Introducing the new Falco training course, by CNCF, Linux Foundation, and Sysdig

Detecting Cloud Runtime Threats with Falco (LFS254) is the new Falco training course created by CNCF, Linux Foundation, and Sysdig. We're very excited about this new immersive course designed to enhance your expertise in securing …

Introducing Falco 0.36.2

Today we announce the release of Falco 0.36.2 🦅! Fixes Falco's 0.36.2 release is a small patch addressing a few bugs. It includes the following: Fixed a possible segfault caused by uninitialized variable in libsinsp::next() method call. …

Integrate Runtime Security into Your Environment with Falcosidekick

If you’re looking to integrate runtime security into your existing environment, Falco is an obvious choice. Falco is a Cloud Native Computing Foundation backed open source project that provides real-time threat detection for cloud, …

How we Sign and Verify Falco Plugins and Rules

Falco v0.36.0 and the Software Supply Chain (SSC) security The latest stable Falco release, v0.36.0, alongside falcoctl 0.6.1 and the 0.7.0 Helm chart introduced new features and improvements to the security of Falco's software supply chain …

Introducing Falco 0.36.1

Today we announce the release of Falco 0.36.1 🦅! Fixes Falco's 0.36.1 release is a small patch aimed at protecting our uses by addressing a few minor bugs. It includes the following: Address a HIGH severity vulnerability in libcurl …

Linux Introspection - From BPF to Wireshark to Falco

Falco, an open source innovation, was conceived with the vision of crafting a flexible and robust rules engine atop the Sysdig libraries. This initiative aimed to furnish a potent tool for the detection of aberrant behaviors and intrusions …

Tracing System Calls Using eBPF - Part 2

Introduction In Tracing System Calls Using eBPF Part 1, we lay the groundwork, introducing you to the fundamentals of eBPF and its predecessor, BPF (Berkeley Packet Filter). We delve into the evolution of this technology, its safety, …

Falco 0.36.0

Dear Falco Community, today we are happy to announce the release of Falco 0.36.0! This releases comes as usual with many new features and improvements. Thanks to everyone that worked on all the features, bugfixes and improvements! To read a …

Introducing a framework for regression testing against Linux kernels

There are a few foundational technologies that empower the Cloud Native ecosystem. Containers is one. And one of the basis for containerization is the Linux Kernel itself. With Falco, we are developing a runtime security tool that hooks …