Falco
security runtime-security
Runtime security and threat detection for containers
Prerequisites:
kubernetes linux
Pros and Cons
Ventajas
- + Real-time detection
- + eBPF for low overhead
- + Flexible rules engine
- + CNCF graduated project
Desventajas
- - Requires elevated privileges
- - Can generate noise
- - Initial tuning needed
Casos de Uso
- Runtime threat detection
- Compliance monitoring
- Forensics