The Official Sysdig Blog

Author - mark

Falco 0.10.0 Released

By on April 25, 2018

We are happy to announce the release of Falco 0.10.0. This release incorporates a number of improvements focused on making Falco easier to deploy, improvements with rules, and improvements in the system…

Read More →

Fishing for Miners – Cryptojacking Honeypots in Kubernetes

By on January 2, 2018

Introduction A while back, we wrote a blog post about opening an EC2 instance to the world to see who would exploit it and what we could reconstruct from their behavior using…

Read More →

Falco 0.8.1 Released

By on October 11, 2017

We just released Falco 0.8.1. This has a great list of new features and rule improvements. Rule Improvements The ruleset has undergone a major set of updates to reduce false positives and…

Read More →

Falco 0.6.0 Released

By on April 12, 2017

We just released Falco 0.6.0. This has several great new features as well as continued improvement to the default ruleset. Here’s a summary of the changes: Tags for Falco Rules Rules now…

Read More →

Four features of containers that help (and hurt) Docker security

By on March 5, 2017

Although most companies make the switch to containers for reasons other than security, eventually they will wonder about exactly how security will fit in and whether their existing security mechanisms will translate…

Read More →

Falco 0.5.0 now available

By on January 4, 2017

Falco 0.5.0 Released We recently released Falco 0.5.0, the behavioral security monitor. This release has a little bit of everything–new features, rule changes, and bug fixes. Here’s a rundown of the changes:…

Read More →

SELinux, Seccomp, Sysdig Falco, and you: A technical discussion

By on December 9, 2016

One of the questions we often get when we talk about Sysdig Falco is How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies? To…

Read More →

Announcing Falco 0.4.0

By on October 25, 2016

Falco Release 0.4.0 Yesterday we released Falco 0.4.0. It’s been a couple of months since 0.3.0, but there are lots of new features! The biggest change is greatly improved visibility into container…

Read More →

Sending little bobby tables to detention

By on August 11, 2016

Little Bobby Tables shows us why it’s a good idea to sanitize your database inputs to avoid SQL injection attacks: In case you’re not familiar with the concept of SQL injection attacks,…

Read More →

Announcing Falco 0.3.0

By on August 8, 2016

On Friday we released Falco 0.3.0. The biggest change in this release is significantly reduced cpu usage, involving changes in falco as well as the underlying sysdig libraries that falco uses:Reordering a…

Read More →