Detecting Anomalous Behavior in Containerized Environments with Sysdig Falco

Explore behavioral security for containerized environments in this 43-minute conference talk by Jorge Salamero Sanz from Sysdig. Learn about Sysdig Falco, an open-source behavioral activity monitor that detects and alerts on anomalous behavior at the application, file, system, and network levels. Discover how behavioral security differs from traditional solutions like image scanning, understand Falco's functionality, and gain insights into building and customizing detection rules. Delve into the speaker's expertise in monitoring container clusters, writing sensor plugins, and working on DIY projects with Raspberry Pi and ESP8266.

WTF, My Container Just Spawned a Shell - Jorge Salamero Sanz, Sysdig