Kubernetes Runtime Security (eBPF / gVisor / Kata)1 items
Kubernetes Runtime Security (eBPF / gVisor / Kata)1 items
Runtime Hardening
- eBPF detection: anomalous syscalls, crypto-miners, shell spawns.
- Sandboxing: gVisor/Kata for untrusted workloads; reduce kernel attack surface.
- Host hardening: minimal OS, kernel patching windows, audit privileged pods.