Description:
Explore runtime monitoring and intrusion detection for containers in this 36-minute talk from Shane Lawrence of Shopify. Learn how to protect Kubernetes clusters from malicious behavior using Falco, an open-source tool that combines kernel-level visibility with cluster-level awareness. Discover how to implement security policies, detect violations, and monitor containers in high-volume cloud environments. Gain insights on deploying Falco at scale, implementing and modifying rulesets, avoiding common pitfalls with eBPF probes and kernel modules, and managing alert volume. Understand real-world use cases, including detecting suspicious shell access in containers and addressing CVE-2020-8557.
Intro to Falco - Intrusion Detection for Containers
Add to list
#Conference Talks
#Computer Science
#DevOps
#Kubernetes
#Containers
#Information Security (InfoSec)
#Cybersecurity
#Intrusion Detection
#Data Science
#Data Preprocessing
#Data Normalization
#Operating Systems
#eBPF
#Falco
0:00 / 0:00