Explore a comprehensive deep dive into Falco, presented by Jorge Salamero Sanz from Sysdig in this 38-minute conference talk. Gain insights into extending Falco's capabilities to ingest events beyond host system calls, including Kubernetes audit events and application-level events. Learn how to create Falco rules for detecting behaviors in new event streams and understand the implementation of Kubernetes audit events in Falco. Discover the process of configuring event streams and creating additional ones using Falco's generic implementation. Acquire a deep understanding of Falco's architecture and learn how to customize it for various event sources, enhancing your ability to detect abnormal activity and potential security incidents in Cloud Native architectures.
Overview
Syllabus
Deep Dive: Falco - Jorge Salamero Sanz, Sysdig
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Detecting Anomalous Behavior in Containerized Environments with Sysdig Falco
-
Deep Dive - Runtime Security With Falco in Userspace
-
Security Kill Chain Stages in a 100k+ Daily Container Environment with Falco
-
Extend Falco with Plugins - Trigger Alerts with Any Stream of Events
-
Falco to Pluginfinity and Beyond - Cloud-Native Runtime Security
