Explore a 42-minute conference talk that delves into the evolution from security observability to enforcement using eBPF in cloud native environments. Learn how eBPF technology is being implemented across runtime security tools like Falco, KubeArmor, and Tetragon for kernel-level security event collection. Discover the Tetragon team's journey in transitioning from retroactive attack detection to proactive attack prevention, covering crucial aspects of security model definition and the hardening of kernel-Kubernetes system interactions. Gain deep technical insights into eBPF-based enforcement mechanisms, understand how they differ from traditional observability approaches, and explore implementation challenges. Master the inner workings of eBPF-based runtime security while learning to navigate common pitfalls in implementation.