gVisor+Falco: Strengthen K8s & Container Security Without Losing Visibility
gVisor is an application kernel that provides an additional layer of isolation between running applications and the host operating system. This extra layer greatly improves the security of workloads but can impede container visibility. Discover how Falco integrates with the gVisor runtime to continue isolating your containers while keeping an eye on behavior.
Hear from the gVisor and Falco community developers that made it possible to leverage the powerful gVisor isolation and sandboxing capabilities while enjoying Falco’s deep visibility and flexible detection engine.
You’ll learn how to:
- Implement runtime security
- Install and configure gVisor and Falco
- Extend Docker configuration to enable gVisor
- Forward your Falco events by leveraging Falco Sidekick
Luca Guerra, Open Source Engineer, Sysdig
Nicolas Lacasse, Software Engineer, Google