How eBPF-Based Egress Monitoring Would Have Caught the Shai-Hulud npm Worm in Real-Time

Supply Chain Security

How eBPF-Based Egress Monitoring Would Have Caught the Shai-Hulud npm Worm in Real-Time

September 2025 marked a watershed moment for supply chain security when the Shai-Hulud worm became the first self-replicating malware to propagate through the npm ecosystem. This post examines how Qpoint's eBPF-based data-in-motion security would have detected this attack at the moment of compromise.
Devin Bernosky
Devin Bernosky
September 26, 2025
The Encryption Paradox

The Encryption Paradox

Every security incident post-mortem reveals the same pattern: the evidence was there in the network traffic all along. The warning signs existed, but they were hidden beneath layers of encryption and distributed across dozens of services.

Devin Bernosky
Devin Bernosky
September 9, 2025
Why Running Qtap in Production is Safe - A Deep Dive into eBPF and Privilege Boundaries

Why Running Qtap in Production is Safe - A Deep Dive into eBPF and Privilege Boundaries

Let's address the elephant in the room. After recent high-profile kernel agent failures that took down millions of systems worldwide, your security and operations teams are rightfully cautious about anything that touches the kernel. When we tell you that Qtap needs elevated privileges and deploys eBPF programs into kernel space, we understand the skepticism.

Jon Friesen
Jon Friesen
September 5, 2025
The eBPF Verifier - How Linux Safely Runs User Code in Kernel Space

The eBPF Verifier - How Linux Safely Runs User Code in Kernel Space

Understanding how the Linux kernel can safely run user-supplied programs without risking system stability through eBPF's mathematical verification system.

Jon Friesen
Jon Friesen
September 2, 2025

The M&A Due Diligence Black Box: Why Technical DD Takes Weeks (And How to Get It Done in Days)

Devin Bernosky
October 28, 2025

The Impossible Proxy - An Egress Journey

Devin Bernosky
September 2, 2025

Security Observability for the Encrypted Cloud

Tyler Flint
April 29, 2025

A Story About Missing Context

Devin Bernosky
April 15, 2025

Qpoint Achieves SOC 2 Type II Compliance

Jon Friesen
March 18, 2025

The Truth is on the Wire

Rob Genova
February 4, 2025

New Year, New User Experience!

Tyler Flint
January 9, 2025

The Hidden Risks of Third-Party API Dependencies

Rob Genova
December 16, 2024

Uncovering the Hidden Footprint of Your Third-Party API Integrations

Devin Bernosky
December 3, 2024

Turning Blind Spots Into Visibility and Insights for SRE Teams

Rob Genova
November 14, 2024

Qpoint Closes Pre-Seed Funding and Launches eBPF-based Monitoring and Control for External APIs and Services

Tyler Flint
October 22, 2024

What is eBPF?

Rob Genova
October 1, 2024