# Enlightning - Need for Runtime Security - Static Scanning - Zero Days - Zero Trust/Least Privilege - Reducing Attack Surface - Containers are not BlackBox - Capabilities,Network,Mount Accesses - Need to Profile and Secure these accesses - Ingress Attack and Lateral Movement - RBAC but for entities inside Containers : MAC - Current State of Art - Pod Security Context - Seccomp, AppArmor - Lack of Observability - Lack of Context - KubeArmor - Brief Overview - KubeArmor Lifecycle - Kubernetes - Unorchestrated - Edge, 5G - Policies as CRD - Declratively manage rules - Inline vs Async Remediation - Use Service Account Token Example - Explain User Journey for Lenient Whitelisting - What all Kernel Primitives are triggered and How is KubeArmor enforcing here - Alert Data with Context leveraging eBPF - Deeper Dive into LSM and eBPF - Mature - Performant - Use Cases - Application Behaviour - Least Permissive Access - File Integrity Monitoring - Network Segmentation - Policies - What's a policy, ruleset - Recommended Policies - MITRE, CIS, NSA, PCIE-DSS - Community - Slack, Github -