Explore the evolution and latest advancements in Falco, the cloud-native runtime security project and de facto Kubernetes threat detection engine. Dive into the practical overview of Falco's history, recent feature updates, and ecosystem developments presented by core maintainers Leonardo Grasso and Jason Dellaluce. Discover the game-changing plugin system that transforms Falco into an all-in-one cloud security tool. Learn about Falco's inner workings, new release cadence, security rules, and renovations to libs and drivers. Gain insights into the plugin system's event sourcing and field extraction capabilities, as well as the simplified Plugin SDK Go. Explore the growing collection of community-developed plugins and find out how to join the Falco community.
Falco to Pluginfinity and Beyond - Cloud-Native Runtime Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Thank you to our session recording sponsor!
In this talk
How does Falco work?
Falco's Journey
New Release Cadence
New Security Rules
Libs and Drivers: Renovations 2
Libs and Drivers: Security
The New Plugin System
Plugins: event sourcing capability
Plugins: field extraction capability
Plugin SDK Go: Keep it Simple
Lots of plugins in the community
Join the community
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Extend Falco with Plugins - Trigger Alerts with Any Stream of Events
-
Introduction to Falco - Cloud-Native Runtime Security
-
Getting Started with Container Runtime Security Using Falco
-
The Falco Playground - WebAssembly and Runtime Security
-
Falco: Cloud-Native Runtime Security for Kubernetes - Recent Developments and Roadmap
