Blog
Do you have something to share? Contribute to Falco blog!
GitLab Container Registry now supports Falcoctl OCI Artifacts
Today, we'd like to share with the Falco community the latest contribution we (w/Emin Aktas) made to GitLab Container Registry. We noticed that GitLab Container Registry didn't support Falcoctl OCI Artifact mediaTypes while we were pushing …
Validating NIST Requirements with Falco
The NIST organization, a non-regulatory federal agency in the United States, plays a crucial role in establishing guidelines across various domains, including cybersecurity. In this article, we focus on NIST 800-171 compliance checks, which …
Crafting Falco Rules With MITRE ATT&CK
Introduction: The landscape of cybersecurity attacks has witnessed a notable rise in sophistication and complexity over the last decade, posing significant challenges to organizations in their efforts to identify and counter such threats …
Understanding PCI/DSS Controls with Falco
As organizations increasingly adopt cloud-native systems for sensitive data and operations, ensuring compliance with industry standards like the Payment Card Industry Data Security Standard (PCI DSS) becomes imperative. This standard is …
Adaptive Syscalls Selection in Falco
The release of Falco 0.35.0 is a significant milestone, introducing a groundbreaking feature: the ability to select which syscalls to monitor. This empowers users with granular control, optimizing system performance by reducing CPU load …
Defensive Capabilities for Container & Cloud Threats with Tidal
Recently, a significant compromise was discovered in a user environment, revealing a fascinating cloud operation called SCARLETEEL. This operation was responsible for the theft of valuable proprietary data. The attacker's strategy involved …
