RSS

Posts in 2021

  • Falcosidekick 2020

    Tuesday, January 12, 2021 in The Falco blog

    This fantastic post from @leodido about how has been the previous year 2020 for falco inspired me (link) I wanted to bring everyone up to speed on what we built for falcosidekick in 2020 Aside a lot of improvments and bug fixes, 8 new outputs have …

    Read more

  • An Introduction to Kubernetes Security using Falco

    Thursday, January 07, 2021 in The Falco blog

    Let’s talk about Kubernetes security As Kubernetes continues to grow in adoption, it is important for us to know how to secure it. In a dynamic infrastructure platform such as Kubernetes, detecting and addressing threats is important but also …

    Read more

  • Falco on WSL2 with a custom kernel

    Tuesday, January 05, 2021 in The Falco blog

    Falco on WSL2 You love Falco, just read the awesome blog Falco in 2020 - The Falco Project, and want to be part of this growing and wonderful community. "But" you are on Windows 10 and wonder how to run it? Well, the wait is over! Follow …

    Read more

  • Falco in 2020

    Sunday, January 03, 2021 in The Falco blog

    The scope of this post is to review the progress of Falco and its community during the pandemic year. A year will never forget. I will try to keep it compact, but Falco, and its community, grown so much this year that I feel like this could be a blog …

    Read more

Posts in 2020

  • Security boundaries with Kubernetes and systemd

    Thursday, December 10, 2020 in The Falco blog

    A familiar scenario Imagine installing a security tool that requires privileged access using the Kubernetes API. Now imagine our cluster is compromised. As an attacker, the first thing I would do would be to ensure that whatever security tool you …

    Read more

  • Falco 0.26.2 a.k.a. "the download.falco.org release"

    Tuesday, November 10, 2020 in The Falco blog

    Today we announce the release of Falco 0.26.2 🥳 This one is a hotfix release for the Falco 0.26.1 released on October 1st. You can take a look at the set of changes here: 0.26.2 As usual, in case you just want to try out the stable Falco 0.26.2, …

    Read more

  • Falco 0.26.1 a.k.a. "the static release"

    Thursday, October 01, 2020 in The Falco blog

    Today we announce the release of Falco 0.26.1 🥳 This one is a hotfix release for the Falco 0.26.0 released last week! You can take a look at the set of changes here: 0.26.1 0.26.0 As usual, in case you just want to try out the stable Falco 0.26.1, …

    Read more

  • Choosing a Falco driver

    Wednesday, September 23, 2020 in The Falco blog

    Falco works by taking Linux system call information at runtime, and rebuilding the state of the kernel in memory. The Falco engine depends on a driver in order to consume the raw stream of system call information. Currently the Falco project supports …

    Read more

  • Falco 0.25.0 a.k.a. "the summer release"

    Tuesday, August 25, 2020 in The Falco blog

    Today we announce the release of Falco 0.25 🥳 This one is a small release but a very important one!! You can take a look at the set of changes here: 0.25.0 In case you just want to try out the stable Falco 0.25, you can install its packages …

    Read more

  • Falco 0.24.0 a.k.a. "the huge release"

    Thursday, July 16, 2020 in The Falco blog

    After two long months, look who's back! Today we announce the release of Falco 0.24 🥳 You can take a look at the huge set of changes here: 0.24.0 In case you just want to try out the stable Falco 0.24, you can install its packages following the …

    Read more