The eBPF (extended Berkeley packet filter) is being used to solve several security issues in cloud native environments, beyond its initial use of network monitoring. Its penetration, extending from within the Linux kernel (and on Windows to a lesser extent), across runtimes in a network or environment, makes it an “enhancement” to the Linux operating system, according to Gartner analyst Simon Richard in Gartner’s “Hype Cycle for Compute 2023.” While running specific instruction sets from within the kernel, eBPF allows organizations to add features to Linux without changing kernel source code or requiring kernel modules, Richard writes.

Source: The New Stack