Skip to content

Falco - Container Native Runtime Security

Photo of Bob Killen
Hosted By
Bob K. and 3 others
Falco - Container Native Runtime Security

Details

Join us January 29 at Alfa Jango with Marky Jackson from Sysdig! Learn about Falco, a new Host Intrusion Detection system made for Cloud Native Platforms (not to mention its a CNCF project!).

What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, Marky will present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security, auditing & incident response.

Food to be provided by the CNCF

Hope to see you at the first meeting in 2020!

Photo of Orchestructure group
Orchestructure
See more events
Alfa Jango
1327 Jones Dr #109 · Ann Arbor, MI