Falco, the cloud-native runtime security project, is the de facto Kubernetes threat detection engine
Detects threats at runtime by observing the behavior of your applications and containers.
Extends threat detection across cloud environments with Falco Plugins.
Falco is the first runtime security project to join CNCF as an incubation-level project. Falco acts as a security camera detecting unexpected behavior, intrusions, and data theft in real time.
Strengthen container security
The flexible rules engine allows you to describe any type of host or container behavior or activity.
Reduce risk via immediate alerts
You can immediately respond to policy violation alerts and integrate Falco within your response workflows.
Leverage most current detection rules
Falco out-of-the box rules alert on malicious activity and CVE exploits.
We are a CNCF incubated Project