The Official Sysdig Blog

Author - mark

Falco 0.8.1 Released

By on October 11, 2017

We just released Falco 0.8.1. This has a great list of new features and rule improvements. Rule Improvements The ruleset has undergone a major set of updates to reduce false positives and…

Read More →

Falco 0.6.0 Released

By on April 12, 2017

We just released Falco 0.6.0. This has several great new features as well as continued improvement to the default ruleset. Here’s a summary of the changes: Tags for Falco Rules Rules now…

Read More →

Four features of containers that help (and hurt) Docker security

By on March 5, 2017

Although most companies make the switch to containers for reasons other than security, eventually they will wonder about exactly how security will fit in and whether their existing security mechanisms will translate…

Read More →

Falco 0.5.0 now available

By on January 4, 2017

Falco 0.5.0 Released We recently released Falco 0.5.0, the behavioral security monitor. This release has a little bit of everything–new features, rule changes, and bug fixes. Here’s a rundown of the changes:…

Read More →

SELinux, Seccomp, Sysdig Falco, and you: A technical discussion

By on December 9, 2016

One of the questions we often get when we talk about Sysdig Falco is How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies? To…

Read More →

Announcing Falco 0.4.0

By on October 25, 2016

Falco Release 0.4.0 Yesterday we released Falco 0.4.0. It’s been a couple of months since 0.3.0, but there are lots of new features! The biggest change is greatly improved visibility into container…

Read More →

Sending little bobby tables to detention

By on August 11, 2016

Little Bobby Tables shows us why it’s a good idea to sanitize your database inputs to avoid SQL injection attacks: In case you’re not familiar with the concept of SQL injection attacks,…

Read More →

Announcing Falco 0.3.0

By on August 8, 2016

On Friday we released Falco 0.3.0. The biggest change in this release is significantly reduced cpu usage, involving changes in falco as well as the underlying sysdig libraries that falco uses:Reordering a…

Read More →

Friends don’t let friends Curl | Bash

By on June 13, 2016

You know those software installation instructions that tell you to download and run a script directly from the internet, as root, using something like the following? curl https://some-url | bash Let’s call…

Read More →

Announcing Falco 0.2.0

By on June 10, 2016

Today we released version 0.2.0 of Falco. Falco is our new, open source, behavioral security monitoring agent. The major change in this release was a fairly big rework of the ruleset, adding/changing…

Read More →