implementing-ebpf-security-monitoring
mukul975/Anthropic-Cybersecurity-Skills
A comprehensive guide on implementing advanced security observability using eBPF and Cilium Tetragon. This skill covers real-time tracking of process execution, network connections, and file system access directly in the kernel. Learn how to author TracingPolicy CRDs, utilize kprobe/tracepoint hooks for in-kernel filtering, and enforce runtime security policies (e.g., process killing) on Linux hosts or Kubernetes clusters.
