Blog
Do you have something to share? Contribute to Falco blog!
Tracing System Calls Using eBPF - Part 2
Introduction In Tracing System Calls Using eBPF Part 1, we lay the groundwork, introducing you to the fundamentals of eBPF and its predecessor, BPF (Berkeley Packet Filter). We delve into the evolution of this technology, its safety, …
Falco 0.36.0
Dear Falco Community, today we are happy to announce the release of Falco 0.36.0! This releases comes as usual with many new features and improvements. Thanks to everyone that worked on all the features, bugfixes and improvements! To read a …
Introducing a framework for regression testing against Linux kernels
There are a few foundational technologies that empower the Cloud Native ecosystem. Containers is one. And one of the basis for containerization is the Linux Kernel itself. With Falco, we are developing a runtime security tool that hooks …
Tracing System Calls Using eBPF - Part 1
Introduction: In this article, we will delve into the details of eBPF (extended Berkeley Packet Filter) and explore its significance in tracing system calls. This particular blog will be in two parts; in the first blog, we will discuss …
GitLab Container Registry now supports Falcoctl OCI Artifacts
Today, we'd like to share with the Falco community the latest contribution we (w/Emin Aktas) made to GitLab Container Registry. We noticed that GitLab Container Registry didn't support Falcoctl OCI Artifact mediaTypes while we were pushing …
Validating NIST Requirements with Falco
The NIST organization, a non-regulatory federal agency in the United States, plays a crucial role in establishing guidelines across various domains, including cybersecurity. In this article, we focus on NIST 800-171 compliance checks, which …