all InfoSec news
Audit of Falco, the open-source cloud-native runtime security
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Falco makes it easy to consume kernel events and enrich those events with information from Kubernetes and the rest of the cloud-native stack. It monitors system calls to secure a system, by:
- parsing the Linux system calls from the kernel at runtime;
- asserting the stream against a powerful rules engine;
- alerting when a rule is violated.
The project ships with a default set of rules ready to be consumed by end-users to secure their Kubernetes clusters. However, users can …
alerting audit cloud cloud-native end engine events falco information introduction kernel kubernetes linux parsing project rest rules runtime runtime security security ships stream system