falco

There are 2 repositories under falco topic.

• falco

  falcosecurity / falco

  Cloud Native Runtime Security

  cloud-nativecncfcncf-projectcontainersebpffalcohacktoberfestkubernetesruntime-securitysecurity
  Language:C++ 6890
• Certified-Kubernetes-Security-Specialist

  walidshaari / Certified-Kubernetes-Security-Specialist

  Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.

  kubernetes-securitykubernetesckscksskernel-hardeningexam-objectivesos-footprintsecurityseccompapparmorfalcokube-hunterkube-benchtrivypodcertificationpolicymitre-attackpod-security-policyopen-policy-agent
  Language:AGS Script 1912

• artifacthub / hub

  Find, install and publish Cloud Native packages

  cloud-nativecncfkubernetespackages
  Language:TypeScript 1520

• ViktorUJ / cks

  Open-source Platform for learning kubernetes and aws eks and preparation for for Certified Kubernetes exams (CKA ,CKS , CKAD)

  apparmorawscertified-kubernetes-security-specialistckackadckseksfalcogvisork8skubeadmkuberneteskubernetes-clusterkubernetes-learningkubernetes-securitylearn-kubernetesopaseccompterraformterragrunt
  Language:Shell 640
• Falco

  pimbrouwers / Falco

  A toolkit for building fast and functional-first web applications using F#.

  apiaspasp-netaspnet-coreasynchronousf-sharpfalcofsharpfunctionalhandlershttpkestrelrouterroutingweb-framework
  Language:F# 509
• falcosidekick

  falcosecurity / falcosidekick

  Connect Falco to your ecosystem

  dockerfalcofalco-eventhacktoberfestkubernetesresponse-enginesecurity
  Language:Go 504
• eBPF-Guide

  mikeroyal / eBPF-Guide

  eBPF (extended Berkeley Packet Filter) Guide. Learn all about the eBPF Tools and Libraries for Security, Monitoring , and Networking.

  ebpfnetwork-analysisobservabilitypacket-sniffertraffic-monitoringbpfvulnerability-detectioninfrastructure-monitoringperformance-monitoringreal-user-monitoringdistributed-tracingtracingebpf-programskubernetes-clusterfalcoopen-telemetrykubernetes-securitylog-analysisxdpsandbox
  Language:Go 450

• m9sweeper / m9sweeper

  m9sweeper is a free and easy kubernetes security platform.

  containersdockerfalcokube-benchkube-hunterkuberneteskubesecsecuritytrivy
  Language:TypeScript 217

• moabukar / CKS-Exercises-Certified-Kubernetes-Security-Specialist

  A set of curated exercises to help you prepare for the CKS exam

  kubernetesckssecuritycontainersfalcosecurity-toolsapparmortrivyanchoreopaseccompaudit-lognetworkpoliciessecrets-managementsysdigkube-benchgvisorstatic-analysiscontainerd
  Language:Shell 213

• developer-guy / awesome-falco

  A curated list of Falco related tools, frameworks, blogs, podcasts, and articles

  awesomecontainer-runtime-securityfalcofalco-outputsfalco-securityfalcosidekickkubernetes-securitysysdig-falco
  197

• digitalis-io / k3s-on-prem-production

  Playbooks needed to set up an on-premises K3s cluster and securize it

  kuberneteskubernetes-clusterkubernetes-deploymentk3sk3s-clustersecurityonpremonpremiseonpremisesansiblelightweightsysdigfalcokubeless
  Language:Jinja 150

• falcosecurity / falco-exporter

  Prometheus Metrics Exporter for Falco output events

  falcoprometheusprometheus-exportermetrics
  Language:Go 109

• onzack / grafana-dashboards

  Grafana Dashboards for Kubernetes, OpenShift and other systems

  grafanamonitoringgrafana-dashboardprometheuskubernetesfalcolonghornopenshiftobservabilityopnsensevelero
  81

• blackberry / Falco-bypasses

  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).

  bypassfalcokubernetessecurity
  Language:C 75

• falco-talon / falco-talon

  Falco Talon is a Response Engine for managing threats in your Kubernetes

  kubernetessecurityfalcoresponse-engine
  Language:Go 71

• falcosecurity / plugins

  Falco plugins registry

  falcopluginfalco-pluginsregistry
  Language:Go 71

• CloudDefenseAI / falco_extended_rules

  Curating Falco rules with MITRE ATT&CK Matrix

  cloudsecuritycnappcontainer-securitycspmdevopsdevsecopsfalcokuberenteskubernetes-securitymalwaremalware-analysissecuritysecurity-toolsthreatthreat-analysisthreat-modelingvulnerability-detectionvulnerability-scannersworkload-securityzero-day
  Language:Python 69

• Dentrax / falco-gpt

  AI-generated remediations for Falco audit events

  audit-logchatgptdevopsfalcogolangkubernetesopenaisresysdigthreat-huntingtooling
  Language:Go 67

• developer-guy / falco-analyze-audit-log-from-k3s-cluster

  Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco

  k3sfalcoaudit-logk8s-audit-logfalcosidekickfalcosidekickui
  62

• AlexsJones / kube-microcosm

  An example of a kubernetes cluster appropriate for a startup company

  kubernetesgitopsfalcodevopscert-managerlinkerd2kubernetes-clusterkube-microcosmslack
  Language:Makefile 60

• falcosecurity / client-go

  Go client and SDK for Falco

  falcogrpcclientgogolang
  Language:Go 52

• falcosecurity / evolution

  Evolution process of The Falco Project

  falcokubernetesk8sexamplesdeploymentadoption
  Language:Go 45

• snigdhasambitak / cks

  Practice questions for Certified Kubernetes Security Specialist (CKS) exam

  apparmoraudit-logcksfalcokube-benchkubernetesoparunsctrivy
  37

• developer-guy / falco-the-kubernetes-response-engine-using-openfaas-functions

  Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions

  falcocontainer-runtime-securityopenfaasserverlessk3sk3s-clustercivocivo-k3scivo-cli
  Language:Go 25

• Loginsoft-LLC / Linux-Exploit-Detection

  Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma

  ebpfexploitfalcolinuxosqueryruntime-securitythreat-huntingopenpolicyagentregocloudnativecveyaracloudsecurityvulnerability-managementthreat-intelligencevulnerability-intelligencethreat-detection
  Language:Open Policy Agent 17

• thought-machine / falco-probes

  Automated build and mirror of eBPF kernel probes for use as a driver with the Falco runtime security agent (https://falco.org/)

  falcoebpffalco-drivers
  Language:Go 16

• yongkanghe / gke-casa

  1 CMD in 7 mins to automate a GKE 1.29 cluster with PostgreSQL. Plus, automate Container Backup and Security!

  googlekubernetesautomationgkepostgresqlcloudcasacatalogicbackupdata-managementfalcosecurity
  Language:Shell 16
• client-rs

  falcosecurity / client-rs

  The rust language implementation of the Falco client

  falcoclientrustrust-langgrpc
  Language:Rust 14

• falcosecurity / kilt

  Kilt is a project that defines how to inject foreign apps into containers

  kiltfalco
  Language:Go 13

• yongkanghe / eks-casa

  1 CMD to automate an EKS Cluster 1.29 comes with CSI enabled and PostgreSQL deployed too in ~15 mins. 1 min to enable EKS containers backup.

  automationekskubernetesawscloudcasayongkangfalcosysdig
  Language:Shell 13
• falco-diagrams

  leodido / falco-diagrams

  Diagrams to visually learn Falco and its eBPF probe

  mermaiddocsfalcoebpfimagesdiagrams
  Language:HTML 12

• sysdiglabs / vscode-falco

  Falco Rules helpers for VSCode

  vscode-extensionvscodefalco
  Language:TypeScript 12

• falcosecurity / deploy-kubernetes

  Kubernetes deployment resources for Falco

  falcofalcosidekickk8sk8s-deploymentk8s-manifestsmanifestsfalco-exporter
  10

• sysflow-telemetry / sf-processor

  SysFlow edge processing pipeline

  analyticsfalcofalco-rulespluginsreal-timerulesrules-enginesigmasigma-rules
  Language:Go 10

• falcosecurity / k8s-metacollector

  Fetches the metadata from kubernetes API server and dispatches them to Falco instances

  api-serverfalcokubernetesmetadata
  Language:Go 9

• eckelon / falco-prometheus-talk

  Configuration files used in the demo for the talk "Prometheus + Falco: The Swiss Army Knife for SREs"

  prometheusfalcofalco-sidekickyoutubepromcatcncfcncf-demodemotalk
  Language:Go 8