YoVDO

Intro to Falco - Intrusion Detection for Containers

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Conference Talks Courses Kubernetes Courses Containers Courses Intrusion Detection Courses Data Normalization Courses Falco Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore runtime monitoring and intrusion detection for containers in this 36-minute talk from Shane Lawrence of Shopify. Learn how to protect Kubernetes clusters from malicious behavior using Falco, an open-source tool that combines kernel-level visibility with cluster-level awareness. Discover how to implement security policies, detect violations, and monitor containers in high-volume cloud environments. Gain insights on deploying Falco at scale, implementing and modifying rulesets, avoiding common pitfalls with eBPF probes and kernel modules, and managing alert volume. Understand real-world use cases, including detecting suspicious shell access in containers and addressing CVE-2020-8557.

Syllabus

Intro
Intro to "Intro to Intro to Falco"
The case for Falco
Deploying Falco
Modifying rules
Normalization
Suspicious shell access in container
Use case: instance metadata service (privileged)
Use case: CVE-2020-8557
Managing alerts


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Data Base Management System
Indian Institute of Technology, Kharagpur via Swayam
Healthcare Data Models
University of California, Davis via Coursera
Image Data Augmentation with Keras
Coursera Project Network via Coursera
Compare time series predictions of COVID-19 deaths
Coursera Project Network via Coursera
Practicing Machine Learning Interview Questions in R
DataCamp