As every cryptographic algorithm has its own security lifetime, old algorithms can become vulnerable as research advances. For system administrators, it is important to keep the managed systems up-to-date with latest standards. At DevConf CZ 2020, we've presented an idea of inspecting which cryptographic algorithms a particular deployment is using in practice, e.g., which TLS ciphersuites are negotiated the most. The proposal was to instrument system cryptographic libraries with USDT probes and collect statistical data with eBPF and bpftrace. Since then, the project has evolved further to providing a system-wide service and utilities, enabling analysis of long term trends and real-time diagnostics. In this session we will talk about the architecture, logging format, and possible integration with consumers, such as Insights Core and Grafana.
Create a custom schedule.
Take it with you on mobile.
Get listed in the directory.
