Loading…
November 13–15, 2018 - Shanghai, China
Click Here For Information & Registration

To view the Chinese version of this schedule please go here.
请点击此处查看中文版本。

我们将为所有主题演讲和分组会议提供同声传译服务。
Simultaneous translation will be provided for all keynote and breakout sessions.
Wednesday, November 14 • 14:40 - 15:15
Intro: Falco - Jorge Salamero Sanz, Sysdig

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Host intrusion detection (HID) has been around for some time. What if we rethought the problems HID solves in the context of Cloud Native platforms? What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, we’ll present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low-level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally, we will show how Falco can trigger functions to stop an abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security & incident response.

Speakers
avatar for Jorge Salamero Sanz

Jorge Salamero Sanz

Technical Marketing Manager, Sysdig
Jorge enjoys monitoring all the things, from his Docker containers and Kubernetes clusters to writing sensors plugins for DIY IoT projects with Raspberry PI and ESP8266. Currently he is part of the Sysdig team, and in the past was one of the promoters of HumanOps and a Debian developer... Read More →


Wednesday November 14, 2018 14:40 - 15:15
2F Room 4
  • Skill Level Any