A FalcoSecurity Falco POD with FleuentD logshipping to SumoLogic
- Intrusion Detection System, File Integrity Monitoring, Malware detection, etc.. for GKE/Kubernetes
//TODO patch and harden Falco container image. apply a PSP.. // PSP: Disable Exec into Falco container //TODO Add an internet network egress policy that only allows the falco daemon to dowload it's eBPF stuff // connect to sumologic, get PKI stuff, etc
Open source falco homepage
Falco GitHub project
//TODO: How do I add a new alert? //TODO: How do I contribute to the Falco project
How to deploy
-FalcoSecurity: Falco for acme k8s environments:
//TODO the sidecar automation component does not yet exist!!
Fig1: Falco Architecure
2020 - acme Security Team
security@acme.com