Introduction to Falco - Cloud-Native Runtime Security
Offered By: Rawkode Academy via YouTube
Course Description
Overview
Dive into the world of cloud-native runtime security with this comprehensive video on Falco, the open-source project and de facto Kubernetes threat detection engine. Learn about Falco's origins, its role in the CNCF, and how it detects unexpected application behavior and alerts on threats at runtime. Explore Linux requirements, installation processes, and default rules. Gain hands-on experience by triggering Falco alerts, sending Kubernetes events to a web-hook receiver, and integrating Kubernetes Auditing. Discover the Falco Evolution repository and the concept of userspace Falco with pdig. Throughout the video, engage with practical demonstrations, including storing "secrets" in ConfigMaps and breaking Falco rules intentionally. Perfect for those looking to enhance their cloud security knowledge and implement robust threat detection in Kubernetes environments.
Syllabus
- Holding screen
- Introductions
- What is Falco?
- Linux requirements for Falco
- Installing Falco
- Making Falco angry Breaking a Falco rule
- Falco default rules
- Manually sending Kubernetes events to Falco web-hook receiver
- Adding Kubernetes Auditing to Falco
- Triggering Falco from Kubernetes Storing "secret" in a ConfigMap
- What is Falco Evolution repository?
- Falco pdig Userspace Falco
- Question: Is there a GUI?
Taught by
Rawkode Academy
Related Courses
Bypassing Falco - Cluster Compromise Without Tripping the SOCsecwestnet via YouTube Overcoming CVE Shock - Adding Perspective in Vulnerability Scanning
Devoxx via YouTube How to Secure a Kubernetes Cluster from Scratch
Devoxx via YouTube Tools to Help You Secure Your Kubernetes Cluster
Devoxx via YouTube Kubernetes Security: Using Open Source Tools to Secure Open-by-Default Systems
Linux Foundation via YouTube