The Falco Project


Cloud-Native runtime security

Access


Deep kernel tracing built on the Linux kernel, eBPF, and ptrace. Enrich kernel events with Kubernetes and container metainformation. See everything.

Assert


Describe security rules against your system. Protect against unknown or unwanted behavior. Detect 0 day vulnerabilities, CVEs, anomalies, and threats.

Action


Take action during an security violation. Build powerful response applications on the Falco APIs in the case of malicious behaviour.

Develop

Star Watch Fork

Build secure applications with Falco at the core.

Use Falco with Kubernetes, Linux, and Serveless applications.

Install

Set up Falco to begin development

  1. On Linux
  2. In Kubernetes
  3. Container Images
  4. Integrations
  5. Build

    Falco leverages gRPC and supports several SDKs to build with Falco

    1. Go
    2. Rust
    3. C++
    4. Python
    5. Configure

      Falco leverages gRPC and supports several SDKs to build with Falco

      1. Configuration
      2. Rules
      3. Alerts
      4. Examples

      5. Falco Slack Channels

        Developer Mailing List

        Github Community

        The Falco Community is bound to The Linux Foundation privacy policy. When you communicate with us (via email, phone, through the Sites or otherwise), we may maintain a record of your communication.

        Originally Created By



        End-Users


        Vendors


        Integrations




        Falco is a Cloud Native Computing Foundation Incubating project