A fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected. In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. Often, attackers may also use compression or encryption to cloak the malware file to avoid detection. Most commonly used against Windows, we have recently seen a growing trend in its use against Linux, and, more specifically, within containers. In this guide, we will break down a fileless attack by creating a fileless demo and detecting unexpected activity with eBPF tools in the Cloud Native Security Runtime.
Speaker: Carol Valencia
Software Developer interested in good practices in Secure Development (DevSecOps), cloud-native applications, and security. Enthusiast of the open-source community, co-organizer of the Docker and Hashicorp communities, and contributor of Aqua open-source projects. In my free time, I like to do running and play beach tennis.