Threat Detection Built on Falco
Falco is the open source standard for real-time detection of threats and anomalies across containers, Kubernetes, and cloud services.
How Sysdig Contributes to the Open Source Security Community
Sysdig has contributed Falco, the Sysdig kernel module, eBPF probe, and libraries to the CNCF. Sysdig’s open source engineering team not only contributes to Falco but to other projects as well. You can find the source code of these components in the Falco organization, hosted in the Falco security GitHub repository.
Stay Connected With Falco
Security from Source to Run for Containers, Kubernetes, and Clouds
Container and Kubernetes Security
Cloud Detection and Response
Supercharge Falco with Sysdig Secure
The Falco open source cloud, Kubernetes, and container security tool is the detection engine for Sysdig Secure. If you like Falco, you’ll love Secure.
Layer your defense with rules curated by the Sysdig threat research team and ML detection.
Automatically tune rules, define rule sets by team, and manage multiple Falco instances.
Simplify compliance audits with rules mapped to standards like NIST, SOC2, GDPR, and PCI.
Sysdig Created Falco
Falco and Sysdig Secure Feature Comparison
Sysdig Secure extends Falco so that you can efficiently scale security for containers, Kubernetes, and cloud services.