I think the agent requirement (even if eBPF plug-in only) is a big hill for a startup. It would have to be part of a multi-faceted agent (e.g. Sysdig or Falcon). Alternatively, these vendors could be inspired of DAST scanning techniques to simulate runtime execution pre-deployment?...
Hey James, Great write up. Any thoughts on precision on runtime reachability? Different vendors have different techniques hooking into interpreted, JITted language runtimes and pure memory analysis at some time intervals. Vendors are often not able to share same degree of precision for function call analysis. This is often sold as an eBPF add-on, like you mention, making this more difficult to comprehend. Which vendor/approach will lead the pack in the long term in terms of coverage and precision?
Hey! Part three should cover this with more depth, but right now Oligo, Raven, and Kodem are certainly the most mature at doing it in the context of a runtime environment
I think the agent requirement (even if eBPF plug-in only) is a big hill for a startup. It would have to be part of a multi-faceted agent (e.g. Sysdig or Falcon). Alternatively, these vendors could be inspired of DAST scanning techniques to simulate runtime execution pre-deployment?...
Amazing read 👍 informative.
Hey James, Great write up. Any thoughts on precision on runtime reachability? Different vendors have different techniques hooking into interpreted, JITted language runtimes and pure memory analysis at some time intervals. Vendors are often not able to share same degree of precision for function call analysis. This is often sold as an eBPF add-on, like you mention, making this more difficult to comprehend. Which vendor/approach will lead the pack in the long term in terms of coverage and precision?
Hey! Part three should cover this with more depth, but right now Oligo, Raven, and Kodem are certainly the most mature at doing it in the context of a runtime environment