Open Source Intrusion Detection for Containers at Shopify
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore open source intrusion detection for containers in this keynote presentation from KubeCon + CloudNativeCon. Discover how Shopify utilizes Falco, a CNCF incubating project, to monitor critical systems and detect potential security threats. Learn about tracking syscalls at the kernel level, implementing Kubernetes-aware processes, and using predefined rules for event logging. Gain insights into Shopify's deployment of Falco since 2018, including tips for maximizing its effectiveness, areas for improvement, and use cases for detecting compromises and data exfiltration. Understand the challenges of traditional network security models in Kubernetes environments and how Falco addresses these issues. Delve into Falco's features, rule creation, and prevention strategies for enhancing container security in cloud-native infrastructures.
Syllabus
Intro
About Shopify
The importance of security
Shopifys use case
Traditional network security model
Kubernetes infrastructure
Kubernetes 17 issues
Proof
Features
What is FALCO
FALCO rules
Prevention
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Bypassing Falco - Cluster Compromise Without Tripping the SOCsecwestnet via YouTube Introduction to Falco - Cloud-Native Runtime Security
Rawkode Academy via YouTube Overcoming CVE Shock - Adding Perspective in Vulnerability Scanning
Devoxx via YouTube How to Secure a Kubernetes Cluster from Scratch
Devoxx via YouTube Tools to Help You Secure Your Kubernetes Cluster
Devoxx via YouTube