eBPF Case Studies

Here are some of the organizations that are using eBPF in production. If you’re using eBPF and aren’t on this list, please submit a pull request.

• Google

  Google uses eBPF for security auditing, packet processing, and performance monitoring

  • Video
  • Talk
• Netflix

  Netflix uses eBPF at scale for network insights

  • Blog
  • Video
• Android

  Android uses eBPF to monitor network usage, power, and memory profiling

  • Docs
• S&P Global

  S&P; Global uses eBPF through Cilium for networking across multiple clouds and on-prem

  • Video
• Shopify

  Shopify uses eBPF through Falco for intrusion detection

  • Video
• Cloudflare

  Cloudflare uses eBPF for network security, performance monitoring, and network observability

  • Blog
  • Talk
• Microsoft

  Microsot uses eBPF to enhance the observability and inspection of processes within Kubernetes

  • Talk
• Samsung

  Samsung uses eBPF in their android devices for networking

  • Talk
• Ikea

  Ikea uses eBPF through Cilium for networking and load balancing in their private cloud

  • Video
• Apple

  Apple uses eBPF through Falco for kernel security monitoring

  • Video
• Meta

  Meta uses eBPF to process and load balance every packet coming into their data centers

  • Video
  • Blog
  • Talk
• DoorDash

  DoorDash uses eBPF through BPFAgent for kernel level monitoring

  • Blog
• Datadog

  Datadog uses eBPF for networking and security in their SaaS product

  • Video
  • Blog
  • Talk
• Alibaba

  Alibaba uses eBPF through Cilium to provide networking in their cloud

  • Blog
  • Talk
• Red Hat

  Red Hat uses eBPF at scale for load balancing and tracing in their private cloud

  • Talk
• Isovalent

  eBPF is the technlogy that powers Isovalent's enterpise networking, observability and security solutions

  • Talk
  • Blog
• Seznam

  Seznam uses eBPF for load balancing

  • Blog
  • Talk
• Trip.com

  Trip.com uses eBPF for load balancing

  • Blog
  • Talk
• Bell

  Bell Canada uses eBPF to moderize telco networking with SRv6

  • Talk
• Wildlife Studios

  Wildlife Studios uses eBPF through Cilium for high performance game networking

  • Blog
  • Talk
• Capital One

  Capital One uses eBPF to secure their cloud infrastructure

  • Talk
• Sky

  Sky uses eBPF through Cilium for cloud networking

  • Talk
• Walmart

  Walmart uses eBPF for edge cloud load balancing

  • Talk
  • Blog
• Palantir

  Palantir uses eBPF to debug networking problems

  • Video
• Cruise

  Cruise uses eBPF to monitor GPU performance

  • Video
• Digital Ocean

  Digital Ocean uses eBPF to monitor GPU performance

  • Talk
• Yahoo

  Yahoo uses eBPF for load balancing and performance analysis

  • Video
  • Talk
• Bytedance

  Bytedance uses eBPF for system tracing

  • Blog
• F5

  F5 BIG-IP integration with Cilium VTEP feature

  • Video
  • Guide
• LinkedIn

  LinkedIn uses eBPF for Infrastructure Observability

  • Blog
• The New York Times

  The New York Times uses eBPF for networking

  • Video
• SentinelOne

  SentinelOne uses eBPF to detect and to respond to runtime threats like ransomware and zero-day exploits in real time.

  • Blog
• Aqua Security

  Aqua Security uses eBPF to handle runtime detection and forensics

  • Blog
• Oligo Security

  Oligo Security uses eBPF for application security observability and protection

  • Blog
• Akita

  Akita uses eBPF at scale for API observability

  • Docs
• groundcover

  groundcover uses eBPF to instantly monitor application performance in cloud native environments, at any scale.

  • Product
  • Docs
  • Video
• Line Coporation

  Line Corporation uses eBPF at scale for load balancing and tracing in their private cloud

  • Talk
• Exein

  Exein uses eBPF in their open source runtime security framework for IoT

  • Talk
• Ant Group

  Ant Group uses eBPF in their cloud native security platform for vulnerability live-patching, and system anomaly detection

  • Talk
• Sysdig

  Sysdig uses eBPF to enable high-performance system call tracing, facilitate container-aware troubleshooting, conduct security auditing, and provide rich insights and data from the kernel

  • Talk
  • Blog
• Kodem

  Kodem uses eBPF for application visibilty and runtime intelligence

  • Blog
• Cycode

  Cycode uses eBPF for CI/CD security

  • Talk
  • Blog
• Wiz

  Wiz uses eBPF to provide real-time threat detection and monitoring within cloud workloads

  • Blog
• Core Tech

  Core Tech uses eBPF to filter out unwanted traffic and mitigate DDoS attacks

  • Blog
• FlowSecurity

  Flow Security uses eBPF technology to analyze data in motion for data discovery, classification, risk management, and data violation detection and response

  • Blog
• Helios

  Helios uses eBPF in their runtime analysis tool for observability and security

  • Blog
• ThreatX

  ThreatX uses eBPF for securing their runtime environment and delivering real-time blocking for runtime threats

  • Blog
• Levo

  Levo uses eBPF for API discovery and documentation

  • Docs
• Traceable

  Traceable uses eBPF for enhanced data collection

  • Blog
• ArvanCloud

  ArvanCloud uses eBPF for their CDN product

  • Blog
• RAD Security

  RAD Security uses eBPF for runtime threat detection and supply chain verification

  • Blog