seccomp — Your Next Layer of Defense
Why should you allow all possible system calls from your application when you know that you only need some? If you have ever wondered the same then this is the right talk for you. We are covering:
- What is seccomp in a nutshell and where could you use it.
- Practical example with Elasticsearch and Beats.
- How to collect seccomp violations with Auditd.
Because your security approach can always use an additional layer of protection.
Video of the talk at BalCCon.
PS: This talk is based on Alexander Reelsen’s blog post Seccomp in the Elastic Stack.