Scale to Zero - No Security Questions Left Unanswered eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast
In this episode, we sit down with a veteran Security and Cloud Infra Leader to deconstruct the architecture of modern workload monitoring and the emerging risks of AI-driven connectivity. We dive deep into eBPF—the technology providing "invisible" observability—and the security implications of MCP (Model Context Protocol) servers in the enterprise.Whether you're an infra lead or a security engineer, this episode provides the technical depth to help you stay ahead of the curve.
Also available on YouTube: https://youtu.be/iCfEJlgXFBU00:00 Teaser and Introduction04:12 Architectural differences between Agentless and Agent-based scanning07:50 Losing security signals in case of Agentless scanning09:23 Challenges of Agent-based scanning10:45 Vendor checklist for production release11:45 Noisy neighbour challenge and customer application14:52 Securing large agent-based vendor machines16:40 Use of eBPF for invisible workload monitoring19:17 Securing the eBPF21:00 Does eBPF solve the stability and performance risks?23:25 Security risks when LLMs use MCP servers27:16 Detect and Avoid MCP in an organizational environment32:32 Why use eBPF for security MCP?35:10 Using eBPF to run local servers in a secure way37:00 Can eBPF secure data leaks to AI models?41:19 Justifying stakeholders for using kernel-level security43:25 Evangelizing a security-first mindset44:50 Starting point for developer-led security using eBPF46:30 Learning recommendations47:10 Summary#eBPF #CloudSecurity #AISecurity #MCPServer #DevSecOps #AgentlessScanning #CloudInfrastructure #InfoSec #CybersecurityPodcast #LLMSecurity #KernelSecurity