SkillsCast coming soon.
Host intrusion detection (HID) has been around for some time. In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security.
We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. We’ll show how to collect and aggregate activity in a Cloud Native environment using and EFK stack (Elasticsearch, Fluentd, Kibana). Finally we'll show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics.
YOU MAY ALSO LIKE:
- Introduction to Docker Fundamentals (in London on 26th - 27th November 2019)
- Advanced Docker for Enterprise Operations (in London on 28th - 29th November 2019)
- Scala eXchange London 2019 (in London on 12th - 13th December 2019)
- µCon London 2020 - The Conference on Microservices, DDD & Software Architecture (in London on 27th - 29th May 2020)
- A Guide to the Market Promise of Automagic AI-Enabled Detection and Response (in London on 29th October 2019)
- Keynote by Konrad Kokosa: What’s New in .NET Core 3.0 and .NET 5.0 for Performance and Memory-Aware Folks? (in London on 29th October 2019)
- DevOps and Microservices Better Together (SkillsCast recorded in October 2019)
- Going Multicloud with Serverless (SkillsCast recorded in October 2019)
Runtime Security for Cloud Native Platform
Michael Ducy works as Director of Community for Sysdig, responsible for growing the Sysdig open source communities. Previously, Michael held a variety of roles at Chef leveraging Chef’s open source and paid solutions, and implementing the ideas and practices of DevOps. Michael has also worked in roles including Cloud Architecture, Systems Engineering, and Performance Engineering. He holds an MPCS and an MBA.