Comprehensive guide to Linux kernel hardening techniques including KASLR, KPTI, Control Flow Integrity, and modern CPU vulnerability mitigations. Learn how to configure and implement kernel security features for maximum protection.

Comprehensive guide to Linux Security Modules (LSM) framework, exploring SELinux, AppArmor, SMACK, and modern LSM implementations. Learn how to implement custom security modules and integrate with the kernel security subsystem.

Explore container2wasm, an innovative converter that enables running unmodified Linux containers on WebAssembly by leveraging CPU emulation, supporting both x86_64 and RISC-V architectures in browsers and WASI runtimes.

Explore advanced eBPF security patterns for cloud-native Kubernetes environments. Learn how to implement zero-trust networking, runtime security, and deep observability using eBPF in production.

Learn how to build production-grade eBPF security tools using Rust and Aya. From basic monitoring to advanced threat detection, this guide covers everything you need to know about modern eBPF development.

An in-depth analysis of eBPF security challenges, potential vulnerabilities, and defensive strategies. Learn about eBPF rootkits, verifier bypasses, and how to protect against malicious eBPF usage.

Deep dive into WasmLinux, a groundbreaking prototype that implements a WebAssembly-native Linux system without CPU emulation, combining patched NOMMU Linux (LKL), MUSL libc, and Busybox compiled to Wasm.

A hands-on guide to implementing eBPF security tools in production. Learn to deploy Falco, Tetragon, Tracee, and build custom security solutions with real-world examples.