YoVDO

Intro to Falco - Intrusion Detection for Containers

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses Kubernetes Courses Containers Courses Intrusion Detection Courses Data Normalization Courses Falco Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore runtime monitoring and intrusion detection for containers in this 36-minute talk from Shane Lawrence of Shopify. Learn how to protect Kubernetes clusters from malicious behavior using Falco, an open-source tool that combines kernel-level visibility with cluster-level awareness. Discover how to implement security policies, detect violations, and monitor containers in high-volume cloud environments. Gain insights on deploying Falco at scale, implementing and modifying rulesets, avoiding common pitfalls with eBPF probes and kernel modules, and managing alert volume. Understand real-world use cases, including detecting suspicious shell access in containers and addressing CVE-2020-8557.

Syllabus

Intro
Intro to "Intro to Intro to Falco"
The case for Falco
Deploying Falco
Modifying rules
Normalization
Suspicious shell access in container
Use case: instance metadata service (privileged)
Use case: CVE-2020-8557
Managing alerts


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube