The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Loris Degioanni Feb 9, 2022

Announcing Plugins and Cloud Security with Falco

The just released Falco v0.31.0 is the result of several months of hard work and includes many exciting new features. One of them, however, is particularly strategic for Falco as a project: the general availability of the plugins framework. …

Jason Dellaluce, Leonardo Grasso Jan 31, 2022

Falco 0.31.0 a.k.a. "the Gyrfalcon"

Today we announce the release of Falco 0.31.0, a.k.a the Gyrfalcon 🦅! Gyrfalcons are the largest of the falcon species, just like this version of Falco has the biggest changelog ever released. To give you some metrics, since the last …

Jason Dellaluce, Federico Di Pierro Jan 17, 2022

Monitoring new syscalls with Falco

Falco is currently the de facto standard for runtime threat detection in Kubernetes environments. The project is growing at a very fast pace, and so is its open source community. The role of Falco is to collect all the system events of a …

Frederico Araujo & Teryl Taylor, IBM Research Dec 21, 2021

Security Analytics with SysFlow

Hello, fellow Falcoers! This blog introduces you to a new open system telemetry format and project called SysFlow. The project has deep ties to Falco, the de facto CNCF cloud-native runtime security project. Falco is exceptional at …

Featured Image for Discover how GitLab uses Falco to detect abnormal behaviour in code dependencies

Nate Magee, Vicente J. Jiménez Miras Dec 9, 2021

Package Hunter: Detect software supply chain attacks using Falco

GitLab covers the entire software development lifecycle in a single application: From managing, coding, deploying and securing, without forgetting collaboration. However, achieving velocity with confidence, security without sacrifice, and …

Mark Stemm Oct 12, 2021

Falco Plugins Early Access

One of the upcoming features in Falco that we're really excited about is the ability to extend Falco's functionality by using plugins. We'll be demoing this capability during Kubecon North America 2021. Specifically, we'll be showing the …

Frederico Araujo Oct 1, 2021

Falco 0.30.0

Today we announce the fall release of Falco 0.30.0 🌱 This version includes new features, important fixes, and an exciting proposal for a libs plugin system! Novelties 🆕 Let's review some of the highlights of the new release. New features …

Gaurav Gahlot Sep 1, 2021

Kubernetes Response Engine, Part 9: Falcosidekick + Fission

This blog post is part of a series of articles about how to create a Kubernetes response engine with Falco, Falcosidekick and a FaaS. See other posts: Kubernetes Response Engine, Part 1 : Falcosidekick + Kubeless Kubernetes Response …

Batuhan Apaydın Aug 31, 2021

Kubernetes Response Engine, Part 8: Falcosidekick + Flux v2

Batuhan Apaydın Jul 22, 2021

Detect Malicious Behaviour on Kubernetes API Server through gathering Audit Logs by using FluentBit - Part 2

Introduction In the previous blog post, we had talked about the Audit Logs in more detail, this post is a continuation of the previous blog post, so I suggest you take a look at the previous blog post before continuing reading. The only …