Name: OWASP KubeFIM Securing Kubernetes from the Inside Out: File Integrity Monitoring with eBPF
Start: 2025-05-29T11:00:00+0200
End: 2025-05-29T11:45:00+0200

Thursday May 29, 2025 11:00am - 11:45am CEST

Room 131-132

OWASP KubeFIM
Securing Kubernetes from the Inside Out: File Integrity Monitoring with eBPF

1. Introduction to Kubernetes Security & File Integrity Monitoring - The growing security challenges in Kubernetes.
- Why malicious containers inside clusters pose a huge risk.
- Real-world security incidents where attackers modified critical files (e.g., cryptojacking, rootkits).
- Why do traditional security tools fail in Kubernetes? (e.g., host-based FIM doesn’t work well).

2. What is OWASP KubeFIM & Why It Matters? - Overview of OWASP KubeFIM as an eBPF-based File Integrity Monitoring (FIM) solution.
- How eBPF helps detect file changes inside Kubernetes clusters without performance overhead.
- Use cases: Detecting malware, unauthorized file modifications, rootkit infections.

3. How OWASP KubeFIM WorksThe key components of KubeFIM:
- Kernel-level hooks
- Alerting system
- Policy-based file integrity monitoring

4. Setting Up KubeFIM in Your Cluster - Quick installation guide using Helm & Kubernetes YAML manifests.
- Configuring policies to monitor specific files (e.g., /bin, /etc, /var)
- Live demo of KubeFIM detecting unauthorized file changes.

5. Q&A + Discussion

Speakers

Abhijit Chatterjee

Co-Founder, Cyber Secure India

Abhijit is the Co-Founder of Cyber Secure India (CSI), a cybersecurity think tank focused on driving cybersecurity awareness, building a strong community through free education, sharing knowledge, and empowering young individuals to strengthen the digital infrastructure.

Thursday May 29, 2025 11:00am - 11:45am CEST
Room 131-132

Breakout: OWASP Project Demo Lab, Demo

OWASP 2025 Global AppSec EU

Abhijit Chatterjee

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!