Tracee: Runtime Security and Forensics using eBPF

Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns. It is delivered as a Docker image that monitors the OS and detects suspicious behavior based on a pre-defined set of behavioral patterns.

github.com/aquasecurity/tracee

Follow

The Intercept Welcomes Whistleblowers

theintercept.com/source/

· · Web · 0 · 3 · 1
Sign in to participate in the conversation
mas.to

Hello! mas.to is a general-topic, mainly English-speaking instance. We're enthusiastic about Mastodon and aim to run a fast, up-to-date and fun Mastodon instance.