Falco
Track the Bitcoin transactions with Falco
The number of plugins available for Falco continues to grow thanks to our wonderful community. Thank you all for your help! You can find the list of available plugins here. The vast majority of plugins developed allow Falco to ingest logs …
Falco Graduates within the CNCF!
Today, the Falco project hit a big milestone: becoming a CNCF Graduated Project! Falco's graduation indicates the project's maturity and dependability, but most importantly, it is the culmination of a fantastic amount of work. The journey …
Introducing Falco 0.37.0
Dear Falco Community, today we are happy to announce the release of Falco 0.37.0! This release brings an improved installation experience, a new way to modify Falco rules, and some great UX improvements. There are, as to be expected, a …
Falco Weekly 4 - 2024
What happened in Falco this week? Let's go through the major changes that happened in various repositories under the falcosecurity organization. Libs Libs will need a 0.14.2 tag for the Falco 0.37.0 release, with the revert of …
Falco Weekly 3 - 2024
What happened in Falco this week? Let's go through the major changes that happened in various repositories under the falcosecurity organization. Libs Libs tag 0.14.1 is out! Try it! It fixes the following things: fix(gvisor): gVisor engine …
Falco Weekly 50 - 2023
What happened in Falco this week? Let's go through the major changes that happened in various repositories under the falcosecurity organization. Libs The anticipated 0.14.0 libs tag (and its driver counterpart) are going to be tagged soon, …
Falco Weekly 48 - 2023
What happened in Falco this week? Let's go through the major changes that happened in various repositories under the falcosecurity organization. Libs The anticipated 0.14.0 libs tag (and its driver counterpart) are still a bit late, …
Adding runtime threat detection to Google Kubernetes Engine with Falco
One of the big advantages of running your workloads on a managed Kubernetes service like Google Kubernetes Engine (GKE) is that Google ensures your clusters are being deployed and managed following industry best practices. While GKE …
Falco Weekly 46 - 2023
This is the first of a series of weekly blog post whose aim is to give a quick overview about the development of Falco and its related projects. What happened in Falco this week? Let's go through the major changes that happened in various …
Introducing the new Falco training course, by CNCF, Linux Foundation, and Sysdig
Detecting Cloud Runtime Threats with Falco (LFS254) is the new Falco training course created by CNCF, Linux Foundation, and Sysdig. We're very excited about this new immersive course designed to enhance your expertise in securing …
Linux Introspection - From BPF to Wireshark to Falco
Falco, an open source innovation, was conceived with the vision of crafting a flexible and robust rules engine atop the Sysdig libraries. This initiative aimed to furnish a potent tool for the detection of aberrant behaviors and intrusions …
Tracing System Calls Using eBPF - Part 2
Introduction In Tracing System Calls Using eBPF Part 1, we lay the groundwork, introducing you to the fundamentals of eBPF and its predecessor, BPF (Berkeley Packet Filter). We delve into the evolution of this technology, its safety, …
Falco 0.36.0
Dear Falco Community, today we are happy to announce the release of Falco 0.36.0! This releases comes as usual with many new features and improvements. Thanks to everyone that worked on all the features, bugfixes and improvements! To read a …
Introducing a framework for regression testing against Linux kernels
There are a few foundational technologies that empower the Cloud Native ecosystem. Containers is one. And one of the basis for containerization is the Linux Kernel itself. With Falco, we are developing a runtime security tool that hooks …
Tracing System Calls Using eBPF - Part 1
Introduction: In this article, we will delve into the details of eBPF (extended Berkeley Packet Filter) and explore its significance in tracing system calls. This particular blog will be in two parts; in the first blog, we will discuss …
Crafting Falco Rules With MITRE ATT&CK
Introduction: The landscape of cybersecurity attacks has witnessed a notable rise in sophistication and complexity over the last decade, posing significant challenges to organizations in their efforts to identify and counter such threats …
Adaptive Syscalls Selection in Falco
The release of Falco 0.35.0 is a significant milestone, introducing a groundbreaking feature: the ability to select which syscalls to monitor. This empowers users with granular control, optimizing system performance by reducing CPU load …
Falco 0.35.0
Dear Community, today we are delighted to announce the release of Falco 0.35.0! A big thank you to all our contributors for helping get the latest release out, we are thrilled to share this release and its goodies with the community. To …
Falco 0.34.0 a.k.a. "The Honeybee 🍯"
Dear community, today we are delighted to announce the release of Falco 0.34.0 🎉! A big thank you to the community for helping get the latest release out. The Falco community is thrilled about this release and cannot wait to share the …
Falco 0.33.0 a.k.a. "the pumpkin release 🎃"
Dear community, today we are happy to announce the release of Falco 0.33.0 🎉! A big thank you to the community for helping get the latest release over the finish line. The Falco community rallied behind this release and we wanted to share …
Manage Falco easier with Giant Swarm App Platform
In this article, you will learn how Giant Swarm simplifies the maintenance of the software stack within Kubernetes clusters by using its App Platform technology. Additionally, we will show how customers can leverage this to easily deploy …
Falco 0.31.0 a.k.a. "the Gyrfalcon"
Today we announce the release of Falco 0.31.0, a.k.a the Gyrfalcon 🦅! Gyrfalcons are the largest of the falcon species, just like this version of Falco has the biggest changelog ever released. To give you some metrics, since the last …
Falco 0.28.0 a.k.a. Falco 2021.04
Today we announce the spring release of Falco 0.28.0 🌱 This is the second release of Falco during 2021! You can take a look at the set of changes here: 0.28.0 As usual, in case you just want to try out the stable Falco 0.28.0, you can …
Falco 0.27.0 a.k.a. "The happy 2021 release"
Today we announce the release of Falco 0.27.0 🥳 This is the first release of 2021! You can take a look at the set of changes here: 0.27.0 As usual, in case you just want to try out the stable Falco 0.27.0, you can install its packages …
Falco 0.26.2 a.k.a. "the download.falco.org release"
Today we announce the release of Falco 0.26.2 🥳 This one is a hotfix release for the Falco 0.26.1 released on October 1st. You can take a look at the set of changes here: 0.26.2 As usual, in case you just want to try out the stable Falco …
Falco 0.26.1 a.k.a. "the static release"
Today we announce the release of Falco 0.26.1 🥳 This one is a hotfix release for the Falco 0.26.0 released last week! You can take a look at the set of changes here: 0.26.1 0.26.0 As usual, in case you just want to try out the stable Falco …
Falco 0.25.0 a.k.a. "the summer release"
Today we announce the release of Falco 0.25 🥳 This one is a small release but a very important one!! You can take a look at the set of changes here: 0.25.0 In case you just want to try out the stable Falco 0.25, you can install its packages …
Falco 0.24.0 a.k.a. "the huge release"
After two long months, look who's back! Today we announce the release of Falco 0.24 🥳 You can take a look at the huge set of changes here: 0.24.0 In case you just want to try out the stable Falco 0.24, you can install its packages following …
Falco 0.23.0 a.k.a. "the artifacts scope release"
Another month has passed and Falco continues to grow! Today we announce the release of Falco 0.23 🥳 Wondering why this release is called "The Artifacts Scope" release? Please read more here. You can take a look at the whole set of …
Falco 0.22 a.k.a. "the hard fixes release"
Another month has passed and Falco continues to grow! Today we announce the release of Falco 0.22 🥳 You can take a look at the whole set of changes here: 0.22.0 - thanks to Leonardo Grasso for his first ever release! 0.22.1 - hotfix by me …
