Sysdig Site Search
Dynamic DNS & Falco: detecting unexpected network activity
Since the inception of Falco, we’ve seen users write custom rules covering a number of different use cases. Because Falco...
Unveil hidden malicious processes with Falco in cloud-native environments
Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes...
gVisor+Falco: Strengthen K8s & Container Security Without Losing Visibility
Hear from the gVisor and Falco community developers that made it possible to leverage the powerful gVisor isolation and sandboxing capabilities while enjoying Falco’s deep visibility and flexible detection engine.
Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer
On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer...
Detect reverse shell with Falco and Sysdig Secure
Reverse shell is a way that attackers gain access to a victim’s system. In this article, you’ll learn how this...
How to detect sudo’s CVE-2021-3156 using Falco
A recent privilege escalation heap overflow vulnerability (CVSS 7.8), CVE-2021-3156, has been found in sudo. sudo is a powerful utility...
New release of Sysdig Open Source leverages Falco plugins
Sysdig maintainers are thrilled to announce the latest release of our beloved OSS tool for analyzing and/or recording the activity...
Tales from the Kernel Parameter Side
Users live in the sunlit world of what they believe to be reality. But, there is, unseen by most, an...
How to detect Kubernetes vulnerability CVE-2019-11246 using Falco
A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could...
Stratoshark
Check out Sysdig’s guide to using DNS based network rules to control inbound and outbound traffic from your containers in Kubernetes. Learn more.
