The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Luca Guerra Mar 11, 2022

Falco 0.31.1

Today we announce the release of Falco 0.31.1 🦅! Novelties 🆕 Let's review some of the highlights of the new release. New features This release allows you to use multiple --cri command-line options (#1893) to specify multiple CRI socket …

Thomas Labarussias Mar 2, 2022

Extend Falco inputs by creating a Plugin: Register the plugin

This post is is part of a series of articles about How to develop Falco plugins. It's addressed to anybody who would like to understand how plugins are written and want to contribute. See other articles: Extend Falco inputs by creating a …

Thomas Labarussias Feb 15, 2022

Extend Falco inputs by creating a Plugin: the basics

This post is is part of a series of articles about How to develop Falco plugins. It's adressed to anybody who would like to understand how plugins are written and want to contribute. See other articles: Extend Falco inputs by creating a …

Loris Degioanni Feb 9, 2022

Announcing Plugins and Cloud Security with Falco

The just released Falco v0.31.0 is the result of several months of hard work and includes many exciting new features. One of them, however, is particularly strategic for Falco as a project: the general availability of the plugins framework. …

Jason Dellaluce, Leonardo Grasso Jan 31, 2022

Falco 0.31.0 a.k.a. "the Gyrfalcon"

Today we announce the release of Falco 0.31.0, a.k.a the Gyrfalcon 🦅! Gyrfalcons are the largest of the falcon species, just like this version of Falco has the biggest changelog ever released. To give you some metrics, since the last …

Jason Dellaluce, Federico Di Pierro Jan 17, 2022

Monitoring new syscalls with Falco

Falco is currently the de facto standard for runtime threat detection in Kubernetes environments. The project is growing at a very fast pace, and so is its open source community. The role of Falco is to collect all the system events of a …

Frederico Araujo & Teryl Taylor, IBM Research Dec 21, 2021

Security Analytics with SysFlow

Hello, fellow Falcoers! This blog introduces you to a new open system telemetry format and project called SysFlow. The project has deep ties to Falco, the de facto CNCF cloud-native runtime security project. Falco is exceptional at …

Featured Image for Discover how GitLab uses Falco to detect abnormal behaviour in code dependencies

Nate Magee, Vicente J. Jiménez Miras Dec 9, 2021

Package Hunter: Detect software supply chain attacks using Falco

GitLab covers the entire software development lifecycle in a single application: From managing, coding, deploying and securing, without forgetting collaboration. However, achieving velocity with confidence, security without sacrifice, and …

Mark Stemm Oct 12, 2021

Falco Plugins Early Access

One of the upcoming features in Falco that we're really excited about is the ability to extend Falco's functionality by using plugins. We'll be demoing this capability during Kubecon North America 2021. Specifically, we'll be showing the …

Frederico Araujo Oct 1, 2021

Falco 0.30.0

Today we announce the fall release of Falco 0.30.0 🌱 This version includes new features, important fixes, and an exciting proposal for a libs plugin system! Novelties 🆕 Let's review some of the highlights of the new release. New features …