EPISODE · Feb 25, 2026 · 48 MIN
eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast
from Scale to Zero - No Security Questions Left Unanswered · host Scale To Zero
In this episode, we sit down with a veteran Security and Cloud Infra Leader to deconstruct the architecture of modern workload monitoring and the emerging risks of AI-driven connectivity. We dive deep into eBPF—the technology providing "invisible" observability—and the security implications of MCP (Model Context Protocol) servers in the enterprise.Whether you're an infra lead or a security engineer, this episode provides the technical depth to help you stay ahead of the curve.Also available on YouTube: https://youtu.be/iCfEJlgXFBU00:00 Teaser and Introduction04:12 Architectural differences between Agentless and Agent-based scanning07:50 Losing security signals in case of Agentless scanning09:23 Challenges of Agent-based scanning10:45 Vendor checklist for production release11:45 Noisy neighbour challenge and customer application14:52 Securing large agent-based vendor machines16:40 Use of eBPF for invisible workload monitoring19:17 Securing the eBPF21:00 Does eBPF solve the stability and performance risks?23:25 Security risks when LLMs use MCP servers27:16 Detect and Avoid MCP in an organizational environment32:32 Why use eBPF for security MCP?35:10 Using eBPF to run local servers in a secure way37:00 Can eBPF secure data leaks to AI models?41:19 Justifying stakeholders for using kernel-level security43:25 Evangelizing a security-first mindset44:50 Starting point for developer-led security using eBPF46:30 Learning recommendations47:10 Summary#eBPF #CloudSecurity #AISecurity #MCPServer #DevSecOps #AgentlessScanning #CloudInfrastructure #InfoSec #CybersecurityPodcast #LLMSecurity #KernelSecurity
What this episode covers
In this episode, we sit down with a veteran Security and Cloud Infra Leader to deconstruct the architecture of modern workload monitoring and the emerging risks of AI-driven connectivity. We dive deep into eBPF—the technology providing "invisible" observability—and the security implications of MCP (Model Context Protocol) servers in the enterprise.Whether you're an infra lead or a security engineer, this episode provides the technical depth to help you stay ahead of the curve.Also available on YouTube: https://youtu.be/iCfEJlgXFBU00:00 Teaser and Introduction04:12 Architectural differences between Agentless and Agent-based scanning07:50 Losing security signals in case of Agentless scanning09:23 Challenges of Agent-based scanning10:45 Vendor checklist for production release11:45 Noisy neighbour challenge and customer application14:52 Securing large agent-based vendor machines16:40 Use of eBPF for invisible workload monitoring19:17 Securing the eBPF21:00 Does eBPF solve the stability and performance risks?23:25 Security risks when LLMs use MCP servers27:16 Detect and Avoid MCP in an organizational environment32:32 Why use eBPF for security MCP?35:10 Using eBPF to run local servers in a secure way37:00 Can eBPF secure data leaks to AI models?41:19 Justifying stakeholders for using kernel-level security43:25 Evangelizing a security-first mindset44:50 Starting point for developer-led security using eBPF46:30 Learning recommendations47:10 Summary#eBPF #CloudSecurity #AISecurity #MCPServer #DevSecOps #AgentlessScanning #CloudInfrastructure #InfoSec #CybersecurityPodcast #LLMSecurity #KernelSecurity
NOW PLAYING
eBPF, MCP Servers, and the Kernel-Level Future of AI Security | ft. Ammar Ekbote | Ep. 105 | ScaleToZero Podcast
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m