GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → falcosecurity → Falco

falcosecurity / Falco

Licence: apache-2.0
Cloud Native Runtime Security

Programming Languages

C++
36643 projects - #6 most used programming language
CMake
9771 projects
shell
77523 projects
lua
6591 projects
python
139335 projects - #7 most used programming language
Dockerfile
14818 projects
c
50402 projects - #5 most used programming language

Labels

hacktoberfestsecuritykubernetescontainerscncfebpfcloud-nativefalco

Projects that are alternatives of or similar to Falco

Containerd
An open and reliable container runtime
Stars: ✭ 9,956 (+129.4%)
Mutual labels:  hacktoberfest, containers, cncf
pixie
Instant Kubernetes-Native Application Observability
Stars: ✭ 3,238 (-25.39%)
Mutual labels:  cncf, cloud-native, ebpf
Policy Hub Cli
CLI for searching Rego policies
Stars: ✭ 88 (-97.97%)
Mutual labels:  hacktoberfest, cncf, cloud-native
Chaos Mesh
A Chaos Engineering Platform for Kubernetes.
Stars: ✭ 4,265 (-1.73%)
Mutual labels:  hacktoberfest, cncf, cloud-native
Litmus
Litmus helps SREs and developers practice chaos engineering in a Cloud-native way. Chaos experiments are published at the ChaosHub (https://hub.litmuschaos.io). Community notes is at https://hackmd.io/a4Zu_sH4TZGeih-xCimi3Q
Stars: ✭ 2,377 (-45.23%)
Mutual labels:  hacktoberfest, cncf, cloud-native
inclavare-containers
A novel container runtime, aka confidential container, for cloud-native confidential computing and enclave runtime ecosystem.
Stars: ✭ 510 (-88.25%)
Mutual labels:  cncf, cloud-native
meshery.io
Site for Meshery, the cloud native management plane
Stars: ✭ 135 (-96.89%)
Mutual labels:  cncf, cloud-native
gryllidae
Opinionated CNCF-based, Docker Compose setup for everything needed to develop a 12factor app
Stars: ✭ 18 (-99.59%)
Mutual labels:  cncf, cloud-native
siddhi-operator
Operator allows you to run stream processing logic directly on a Kubernetes cluster
Stars: ✭ 16 (-99.63%)
Mutual labels:  cncf, cloud-native
meshery-adapter-library
Library of common functionality for Meshery Adapters
Stars: ✭ 20 (-99.54%)
Mutual labels:  cncf, cloud-native
pixie-demos
Demos for Pixie: github.com/pixie-io/pixie
Stars: ✭ 106 (-97.56%)
Mutual labels:  cncf, ebpf
landscape
🌄The Cloud Native Interactive Landscape filters and sorts hundreds of projects and products, and shows details including GitHub stars, funding or market cap, first and last commits, contributor counts, headquarters location, and recent tweets.
Stars: ✭ 8,067 (+85.88%)
Mutual labels:  cncf, cloud-native
service-mesh-performance
Standardizing Service Mesh Value Measurement
Stars: ✭ 234 (-94.61%)
Mutual labels:  cncf, cloud-native
meshery
Meshery, the cloud native manager
Stars: ✭ 1,587 (-63.43%)
Mutual labels:  cncf, cloud-native
opentelemetry-js-api
OpenTelemetry Javascript API
Stars: ✭ 75 (-98.27%)
Mutual labels:  cncf, cloud-native
glossary
The CNCF Cloud Native Glossary Project aims to define cloud native concepts in clear and simple language, making them accessible to anyone — whether they have a technical background or not (https://glossary.cncf.io).
Stars: ✭ 442 (-89.82%)
Mutual labels:  cncf, cloud-native
Service Fabric
Service Fabric is a distributed systems platform for packaging, deploying, and managing stateless and stateful distributed applications and containers at large scale.
Stars: ✭ 2,874 (-33.78%)
Mutual labels:  containers, cloud-native
Crossplane
Your Universal Control Plane
Stars: ✭ 4,414 (+1.71%)
Mutual labels:  containers, cloud-native
Devops Guide
DevOps Guide - Development to Production all configurations with basic notes to debug efficiently.
Stars: ✭ 4,119 (-5.09%)
Mutual labels:  hacktoberfest, containers
meetups
Repository to gather all presentations from all Nordic Cloud Native meetups
Stars: ✭ 43 (-99.01%)
Mutual labels:  cncf, cloud-native
View All Similar Projects ➔

Cloud Native Runtime Security.

Build Status CII Best Practices Summary GitHub

Want to talk? Join us on the #falco channel in the Kubernetes Slack.

Latest releases

Read the change log.

development stable
rpm rpm-dev rpm
deb deb-dev deb
binary bin-dev bin

The Falco Project, originally created by Sysdig, is an incubating CNCF open source cloud native runtime security tool. Falco makes it easy to consume kernel events, and enrich those events with information from Kubernetes and the rest of the cloud native stack. Falco has a rich set of security rules specifically built for Kubernetes, Linux, and cloud-native. If a rule is violated in a system, Falco will send an alert notifying the user of the violation and its severity.

Installing Falco

If you would like to run Falco in production please adhere to the official installation guide.

Kubernetes
Tool Link Note
Helm Chart Repository The Falco community offers regular helm chart releases.
Minikube Tutorial The Falco driver has been baked into minikube for easy deployment.
Kind Tutorial Running Falco with kind requires a driver on the host system.
GKE Tutorial We suggest using the eBPF driver for running Falco on GKE.

Developing

Falco is designed to be extensible such that it can be built into cloud-native applications and infrastructure.

Falco has a gRPC endpoint and an API defined in protobuf. The Falco Project supports various SDKs for this endpoint.

SDKs
Language Repository
Go client-go
Rust client-rs
Python client-py

What can Falco detect?

Falco can detect and alert on any behavior that involves making Linux system calls. Falco alerts can be triggered by the use of specific system calls, their arguments, and by properties of the calling process. For example, Falco can easily detect incidents including but not limited to:

  • A shell is running inside a container or pod in Kubernetes.
  • A container is running in privileged mode, or is mounting a sensitive path, such as /proc, from the host.
  • A server process is spawning a child process of an unexpected type.
  • Unexpected read of a sensitive file, such as /etc/shadow.
  • A non-device file is written to /dev.
  • A standard system binary, such as ls, is making an outbound network connection.
  • A privileged pod is started in a Kubernetes cluster.

Documentation

The Official Documentation is the best resource to learn about Falco.

Join the Community

To get involved with The Falco Project please visit the community repository to find more.

How to reach out?

Contributing

See the CONTRIBUTING.md.

Security Audit

A third party security audit was performed by Cure53, you can see the full report here.

Reporting security vulnerabilities

Please report security vulnerabilities following the community process documented here.

License Terms

Falco is licensed to you under the Apache 2.0 open source license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].