With a magic one size fits all solution that happens to also be a rootkit that by default rewrites itself on automatic updates.
If you’re still with me please read about EBPF and why it can be used to do EDR style monitoring without a rootkit on any modern flavor of Linux. It can also be used to replace your monitoring and observability stack shims in your product. It was built by kernel developers and is already baked into your OS.
deleted by creator
With a magic one size fits all solution that happens to also be a rootkit that by default rewrites itself on automatic updates.
If you’re still with me please read about EBPF and why it can be used to do EDR style monitoring without a rootkit on any modern flavor of Linux. It can also be used to replace your monitoring and observability stack shims in your product. It was built by kernel developers and is already baked into your OS.