JavaScript seems to be disabled in your browser. For the best experience on our site, be sure to turn on Javascript in your browser.

Artículo: AMZ-B0FTQKB8NS

eBPF Detection Engineering with Rust: Blue-Team Guide to Real-Time Linux Threat Detection, Kernel Hooks, and SIEM/XDR Telemetry with aya (aya-rs)

Format:

Kindle

Kindle

Paperback

Detalles del producto

Disponibilidad
En stock

Peso con empaque
0.84 kg

Devolución
No

Condición
Nuevo

Producto de
Amazon

Viaja desde
USA

Sobre este producto

Traditional monitoring tools only see what attackers allow them to see—but threats like process injection, privilege escalation, and container escapes leave their real traces inside the Linux kernel. This is where eBPF (extended Berkeley Packet Filter) shines: it gives defenders real-time visibility into the kernel’s most critical signals, safely and efficiently. And with Rust and the aya framework, security teams can finally build production-ready eBPF detections without risking memory bugs or kernel panics.Written by Sammie Sanders, a practitioner with deep experience in detection engineering, this book doesn’t just explain concepts—it gives you working Rust code, hands-on labs, and real-world case studies to help you operationalize eBPF. It’s not theory. It’s a field manual for blue teams who need reliable detections now.This practical guide takes you from fundamentals (eBPF basics, kernel hooks, verifier pitfalls) through real detections (suspicious process execution, file tampering, container escapes), and into production scale (SIEM/XDR integration, performance tuning, canary deployments). You’ll learn not only how to write safe probes in Rust with aya but also how to ship telemetry into your security pipelines, reduce false positives, and validate detections against real attacker behavior.Why You Need This Book: If your team struggles with blind spots in Linux security monitoring, this book gives you the tools to close them. You’ll learn to:Capture high-fidelity kernel signals attackers can’t hide.Build detections that analysts can trust—reducing alert fatigue.Scale across fleets with portable, verifier-safe Rust code.Turn detection ideas into production-ready probes quickly, without deep kernel expertise.In short, this book helps you move from theory to detections that matter—detections that catch threats before damage is done.This book is for security engineers, blue team members, detection developers, and incident responders who want to push their visibility deeper into the operating system. You don’t need to be a Rust or kernel expert; the book assumes only a working knowledge of Linux and some programming basics. Each chapter includes code, exercises, and labs to help you apply concepts directly in your own environment.In cybersecurity, seconds matter. Attackers don’t wait, and neither can you. With eBPF, you can spot threats the moment they occur—instead of after the fact. This book is designed to shorten your learning curve so you can start building detections in hours, not months. By the time you reach the final chapters, you’ll have a toolkit of ready-to-deploy probes for real-world use.If you’re ready to bring kernel-level visibility into your blue-team arsenal, this book is your essential guide. Don’t settle for delayed, noisy, or incomplete signals. Learn how to harness eBPF and Rust with confidence, ship high-quality detections, and stay ahead of attackers.Start building detections that truly matter—pick up your copy of eBPF Detection Engineering with Rust today.

$24,17

44% OFF

$13,43

$24,17

44% OFF

$13,43

Envío gratis

Llega en 16 a 26 días hábiles

Tienes garantia de entrega

Medios de pago

Cantidad

Este producto viaja de USA

a tus manos en

Medios de pago

Tarjetas de Débito, Crédito y Deuna