-
Notifications
You must be signed in to change notification settings - Fork 893
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move kubernetes-response-engine to falcosecurity/kubernetes-response-…
…engine (#539) * Move kubernetes-response-engine to falcosecurit/kubernetes-response-engine As long as Falco and Response Engine have different release cycle, they are separated. * Add a README explaining that repository has been moved @mfdii is absolutely right about this on #539
- Loading branch information
1 parent
d7568ac
commit a31c3c0
Showing
61 changed files
with
4 additions
and
3,129 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,18 +1,6 @@ | ||
# Kubernetes Response Engine for Sysdig Falco | ||
# Kubernetes Response Engine directory moved | ||
|
||
A response engine for Falco that allows to process security events executing playbooks to respond to security threats. | ||
As long as Kubernetes Response Engine and Falco has different release cycles, | ||
the Kubernetes Response Engine has been moved to its own repository. | ||
|
||
## Architecture | ||
|
||
* *[Falco](https://sysdig.com/opensource/falco/)* monitors containers and processes to alert on unexpected behavior. This is defined through the runtime policy built from multiple rules that define what the system should and shouldn't do. | ||
* *falco-nats* forwards the alert to a message broker service into a topic compound by `falco.<severity>.<rule_name_slugified>`. | ||
* *[NATS](https://nats.io/)*, our message broker, delivers the alert to any subscribers to the different topics. | ||
* *[Kubeless](https://kubeless.io/)*, a FaaS framework that runs in Kubernetes, receives the security events and executes the configured playbooks. | ||
|
||
## Glossary | ||
|
||
* *Security event*: Alert sent by Falco when a configured rule matches the behaviour on that host. | ||
* *Playbook*: Each piece code executed when an alert is received to respond to that threat in an automated way, some examples include: | ||
- sending an alert to Slack | ||
- stop the pod killing the container | ||
- taint the specific node where the pod is running | ||
You can find it in https://github.com/falcosecurity/kubernetes-response-engine |
4 changes: 0 additions & 4 deletions
4
integrations/kubernetes-response-engine/deployment/aws/.gitignore
This file was deleted.
Oops, something went wrong.
17 changes: 0 additions & 17 deletions
17
integrations/kubernetes-response-engine/deployment/aws/Makefile
This file was deleted.
Oops, something went wrong.
23 changes: 0 additions & 23 deletions
23
integrations/kubernetes-response-engine/deployment/aws/README.md
This file was deleted.
Oops, something went wrong.
12 changes: 0 additions & 12 deletions
12
integrations/kubernetes-response-engine/deployment/aws/cluster-role-binding.yaml
This file was deleted.
Oops, something went wrong.
25 changes: 0 additions & 25 deletions
25
integrations/kubernetes-response-engine/deployment/aws/cluster-role.yaml
This file was deleted.
Oops, something went wrong.
29 changes: 0 additions & 29 deletions
29
integrations/kubernetes-response-engine/deployment/aws/lambda.tf
This file was deleted.
Oops, something went wrong.
14 changes: 0 additions & 14 deletions
14
integrations/kubernetes-response-engine/deployment/aws/outputs.tf
This file was deleted.
Oops, something went wrong.
3 changes: 0 additions & 3 deletions
3
integrations/kubernetes-response-engine/deployment/aws/sns.tf
This file was deleted.
Oops, something went wrong.
9 changes: 0 additions & 9 deletions
9
integrations/kubernetes-response-engine/deployment/cncf/Makefile
This file was deleted.
Oops, something went wrong.
20 changes: 0 additions & 20 deletions
20
integrations/kubernetes-response-engine/deployment/cncf/README.md
This file was deleted.
Oops, something went wrong.
12 changes: 0 additions & 12 deletions
12
integrations/kubernetes-response-engine/deployment/cncf/cluster-role-binding.yaml
This file was deleted.
Oops, something went wrong.
25 changes: 0 additions & 25 deletions
25
integrations/kubernetes-response-engine/deployment/cncf/cluster-role.yaml
This file was deleted.
Oops, something went wrong.
5 changes: 0 additions & 5 deletions
5
integrations/kubernetes-response-engine/deployment/cncf/kubeless/kubeless-namespace.yaml
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.