The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Igor Eulalio and Edson Celio Mar 19, 2025

Detecting Supply Chain Attacks with Falco Actions

The recently discovered CVE for the GitHub action tj-actions/changed-files brought to light a topic that is really critical for companies: supply chain attacks. With that, we want to discuss and show a bit about how Falco can help your …

Aurélie Vache Mar 13, 2025

Detecting Threats in OVHcloud MKS Audit Logs with Falco

Detecting threats in a Kubernetes cluster can be challenging, we generally don't know where and how to start. The good news is that we have an amount of valuable logs that can help us to know what is happened in the cluster. Indeed, each …

Igor Eulalio Mar 9, 2025

Falco plugin for collecting AKS audit logs

Troubleshooting Kubernetes events is challenging due to the multitude of data sources involved: container logs, Kubernetes events, cloud logs, and more. Among these sources, Kubernetes audit logs are especially valuable for identifying …

Thomas Labarussias Feb 11, 2025

Falco Talon v0.3.0

Today, we announce the release of Falco Talon 0.3.0 🦅! Three updates in a row, after Falco and Falcosidekick, it's time for Falco Talon to know a new version. What's new? The key feature this release brings is the new actionner …

Release

Thomas Labarussias Feb 4, 2025

Falcosidekick 2.31.0

The year 2025 is well started now. We saw a few days ago the first release of Falco for the year. It's to let fly out a new version of Falcosidekick, the 2.31.0. New output This release comes with a new output only, the last pillar of the …

Aldo Lacuku, Federico Di Pierro Jan 28, 2025

Introducing Falco 0.40.0

Dear Falco Community, today we are happy to announce the release of Falco 0.40.0! This version brings several new features, performance improvements, and bug fixes that streamline Falco’s detection capabilities. During this release cycle, …

Thomas Labarussias Dec 4, 2024

Falcosidekick 2.30.0

A few days after a new release of Falco Talon, our response engine, it's time for our favorite proxy forwarder to do the same. New outputs A new release means new integrations. Thanks to our contributors for their helps. Webex Notify your …

Igor Eulalio Nov 27, 2024

Falco Talon v0.2.0

Today we announce the release of Falco Talon 0.2.0 🦅! Falco Talon 0.2.0 is a minor release that includes new actionners and outputs, add parameters to existing actionners, along one small fix on the check and print commands. Features Add …

Release

Federico Di Pierro Nov 21, 2024

Introducing Falco 0.39.2

Today we announce the release of Falco 0.39.2 🦅! Fixes Falco's 0.39.2 is a small patch release that includes some important bugfixes for modern eBPF driver: check cred field is not NULL before the access; this enables Falco back with modern …

Aldo Lacuku Oct 14, 2024

How to Deploy Falco with k8s-metacollector + k8smeta Plugin

In today's cloud-native world, securing Kubernetes environments has become increasingly critical as containerized workloads gain complexity. Falco is designed to monitor and detect anomalous activities in Kubernetes clusters and container …