Rootconf 2025 Annual Conference CfP
Rootconf
Rootconf

Rootconf 2025 Annual Conference CfP

Speak at Rootconf 2025 Annual Conference

Tickets

Loading…

All submissions
Rohit kumar

Rohit kumar

@rohitcoder

From Dependency to Deception: Uncovering Supply Chain Attacks with eBPF

Submitted Apr 11, 2025

Topic of your submission: Supply chain security Type of submission: 30 mins talk I am submitting for: Rootconf Annual Conference 2025

Talk Description:

Software supply chain attacks are evolving — and most static security tools just aren’t keeping up. From malicious open-source packages to compromised build pipelines, modern threats often go undetected until it’s too late. This talk walks through why traditional scanning misses these attacks, and how we can catch them at runtime using eBPF — a powerful, low-level observability tool built into the Linux kernel.

We’ll explore how eBPF can trace suspicious behavior like unexpected network calls or file access from compromised builds, all without modifying the application. Along the way, we’ll break down where existing eBPF-based tools fall short, how to build a custom runtime monitoring layer that’s optimized for detecting supply chain tampering, and what practical alternatives exist if you can’t yet run eBPF at scale. Expect live examples, real-world attack patterns, and a peek into what it takes to operationalize this in production systems.

Key Takeaways:

  • Why static supply chain security is not enough — and where runtime observability fits in.
  • How to build scalable eBPF-based defenses to detect malicious behavior after deployment.

Audience:

This session is ideal for platform engineers, product security teams, SREs, and DevSecOps professionals working on securing CI/CD pipelines, containers, and cloud-native infra. If you’re thinking beyond scanners and want to know what really runs in prod, this is for you.

Speaker Bio:

I’m currently a Product Security Engineer at Groww, a BlackHat speaker, a top bug bounty hunter at Meta, and an active open source contributor. My work sits at the intersection of code, runtime, and security — where offensive research meets practical defense.

I specialize in building scalable security tooling that helps organizations detect and respond to modern threats across CI/CD pipelines, production infrastructure, and cloud-native environments. Whether it’s analyzing source code, tracing runtime behavior with eBPF, or hunting vulnerabilities in the wild, I bring a hands-on, attacker-informed mindset to everything I do.

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Follow
Hybrid access (members only)

Hosted by

Rootconf
Rootconf
We care about site reliability, cloud costs, security and data privacy