Community Brand & Identity Guidelines
Falco is an open source security project whose brand and identity are governed by the Cloud Native Computing Foundation.
Wherever possible, the horizontal teal logo is the preferred logo to use. If you need all the logos, download the logo pac.
Project Font & Typestyle
Falco prefers Ubuntu font. When you reference us, please capitalize the first letter of our name, just as you would your own.
Falco, The Falco Project
falco, the falco project, the Falco project
RGB 0 174 199
RGB 83 86 90
RGB 0 0 0
RGB 255 255 255
Project Slide Templates
Want to speak about Falco at a meetup or conference? Make it easier by using these templates and/or scripted slides. You can even watch this video as a training tool.
Falco was created as a cloud native runtime security project by Sysdig. The project was contributed to the CNCF in October 2018. Falco is a CNCF incubating project with more than 170 individual contributors around the world.
Cloud Native Runtime Security
Falco is a cloud-native runtime security tool to detect threats and provide alerts in real-time. It employs custom rules on kernel events, which are enriched with container and Kubernetes metadata.
Falco is a cloud-native runtime security tool that lets you detect threats and provide alerts in real-time. It uses custom rules on kernel events, which are enriched with container and Kubernetes metadata. Visibility is a significant challenge: with Falco, you can see abnormal behavior, potential security threats, and compliance violations, contributing to comprehensive runtime security.
Falco is a cloud-native runtime security tool to detect threats and provide alerts in real-time. Acting like a security camera, Falco can monitor the cloud-native environment, employing custom rules on kernel events, which are enriched with container and Kubernetes metadata. This allows users to see abnormal behavior, potential security threats, and compliance violations, contributing to comprehensive runtime security. Falco uses state-of-the-art eBPF technology to deliver deep visibility, but is also lightweight, efficient, and scalable, making it ideal to use in both development and production. Falco is supported by a global multi-vendor ecosystem, and is hosted by the CNCF, home of the Kubernetes project.
Project Encouraged Phrasing
The phrases below are effective ways of messaging Falco's value add. Use them when writing or speaking publicly about Falco. You can also reference language in the About Falco section.
Falco is a popular open source tool for runtime threat detection
This statement refers to Falco as a CNCF incubating project with widespread adoption and broad community leadership.
Falco is a rules engine that powers runtime security
This term refers to the concept that Falco is a stateless processing engine. A large amount of data comes into the engine, but meticulously crafted security alerts come out. It reasons about signals coming from a system at runtime, and can alert if a threat is detected.
Falco provides real time threat detection
Falco provides streaming detection of unexpected behavior, configuration changes, and attacks. With this streaming approach, Falco enables real-time response while minimizing storage costs and complexity.
Falco delivers detection tooling and alerts
Falco does not prevent unwanted behavior, rather it alerts when unusual behavior, config changes, intrusions and data theft occurs. This is commonly referred to as detection or forensics.