Automatic Application Hardening by Leveraging Container Runtime Behavior Analysis

This presentation explores an innovative approach to improving containerized application security through behavior analysis during CI processes. Learn how to replace tedious manual policy definitions with automatically generated native policies based on runtime behavior. Discover how behavioral analysis can create enforceable security policies directly within container orchestration tools like Kubernetes without third-party dependencies. The talk covers practical implementation of seccomp profiles, network policies, AppArmor, and security context, demonstrating how to conduct behavioral analysis using eBPF-based tools, integrate this analysis into CI testing, and enforce security policies natively. Gain deeper understanding of innovative security approaches for Kubernetes clusters and containerized orchestration environments, and learn to leverage behavioral analysis to protect against multiple threats.