernetes clusters

A concrete look at Kubernetes runtime security tools — Falco, Tetragon, Tracee, eBPF, and recent CVEs — and what to check before you buy one.

Jun 25, 20267 min read
Container Security

Deploying Cilium Tetragon for eBPF Runtime Security in 2026

A practical guide to rolling out Tetragon for kernel-level runtime visibility, covering policy authoring, performance overhead, and integration with existing detection pipelines.

Mar 4, 20266 min read
Tool Comparison

Tetragon vs Falco: 2026 Runtime Security Field Test

Both Tetragon and Falco run on eBPF and both ship as CNCF projects. We benched them side by side on a 400-node cluster — coverage, overhead, and enforcement behavior.

Feb 26, 20266 min read
Container Security

Cilium Tetragon Runtime Security with eBPF

A practical look at Cilium Tetragon for Kubernetes runtime security, what eBPF gives you that audit logs do not, and where Tetragon fits in a real stack.

Jan 26, 20267 min read
Container Security

eBPF Security Controls: A Production Experience Report

Field notes on running Tetragon, Falco, and Cilium eBPF controls in production Kubernetes clusters, with observed overhead, policy traps, and kernel constraints.

Dec 20, 20245 min read
tetragon — Safeguard Blog