Sysdig Site Search
Falco
Detect threats and anomalous activity across containers, hosts, Kubernetes and cloud with Falco open source security.
GKE security using Falco, Pub/Sub, and Cloud Functions
In this blogpost we will demonstrate how to build a complete GKE security stack for anomaly detection and to prevent...
Building Honeypots with vcluster and Falco: Episode II
This is part two in our series on building honeypots with Falco, vcluster, and other assorted open source tools. For...
Falco Feeds
Detect threats and anomalous activity across containers, hosts, Kubernetes and cloud with Falco open source security.
Getting started with runtime security and Falco
Discover how to get started with Falco to overcome the challenges of implementing runtime security for cloud-native workloads. If you...
Adding runtime threat detection to Google Kubernetes Engine with Falco
One of the big advantages of running your workloads on a managed Kubernetes service like Google Kubernetes Engine (GKE) is...
Falco vs. AuditD from the HIDS perspective
In this blog, we will compare and contrast Falco vs. AuditD from a Host Intrusion Detection (HIDS) perspective. AuditD is...
Cryptojacking detection with Sysdig’s Falco
The latest rage amongst attackers appears to be cryptojacking; rather, exploiting a system, and installing cryptocurrency miners to earn money...
Detecting MITRE ATT&CK: Privilege escalation with Falco
The privilege escalation category inside MITRE ATT&CK covers quite a few techniques an adversary can use to escalate privileges inside...
Comparing GuardDuty & Falco on EKS
Read about the differences between Amazon GuardDuty and Falco for Amazon EKS to better understand what each tool does, the threats detected, and the metadata available for forensic analysis.
