The Falco blog

Blog

Do you have something to share? Contribute to Falco blog!

Thomas Labarussias Jul 28, 2023

Falcosidekick 2.28.0

It's summertime, it's hot, and many people are on vacation, but the Falco community is still there. Six months after the release of Falcosidekick's latest upgrade, version 2.28.0 becomes officially available. The number of pulls of the …

Nigel Douglas Jul 18, 2023

Validating NIST Requirements with Falco

The NIST organization, a non-regulatory federal agency in the United States, plays a crucial role in establishing guidelines across various domains, including cybersecurity. In this article, we focus on NIST 800-171 compliance checks, which …

Rohith Raju Jul 18, 2023

Gsoc Week-3 and Week-4 updates

This week I worked on creating parsers for the syscalls that I added previously. I learnt how metadata is extracted from the syscalls to provied user with more context on the triggred syscall. We also compiled Falco's main repository from …

Anshu Bansal, Ashutosh Venkatrao More Jul 16, 2023

Crafting Falco Rules With MITRE ATT&CK

Introduction: The landscape of cybersecurity attacks has witnessed a notable rise in sophistication and complexity over the last decade, posing significant challenges to organizations in their efforts to identify and counter such threats …

Falco

Rohith Raju Jul 11, 2023

GSoC Week 2 updates

Alright, it's week 2 and I've got some updates. This week I learnt the different nuances and difficulties that comes while trying to compile a project for a new target. In my case it was WebAssemebly. Parts of Falco, which will be used for …

Featured Image for PCI/DSS Controls with Falco

Nigel Douglas Jul 6, 2023

Understanding PCI/DSS Controls with Falco

As organizations increasingly adopt cloud-native systems for sensitive data and operations, ensuring compliance with industry standards like the Payment Card Industry Data Security Standard (PCI DSS) becomes imperative. This standard is …

Melissa Kilby, Roberto Scolaro, Federico Di Pierro Jul 4, 2023

Adaptive Syscalls Selection in Falco

The release of Falco 0.35.0 is a significant milestone, introducing a groundbreaking feature: the ability to select which syscalls to monitor. This empowers users with granular control, optimizing system performance by reducing CPU load …

Lorenzo Susini Jun 29, 2023

Falco 0.35.1

Today we announce the release of Falco 0.35.1 🦅! Novelties 🆕 and Fixes Here is a tiny patch release! It addresses some small bugs that will not bother us and our users anymore: Bug fix in the plugin framework, we can now associate a thread …

Scott Small Jun 28, 2023

Defensive Capabilities for Container & Cloud Threats with Tidal

Recently, a significant compromise was discovered in a user environment, revealing a fascinating cloud operation called SCARLETEEL. This operation was responsible for the theft of valuable proprietary data. The attacker's strategy involved …

Rohith Raju Jun 27, 2023

GSoC Week 1 Reflections

Hello Folks!, my name is Rohith, and I am thrilled to share my experiences and reflections on the first week of the Google Summer of Code (GSoC) period. This is an exhilarating time for participants like myself as we embark on our coding …

You are viewing documentation for Falco version: v0.37.1