The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Massimiliano Giovagnoli, Luca Guerra Oct 18, 2023

How we Sign and Verify Falco Plugins and Rules

Falco v0.36.0 and the Software Supply Chain (SSC) security The latest stable Falco release, v0.36.0, alongside falcoctl 0.6.1 and the 0.7.0 Helm chart introduced new features and improvements to the security of Falco's software supply chain …

Andrea Terzolo, Luca Guerra Oct 16, 2023

Introducing Falco 0.36.1

Today we announce the release of Falco 0.36.1 🦅! Fixes Falco's 0.36.1 release is a small patch aimed at protecting our uses by addressing a few minor bugs. It includes the following: Address a HIGH severity vulnerability in libcurl …

Nigel Douglas Oct 11, 2023

Linux Introspection - From BPF to Wireshark to Falco

Falco, an open source innovation, was conceived with the vision of crafting a flexible and robust rules engine atop the Sysdig libraries. This initiative aimed to furnish a potent tool for the detection of aberrant behaviors and intrusions …

Falco

Anshu Bansal, Rakshit Awasthi, Ashutosh Venkatrao More Oct 6, 2023

Tracing System Calls Using eBPF - Part 2

Introduction In Tracing System Calls Using eBPF Part 1, we lay the groundwork, introducing you to the fundamentals of eBPF and its predecessor, BPF (Berkeley Packet Filter). We delve into the evolution of this technology, its safety, …

Luca Guerra, Andrea Terzolo, Rohith Raju Sep 26, 2023

Falco 0.36.0

Dear Falco Community, today we are happy to announce the release of Falco 0.36.0! This releases comes as usual with many new features and improvements. Thanks to everyone that worked on all the features, bugfixes and improvements! To read a …

Federico Di Pierro, Aldo Lacuku Sep 21, 2023

Introducing a framework for regression testing against Linux kernels

There are a few foundational technologies that empower the Cloud Native ecosystem. Containers is one. And one of the basis for containerization is the Linux Kernel itself. With Falco, we are developing a runtime security tool that hooks …

Thomas Labarussias Sep 14, 2023

Falcosidekick-UI 2.2.0

Not so long ago, we proudly released a new fantastic release of falcosidekick, it's time for its little brother, falcosidekick-ui to know the same, with the version v2.2.0. Let's take a tour to introduce the most important cool new features …

Anshu Bansal, Rakshit Awasthi, Ashutosh Venkatrao More Sep 11, 2023

Tracing System Calls Using eBPF - Part 1

Introduction: In this article, we will delve into the details of eBPF (extended Berkeley Packet Filter) and explore its significance in tracing system calls. This particular blog will be in two parts; in the first blog, we will discuss …

The Falco Maintainers Aug 23, 2023

In memory of Kris Nóva

Along with many in the community, we were sad to hear the news of Kris Nóva's passing last week. Nóva was a foundational contributor to Falco. She joined the Falco community when Falco was still a CNCF sandbox project. She made many …

Batuhan Apaydın Aug 11, 2023

GitLab Container Registry now supports Falcoctl OCI Artifacts

Today, we'd like to share with the Falco community the latest contribution we (w/Emin Aktas) made to GitLab Container Registry. We noticed that GitLab Container Registry didn't support Falcoctl OCI Artifact mediaTypes while we were pushing …