Why should you allow all possible system calls from your application when you know that you only need some? If you have ever wondered the same then this is the right talk for you.
We are covering: * What is seccomp in a nutshell and where could you use it. * Practical example with Docker, Elasticsearch, and Beats. * How to collect seccomp violations with Auditd. Because your security approach can always use an additional layer of protection.
Speakers: Philipp Krenn