Explore a comprehensive deep dive into Falco, presented by Jorge Salamero Sanz from Sysdig in this 38-minute conference talk. Gain insights into extending Falco's capabilities to ingest events beyond host system calls, including Kubernetes audit events and application-level events. Learn how to create Falco rules for detecting behaviors in new event streams and understand the implementation of Kubernetes audit events in Falco. Discover the process of configuring event streams and creating additional ones using Falco's generic implementation. Acquire a deep understanding of Falco's architecture and learn how to customize it for various event sources, enhancing your ability to detect abnormal activity and potential security incidents in Cloud Native architectures.
Overview
Syllabus
Deep Dive: Falco - Jorge Salamero Sanz, Sysdig
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Deep Dive into Falco - Empowering DevSecOps with Real-time Container Security
-
Detecting Anomalous Behavior in Containerized Environments with Sysdig Falco
-
Introduction to Falco - Container Runtime Security
-
Deep Dive - Runtime Security With Falco in Userspace
-
Security Kill Chain Stages in a 100k+ Daily Container Environment with Falco
-
Introduction to Falco - Cloud-Native Runtime Security
