Dive into the world of cloud-native runtime security with this comprehensive video on Falco, the open-source project and de facto Kubernetes threat detection engine. Learn about Falco's origins, its role in the CNCF, and how it detects unexpected application behavior and alerts on threats at runtime. Explore Linux requirements, installation processes, and default rules. Gain hands-on experience by triggering Falco alerts, sending Kubernetes events to a web-hook receiver, and integrating Kubernetes Auditing. Discover the Falco Evolution repository and the concept of userspace Falco with pdig. Throughout the video, engage with practical demonstrations, including storing "secrets" in ConfigMaps and breaking Falco rules intentionally. Perfect for those looking to enhance their cloud security knowledge and implement robust threat detection in Kubernetes environments.
Introduction to Falco - Cloud-Native Runtime Security
Overview
Syllabus
- Holding screen
- Introductions
- What is Falco?
- Linux requirements for Falco
- Installing Falco
- Making Falco angry Breaking a Falco rule
- Falco default rules
- Manually sending Kubernetes events to Falco web-hook receiver
- Adding Kubernetes Auditing to Falco
- Triggering Falco from Kubernetes Storing "secret" in a ConfigMap
- What is Falco Evolution repository?
- Falco pdig Userspace Falco
- Question: Is there a GUI?
Taught by
Rawkode Academy
Related Courses
-
Falco to Pluginfinity and Beyond - Cloud-Native Runtime Security
-
Introduction to Falco - Container Runtime Security
-
Falco: Cloud-Native Runtime Security for Kubernetes - Recent Developments and Roadmap
-
The Falco Playground - WebAssembly and Runtime Security
-
Runtime Kubernetes Security: Threat Detection with Falcosidekick
-
Cloud-native security operations with Microsoft Sentinel
