Description:
Explore the evolution and extended capabilities of Falco, a cloud-native runtime security project, in this 42-minute CNCF conference talk. Dive into Falco's architecture, including libscap and libsinsp libraries, and learn about the new plugin system that allows for triggering alerts with any stream of events. Discover the technical details of source and extractor plugins, their implementation, and settings. Gain insights into the Plugin SDK Go, its benefits, and how to get started. Examine real-world applications, such as the AWS Cloudtrail and JSON plugins, through a live demonstration. Understand ongoing developments like shared libraries for plugins and see how Falco can be applied to pet surveillance. Conclude with useful links and information on how to contribute to the Falco project.
Extend Falco with Plugins - Trigger Alerts with Any Stream of Events
Add to list
#Computer Science
#Operating Systems
#eBPF
#Falco
#Programming
#Programming Languages
#Go
#DevOps
#Kubernetes
#Javascript
#JSON
#Cloud Computing
#Cloud Security
#Amazon Web Services (AWS)
#AWS CloudTrail
#Information Security (InfoSec)
#Cybersecurity
#Application Security
#Runtime Security