Enforcing developer intent with eBPF

eBPF has been described as "superpowers for Linux", allowing custom code to run in the kernel. In this talk we'll explore some of the ways that eBPF as a technology enables better security by enforcing policies (such as seccomp, runtime or networking policies), and consider why policies can be just as much an expression of "developer intent" as code itself.