The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Mike Coleman Nov 20, 2023

Adding runtime threat detection to Google Kubernetes Engine with Falco

One of the big advantages of running your workloads on a managed Kubernetes service like Google Kubernetes Engine (GKE) is that Google ensures your clusters are being deployed and managed following industry best practices. While GKE …

Falco

Aldo Lacuku, Andrea Terzolo, Federico Di Pierro Nov 17, 2023

Falco Weekly 46 - 2023

This is the first of a series of weekly blog post whose aim is to give a quick overview about the development of Falco and its related projects. What happened in Falco this week? Let's go through the major changes that happened in various …

Falco

Pablo Musa Nov 6, 2023

Introducing the new Falco training course, by CNCF, Linux Foundation, and Sysdig

Detecting Cloud Runtime Threats with Falco (LFS254) is the new Falco training course created by CNCF, Linux Foundation, and Sysdig. We're very excited about this new immersive course designed to enhance your expertise in securing …

Falco

Federico Di Pierro Oct 27, 2023

Introducing Falco 0.36.2

Today we announce the release of Falco 0.36.2 🦅! Fixes Falco's 0.36.2 release is a small patch addressing a few bugs. It includes the following: Fixed a possible segfault caused by uninitialized variable in libsinsp::next() method call. …

Mike Coleman Oct 24, 2023

Integrate Runtime Security into Your Environment with Falcosidekick

If you’re looking to integrate runtime security into your existing environment, Falco is an obvious choice. Falco is a Cloud Native Computing Foundation backed open source project that provides real-time threat detection for cloud, …

Massimiliano Giovagnoli, Luca Guerra Oct 18, 2023

How we Sign and Verify Falco Plugins and Rules

Falco v0.36.0 and the Software Supply Chain (SSC) security The latest stable Falco release, v0.36.0, alongside falcoctl 0.6.1 and the 0.7.0 Helm chart introduced new features and improvements to the security of Falco's software supply chain …

Andrea Terzolo, Luca Guerra Oct 16, 2023

Introducing Falco 0.36.1

Today we announce the release of Falco 0.36.1 🦅! Fixes Falco's 0.36.1 release is a small patch aimed at protecting our uses by addressing a few minor bugs. It includes the following: Address a HIGH severity vulnerability in libcurl …

Nigel Douglas Oct 11, 2023

Linux Introspection - From BPF to Wireshark to Falco

Falco, an open source innovation, was conceived with the vision of crafting a flexible and robust rules engine atop the Sysdig libraries. This initiative aimed to furnish a potent tool for the detection of aberrant behaviors and intrusions …

Falco

Anshu Bansal, Rakshit Awasthi, Ashutosh Venkatrao More Oct 6, 2023

Tracing System Calls Using eBPF - Part 2

Introduction In Tracing System Calls Using eBPF Part 1, we lay the groundwork, introducing you to the fundamentals of eBPF and its predecessor, BPF (Berkeley Packet Filter). We delve into the evolution of this technology, its safety, …

Luca Guerra, Andrea Terzolo, Rohith Raju Sep 26, 2023

Falco 0.36.0

Dear Falco Community, today we are happy to announce the release of Falco 0.36.0! This releases comes as usual with many new features and improvements. Thanks to everyone that worked on all the features, bugfixes and improvements! To read a …