Awesome
awesome-falco 
<img src="https://cncf-branding.netlify.app/img/projects/falco/horizontal/color/falco-horizontal-color.svg" width="300"><br/><br/>
A curated list of Falco related tools, frameworks and articles
Contents
- ๐ผ Official Projects
- ๐ Repositories
- ๐๏ธ Docs
- ๐ฐ Blogs
- ๐พ Community Repositories
- ๐๏ธ Blogs and Articles
- ๐น Videos
- ๐ Slides
- ๐ค Podcasts
- ๐งช Interactive Learning
- ๐งฐ IDE and Editor Integrations
- ๐ก Support and Community
- ๐ Develop and Contribute
- ๐ Learn and Connect
Official projects
Repositories
- Falco - Cloud Native Runtime Security
- Falco Libs - libsinsp, libscap, the kernel module driver, and the eBPF driver sources
- Falcosidekick - A simple daemon to help you with falco's outputs
- Falcosidekick UI - A simple WebUI with latest events from Falco
- falcoctl - Administrative tooling for Falco.
- Falcosecurity Evolution - Evolution process of The Falco Project
- Falco Event Generator - Generate a variety of suspect actions that are detected by Falco rulesets
Docs
- Falco - Official Falco documentation
Blogs
- Falco - Official blog for the Falco project
- Sysdig Blog - Explore Sysdig resources for whitepapers, videos, webinars, case studies, and more. Embed security, compliance and monitoring into DevOps workflows.
Community Repositories
- Extending Falco outputs with Falcosidekick by developer-guy
- Falco workshop by vicenteherrera
- Container Runtime Security with Falco by developer-guy
- falco-filebeat-daemonset by Popsiclestick - Easily deployable daemonset which moves logs from falco with filebeat
- Falco Diagrams: Visually learn Falco and its eBPF probe
Blogs and Articles
- Using Falco to monitor outbound traffic for Pods in Kubernetes
- Installing and using sysdig falco by Spencer Krum
- Falco Container Native Security by cloudpirate
- Kubernetes Security monitoring at scale with Sysdig Falco by Skyscanner Engineering
- Container Host Security Demo - Falco for GitLab 13.2 by GitLab Unfiltered
- Kubernetes Security With Falco by Gaurav Agarwal
- Hunting for Malware with Falco by dlorenc
- Container runtime security in Kubernetes with Falco by gatesch
- Getting Started with Falco Runtime Security and Cloud Native Distributed SQL on Google Kubernetes Engine by yugabyte
- Integrating Falco and Your CI/CD Pipeline by ravilach
- Deploying Falco to Kubernetes by glentomkowiak
- Play by Play Security with Sysdig and Falco by avinash_vjti
- What is Falco, and how it work with Kubernetes by jihadbenabra
- Security Sprint: Falco by terceranexus6
- Runtime Security with Falco by Pawan Shankar
- Implementing Runtime Security in Amazon EKS using CNCF Falco by Anand Krishna
- Security with Falco by Radhika Rajesh
- Falco is the First Runtime Security Project to be Accepted into CNCF Incubator by Matt Campbell
- An Introduction to Kubernetes Security using Falco by Frederick Fernando
- Kubernetes Audit Log Falco by Pawan Shankar
- K3s Sysdig Falco by Dan Papandrea
- Falco Security and Monitoring on RKE Bare Metal Cluster with Rancher by Frank Jogeleit
- Falco at the edge arm64 by Alex Ellis
- Analyze AWS EKS Audit logs with Falco by Ismail Yenigul
- Sysdig contributes Falco's kernel module, eBPF probe, and libraries to the CNCF by Loris Degioanni
- Contribution of the drivers and the libraries By Leonardo Di Donato, Leonardo Grasso
- Runtime security in Azure Kubernetes Service by Eric Carter
- A story about touching Falco by RyuSA
- AWS S3 security with CloudTrail and Falco By Alba Ferri
- Detecting MITRE ATT&CK: Privilege escalation with Falco By Stefano Chierici
- Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass By Stefano Chierici
- Pick-up Container Security Project Falco
Videos
- Container Runtime Security with Falco by Kubernetes Meetup Tokyo
- Sysdig Falco - Open Source Docker Security - WTF my container just spawned a shell by Sysdig
- Intro to Falco: Intrusion Detection for Containers - Shane Lawrence, Shopify by Shane Lawrence
- Webinar: Getting started with container runtime security using Falco by Loris Degioanni
- Kubernetes Master Class - 2020-04-20 - Detecting Anomalous Kubernetes Activity with Falco by Rancher Labs
- Unveil hidden malicious processes with Falco in cloud-native environments by Kaizhe Huang
Slides
- Kubernetes Runtime Security with Falco and Sysdig by Jorge Salamero
- Getting Started with Runtime Security using Falco by Loris Degioanni
Podcasts
Interactive Learning
- Container Runtime Security with Falco by falco
- Sysdig Falco: Container security monitoring by mateobur
- Blocking security threats with Falco Response Engine by Falco
IDE and Editor Integrations
- VS Code plugin - Falco Rules helpers for VSCode
Support and Community
Develop and Contribute
- Slack - Chat with other project developers
- Developer mailing list - Discuss development issues around the project
- Contributor of the Month - View the contributors of the month
Learn and Connect
- Twitter - Follow us on Twitter to get the latest news!
- User mailing list - Discussion and help from your fellow users
- StackOverflow - Practical questions and curated answers
- Calendar - Subscribe to the Falco calendar, through this ics feed