Attending the #kunai workshop at @BSidesLuxembourg held by @qjerome from circle.lu.
kunai is a #Linux security monitoring tool, that very finely grained logs events from the kernel using #eBPF.
Interesting alternative to #auditd, #falco, #tetragon, #tracee, #auditbeats, or #SysmonForLinux.
I'd love to see a write-up with a compairson of all them.

https://kunai.rocks/