There are 2 repositories under falco topic.
Cloud Native Runtime Security
Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.
A toolkit for building fast and functional-first web applications using F#.
Connect Falco to your ecosystem
eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.
A set of curated exercises to help you prepare for the CKS exam
A curated list of Falco related tools, frameworks, blogs, podcasts, and articles
Playbooks needed to set up an on-premises K3s cluster and securize it
Prometheus Metrics Exporter for Falco output events
Grafana Dashboards for Kubernetes, OpenShift and other systems
Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
Falco Talon is a Response Engine for managing threats in your Kubernetes
Curating Falco rules with MITRE ATT&CK Matrix
Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco
An example of a kubernetes cluster appropriate for a startup company
Evolution process of The Falco Project
Practice questions for Certified Kubernetes Security Specialist (CKS) exam
Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)
1 CMD in 7 mins to automate a GKE 1.29 cluster with PostgreSQL. Plus, automate Container Backup and Security!
The rust language implementation of the Falco client
Kilt is a project that defines how to inject foreign apps into containers
1 CMD to automate an EKS Cluster 1.29 comes with CSI enabled and PostgreSQL deployed too in ~15 mins. 1 min to enable EKS containers backup.
Diagrams to visually learn Falco and its eBPF probe
Kubernetes deployment resources for Falco
SysFlow edge processing pipeline
Fetches the metadata from kubernetes API server and dispatches them to Falco instances
Configuration files used in the demo for the talk "Prometheus + Falco: The Swiss Army Knife for SREs"