The Falco blog | Falco
The Falco blog| Falco
Detecting threats in a Kubernetes cluster can be challenging, we generally don't know where and how to start. The good news is that we have an amount of valuable logs that can help us to know what is happened in the cluster. Indeed, each action requested or done by a user or an app, in a cluster, is recorded in Audit Logs. Kubernetes events are key to understanding the behavior of a cluster. We already provide plugins that let you parse Audit Logs and use Falco to detect threats from GKE, EKS...| Falco – The Falco blog
Today, we announce the release of Falco Talon 0.3.0 🦅! Three updates in a row, after Falco and Falcosidekick, it's time for Falco Talon to know a new version. What's new? The key feature this release brings is the new actionner kubernetes:sysdig. For those who are not familiar with sysdig, it's a CLI tool that allows to capture and record the syscalls, like tcpdump does for the network packets. Old brother of Falco, they share the same libs and filters. With this new integration, when a su...| Falco – The Falco blog
