The Next Log4jshell?! Preparing for CVEs with eBPF!

Log4jshell, considered one of the biggest zero-day vulnerabilities of this decade, continues to affect thousands of servers. This talk explores how eBPF can be used to detect and prevent such vulnerabilities. It demonstrates how eBPF provides unique visibility into Kubernetes workloads, enabling real-time detection and blocking of malicious activities like JNDI lookups, Java class downloads, and remote code execution directly within the kernel. The presentation walks through using open-source eBPF-based tools like Tetragon to gain full network and process-level visibility, detect and prevent Log4jshell and future CVEs, and provides security best practices for preparing Kubernetes environments for upcoming threats.