Verifiable GitHub Actions with eBPF
May 01, 2023
28 min
Free
github-actions
ebpf
runtime-security
supply-chain-security
tracee
observability
ci-cd
container-security
linux-kernel
forensics
Description
This talk explores how eBPF, through the Tracee project, can be used to secure GitHub Actions and build pipelines. It delves into the challenges of supply chain attacks and presents a solution that profiles build activities, detects malicious behavior, and enforces security policies. The presentation highlights lessons learned from developing this solution, including the differences between build-time and production-time security, and showcases a demo of the verifiable GitHub Actions pipeline.