Explore the powerful capabilities of Falco, an incubation project under the Cloud Native Computing Foundation (CNCF), by detecting threats in-line with the MITRE ATT&CK framework. Falco’s unique and robust system call architecture allows for real-time identification of Tactics,…

Cloud Native Computing Foundation and Linux Foundation Training and Certification have announced the launch of Detecting Cloud Runtime Threats with Falco (LFS254) to arm IT professionals, security analysts and DevOps engineers with the expertise to fortify cloud native…

You’ve just been alerted about a new exploit, but you’re unsure how to know if your organization is exposed. Where can you turn for help? This is where Falco comes in. Falco is a CNCF project that provides…

Addressing community challenges and feedback is a big part of working on open source projects. In response to our recent community survey, the 0.35 release delivers improved performance, new metrics, image signing, and other great goodies. Join core…

Despite working for different areas, Prometheus – an open source event monitoring and alerting tool – and Falco – an open source runtime threat detection tool – complement each other to build a reliable monitoring and security tool…

If you’ve been in the cloud native community, chances are you’ve heard the term ‘ctl’ (pronounced cuttle or c-t-l). Just as Kubectl allows you to run commands against Kubernetes clusters, Falcoctl is a command line tool and daemon…

gVisor is an application kernel that provides an additional layer of isolation between running applications and the host operating system. This extra layer greatly improves the security of workloads, but can impede container visibility. Discover how Falco integrates…

Project post originally published on the Falco blog by Luca Guerra, Lorenzo Susini, Vicente J. Jiménez Miras In version 0.32.1, Falco first introduced support for gVisor. So, what is it and how can we use it? gVisor, quoting the official documentation, is…