kflowd: Kernel-based Process Monitoring on Linux Endpoints via eBPF
kflowd kflowd runs as an agent on Linux endpoints to monitor processes via eBPF kernel subsystem for filesystem and TCP and UDP networking events, enabling immediate threat and anomaly detection on suspicious activities. Advanced...
