Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Security Kill Chain Stages in a 100k+ Daily Container Environment with Falco

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore a comprehensive conference talk on implementing security measures in a large-scale container environment using Falco. Dive into the Security Kill Chain stages and learn how to monitor and identify anomalous system calls and abnormal Kubernetes API events in a cloud infrastructure hosting over 100,000 daily MATLAB containers. Gain insights into Falco integration, including eBPF, and discover how to write and test Falco rules for enhanced security observability. Follow a detailed walkthrough of the event pipeline and understand how Falco detects activities related to various stages of the attack lifecycle, from reconnaissance to actions on objectives. Learn practical strategies for improving your system's security posture and leave equipped with knowledge to implement robust security measures in your own cloud-native environments.

Syllabus

Introduction
Our Cluster Architecture
Securing Our Cluster
No System is Perfectly Secured
Here Comes 2020
How Do We Trace Back?
Why Falco?
Our Falco Strategy
System Analysis
Security Kill Chain with Falco
Rule Example
Falco Rules Testing (Demo)
Our Approach To Use Falco
Using Falco Alerts
Security Observability

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Security Kill Chain Stages in a 100k+ Daily Container Environment with Falco

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.