Sysdig Site Search
Unveil hidden malicious processes with Falco in cloud-native environments
Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes...
gVisor+Falco: Strengthen K8s & Container Security Without Losing Visibility
Hear from the gVisor and Falco community developers that made it possible to leverage the powerful gVisor isolation and sandboxing capabilities while enjoying Falco’s deep visibility and flexible detection engine.
Detect reverse shell with Falco and Sysdig Secure
Reverse shell is a way that attackers gain access to a victim’s system. In this article, you’ll learn how this...
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer
On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer...
How to detect sudo’s CVE-2021-3156 using Falco
A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility...
New release of Sysdig Open Source leverages Falco plugins
Sysdig maintainers are thrilled to announce the latest release of our beloved OSS tool for analyzing and/or recording the activity...
Tales from the Kernel Parameter Side
Users live in the sunlit world of what they believe to be reality. But, there is, unseen by most, an...
How to detect Kubernetes vulnerability CVE-2019-11246 using Falco
A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could...
MITRE ATT&CK framework for container runtime security with Falco.
MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the...
Falco in the open
One of the most successful aspects of Kubernetes is how functional the open source community was able to operate. Kubernetes...
