Threat Detection Built on Falco

Falco is the open source standard for real-time detection of threats and anomalies across containers, Kubernetes, and cloud services.

How Sysdig Contributes to the Open Source Security Community

Sysdig has contributed Falco, the Sysdig kernel module, eBPF probe, and libraries to the CNCF. Sysdig’s open source engineering team not only contributes to Falco but to other projects as well. You can find the source code of these components in the Falco organization, hosted in the Falco security GitHub repository.

Falco open source security

Supercharge Falco with Sysdig Secure

The Falco open source cloud, Kubernetes, and container security tool is the detection engine for Sysdig Secure. If you like Falco, you’ll love Secure.

Detect with Tested Rules Plus ML

Layer your defense with rules curated by the Sysdig threat research team and ML detection.

Easily Scale Falco As You Grow

Automatically tune rules, define rule sets by team, and manage multiple Falco instances.

Validate Compliance

Simplify compliance audits with rules mapped to standards like NIST, SOC2, GDPR, and PCI.

Sysdig Created Falco

The Falco open source container, Kubernetes, and cloud security tool was created by Sysdig and contributed to the CNCF. Falco is the cloud-native standard for threat and anomaly detection.

Falco and Sysdig Secure Feature Comparison

Sysdig Secure extends Falco so that you can efficiently scale security for containers, Kubernetes, and cloud services.

Sysdig Secure
Open Source Based Agent
Event Sources: Linux System Calls, Kubernetes Audit Logs, and Cloud Activity Logs
Alert Outputs
Via Sidekick
Event forwarding
Customizable Policies
Learning Mode to Automatically Tune Rules
Automated Policy Suggestions Based on Application/Workload Profiling
Kubernetes Network Security
Out-of-the-box Compliance Policies
Vulnerability Management 
(Image & Host scanning)
Cloud Security Posture Management
Infrastructure-as-Code Security
Incident Response
Enterprise-Grade Support and Scalability (Centralized Rule Management, Simple Policy Editor, Professional Services)