Ben Hirschberg
Ben is a cloud security researcher, open-source contributor, and co-founder of ARMO, the creators of Kubescape. With over 15 years of experience in cybersecurity, Ben specializes in Cloud and Kubernetes security, runtime hardening, and cloud-native defense strategies. His work bridges the gap between theory and practical security, helping organizations protect their workloads against real-world threats.
Ben frequently speaks at security and open-source conferences, bringing a hands-on, honest perspective rooted in real operational experience. When he's not building tools to defend containers, he usually tries to break them and then writes about what he learned.
Session
Syscall filtering with seccomp is one of the most effective defenses for containerized workloads, but despite its power, it's underused, misunderstood, or plain painful to deploy at scale.
This talk goes beyond theory: we'll get hands-on with practical seccomp profile generation, live demos of defending real vulnerable apps, and show how syscall filtering can contain actual exploits — using an Apache Druid vulnerability as a live case study.
You'll leave knowing not just why seccomp matters but also how to build, tune, and deploy real-world profiles with open-source tools like Kubescape and how to avoid the common traps that derail seccomp adoption in production.