Posts in 2021
Security Analytics with SysFlow
Tuesday, December 21, 2021 By Frederico Araujo & Teryl Taylor, IBM Research
Hello, fellow Falcoers! This blog introduces you to a new open system telemetry format and project called SysFlow. The project has deep ties to Falco, the de facto CNCF cloud-native runtime security project. Falco is exceptional at detecting …
Package Hunter: Detect software supply chain attacks using Falco
Thursday, December 09, 2021 By Nate Magee, Vicente J. Jiménez Miras
GitLab covers the entire software development lifecycle in a single application: From managing, coding, deploying and securing, without forgetting collaboration. However, achieving velocity with confidence, security without sacrifice, and visibility …
Falco Plugins Early Access
Tuesday, October 12, 2021 By Mark Stemm
One of the upcoming features in Falco that we're really excited about is the ability to extend Falco's functionality by using plugins. We'll be demoing this capability during Kubecon North America 2021. Specifically, we'll be showing the support for …
Falco 0.30.0
Friday, October 01, 2021 By Frederico Araujo
Today we announce the fall release of Falco 0.30.0 🌱 This version includes new features, important fixes, and an exciting proposal for a libs plugin system! Novelties 🆕 Let's review some of the highlights of the new release. New features and fixes …
Kubernetes Response Engine, Part 9: Falcosidekick + Fission
Wednesday, September 01, 2021 By Gaurav Gahlot
This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 : …
Kubernetes Response Engine, Part 8: Falcosidekick + Flux v2
Tuesday, August 31, 2021 By Batuhan Apaydın
This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 : …
Detect Malicious Behaviour on Kubernetes API Server through gathering Audit Logs by using FluentBit - Part 2
Thursday, July 22, 2021 By Batuhan Apaydın
Introduction In the previous blog post, we had talked about the Audit Logs in more detail, this post is a continuation of the previous blog post, so I suggest you take a look at the previous blog post before continuing reading. The only difference in …
Kubernetes Response Engine, Part 7: Falcosidekick + Cloud Functions
Tuesday, June 29, 2021 By Furkan Türkal
This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 : …
Kubernetes Response Engine, Part 6: Falcosidekick + Cloud Run
Friday, June 25, 2021 By Batuhan Apaydın
This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response Engine, Part 2 : …
Falco 0.29.0
Monday, June 21, 2021 By Massimiliano Giovagnoli
Today we announce the summer release of Falco 0.29.0 🌱 This version brings a lot of new features and fixes! Novelties 🆕 Let's now review some of the new things Falco 0.29.0 brings. New libraries repository! As per this proposal - and as many of you …