RSS

You are viewing documentation for Falco version: v0.30.0

Falco v0.30.0 documentation is no longer actively maintained. The version you are currently viewing is a static snapshot. For up-to-date documentation, see the latest version.

Posts in 2022

  • Monitoring new syscalls with Falco

    Monday, January 17, 2022 in The Falco blog

    Falco is currently the de facto standard for runtime threat detection in Kubernetes environments. The project is growing at a very fast pace, and so is its open source community. The role of Falco is to collect all the system events of a cluster and …

    Read more

Posts in 2021

  • Security Analytics with SysFlow

    Tuesday, December 21, 2021 in The Falco blog

    Hello, fellow Falcoers! This blog introduces you to a new open system telemetry format and project called SysFlow. The project has deep ties to Falco, the de facto CNCF cloud-native runtime security project. Falco is exceptional at detecting …

    Read more

  • Package Hunter: Detect software supply chain attacks using Falco

    Thursday, December 09, 2021 in The Falco blog

    GitLab covers the entire software development lifecycle in a single application: From managing, coding, deploying and securing, without forgetting collaboration. However, achieving velocity with confidence, security without sacrifice, and visibility …

    Read more

  • Falco Plugins Early Access

    Tuesday, October 12, 2021 in The Falco blog

    One of the upcoming features in Falco that we're really excited about is the ability to extend Falco's functionality by using plugins. We'll be demoing this capability during Kubecon North America 2021. Specifically, we'll be showing the support for …

    Read more

  • Falco 0.30.0

    Friday, October 01, 2021 in The Falco blog

    Today we announce the fall release of Falco 0.30.0 🌱 This version includes new features, important fixes, and an exciting proposal for a libs plugin system! Novelties 🆕 Let's review some of the highlights of the new release. New features and fixes …

    Read more

  • Kubernetes Response Engine, Part 9: Falcosidekick + Fission

    Wednesday, September 01, 2021 in The Falco blog

    This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 …

    Read more

  • Kubernetes Response Engine, Part 8: Falcosidekick + Flux v2

    Tuesday, August 31, 2021 in The Falco blog

    This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 …

    Read more

  • Detect Malicious Behaviour on Kubernetes API Server through gathering Audit Logs by using FluentBit - Part 2

    Thursday, July 22, 2021 in The Falco blog

    Introduction In the previous blog post, we had talked about the Audit Logs in more detail, this post is a continuation of the previous blog post, so I suggest you take a look at the previous blog post before continuing reading. The only difference in …

    Read more

  • Kubernetes Response Engine, Part 7: Falcosidekick + Cloud Functions

    Tuesday, June 29, 2021 in The Falco blog

    This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 …

    Read more

  • Kubernetes Response Engine, Part 6: Falcosidekick + Cloud Run

    Friday, June 25, 2021 in The Falco blog

    This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 …

    Read more