9:00am • Welcome & Opening Remarks - James Morris
9:05am • Meaningful Bounds Checking in the Linux Kernel - Kees Cook, Google
9:50am • Improving Container Security with System Call Interception - Stephane Graber, Canonical Ltd. & Christian Brauner, Microsoft
11:05am • Hardening the Linux Guest for the Confidential Cloud Computing: Deep Dive and Results - Elena Reshetova, Intel
11:50am • Namespacing the Linux Integrity Measurement Architecture - Stefan Berger, IBM Corporation & Christian Brauner, Microsoft
2:00pm • How Can We Effectively Test Transient Execution Mitigations? - Russell Currey, IBM
2:30pm • Wide-Block Cipher Support and HCTR2 - Nathan Huckleberry, Google
3:30pm • Preparing for Zero-Day: Vulnerability Disclosure in Open Source Software - Christopher Robinson, Intel; Anne Bertucio, Google & Art Manion, Carnegie Mellon University Software Engineer Institute
4:30pm • In-Person Attendee BoF Session: To Be Announced
9:00am • Welcome Back & Remarks - James Morris
9:05am • Code Aware Services in the Service of Vulnerability Detection - Bartosz Zator, Samsung R&D Institute Poland
9:50am • Cascade - A New High Level SELinux Policy Language - Daniel Burgener, Microsoft
11:05am • PowerVM Platform Keystore - Securing Linux Credentials Locally - Nayna Jain, IBM
11:50am • IMA Policy Support for fs-verity: A Win-win for IMA & fs-verity - Mimi Zohar, IBM
2:00pm • Establishing Trust in Linux Keyrings - Is Trust Built-in, Imputed, or Transitive? - Elaine Palmer, IBM Research & George Wilson, IBM Linux Technology Center
2:35pm • Update on Landlock: Lifting the File Reparenting Limits and Supporting Network Rules - Mickaël Salaün, Microsoft
3:10pm • BPF LSM - Updates and What next? - KP Singh, Google
4:10pm • BoF Session: To Be Announced