Spyderbat Cloud Detection and Response (CDR)

Spyderbat Cloud Detection and Response (CDR) is a cloud security platform that uses eBPF (extended Berkeley Packet Filter) technology to monitor and protect cloud workloads. The platform deploys lightweight eBPF Nano Agents that capture runtime data plane activity including process details, network connections, file access, and control plane context such as Kubernetes and cloud platform API calls. The platform constructs a Behavioral Context Web that assembles eBPF data into a temporal map based on causal relationships, enabling visibility into both real-time and historical activity. This architecture provides insight into how control plane and data plane runtime behaviors intersect across Kubernetes, containers, and virtual machines. Spyderbat offers runtime anomaly detection by protecting known-good application behavior and identifying deviations without relying on machine learning algorithms. The platform can automatically create policies from observed behavior rather than requiring manual configuration. For intrusion prevention, it identifies and stops rogue processes, connections, or activities including supply-chain attacks, compromised credentials, ransomware, and cryptojacking. The platform includes a Context Input API for integrating with existing data sources such as CI tools, cloud platforms, code scanners, and monitoring systems. An Alert and Action API enables programmatic integration with downstream systems including SIEM, SOAR, and ticketing platforms. Automated response capabilities allow actions such as killing parent processes or restarting pods directly at the workload level.