Sysdig Site Search
Falco 0.15.0 released.
We are happy to announce the release of Falco 0.15.0. This release incorporates a number of improvements, as well as...
How to detect the containers’ escape capabilities with Falco
Attackers use container escape techniques when they manage to control a container so the impact they can cause is much...
Falco Support on AWS Fargate
Today we’re very excited to announce a partnership with Amazon to support Fargate in Sysdig’s product line. We are also...
Container Drift Detection with Falco
DIE is the notion that an immutable workload should not change during runtime; therefore, any observed change is potentially evident...
Sysdig Doubles Down on Open Source Commitment with the First eBPF Contribution to the CNCF
Company contributes the sysdig kernel module, eBPF probe, and Falco libraries, more than 100,000 hours of engineering time SAN FRANCISCO...
Getting Started Writing Falco Rules
Sysdig’s Falco is a powerful behavioral activity monitoring tool to detect abnormal behavior in your applications and containers. While it...
Detecting MITRE ATT&CK: Defense evasion techniques with Falco
The defense evasion category inside MITRE ATT&CK covers several techniques an attacker can use to avoid getting caught. Familiarizing yourself...
Announcing Falco 0.2.0
Today we released version 0.2.0 of Falco. Falco is our new, open source, behavioral security monitoring agent. The major change...
Announcing Falco 0.3.0
On Friday we released Falco 0.3.0. The biggest change in this release is significantly reduced cpu usage, involving changes in...
How to detect MFA spamming with Falco
Threat actors continue to evolve methods to access valid credentials using new techniques such as multi-factor authentication or MFA spamming...
