Introduction to Falco - Cloud-Native Runtime Security
Offered By: Rawkode Academy via YouTube
Course Description
Overview
Dive into the world of cloud-native runtime security with this comprehensive video on Falco, the open-source project and de facto Kubernetes threat detection engine. Learn about Falco's origins, its role in the CNCF, and how it detects unexpected application behavior and alerts on threats at runtime. Explore Linux requirements, installation processes, and default rules. Gain hands-on experience by triggering Falco alerts, sending Kubernetes events to a web-hook receiver, and integrating Kubernetes Auditing. Discover the Falco Evolution repository and the concept of userspace Falco with pdig. Throughout the video, engage with practical demonstrations, including storing "secrets" in ConfigMaps and breaking Falco rules intentionally. Perfect for those looking to enhance their cloud security knowledge and implement robust threat detection in Kubernetes environments.
Syllabus
- Holding screen
- Introductions
- What is Falco?
- Linux requirements for Falco
- Installing Falco
- Making Falco angry Breaking a Falco rule
- Falco default rules
- Manually sending Kubernetes events to Falco web-hook receiver
- Adding Kubernetes Auditing to Falco
- Triggering Falco from Kubernetes Storing "secret" in a ConfigMap
- What is Falco Evolution repository?
- Falco pdig Userspace Falco
- Question: Is there a GUI?
Taught by
Rawkode Academy
Related Courses
Windows Server 2016 Security FeaturesMicrosoft via edX Detecting and Mitigating Cyber Threats and Attacks
University of Colorado System via Coursera Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Microsoft Professional Capstone : Cybersecurity
Microsoft via edX Cyber Security Operations (Cisco CCNA)
The Open University via FutureLearn