Kubernetes Master Class: Detecting anomalous activity in Rancher with Falco

Presented by

Pawan Shankar, Director, Secure Product Marketing, Sysdig & Vicente Garcia, Technical Marketing Engineer, Sysdig

About this talk

Securing Kubernetes requires putting controls in place to detect unexpected behavior that could be malicious. Examples include: - Exploits of unpatched and new vulnerabilities - Insecure configurations - Leaked or weak credentials - Insider threats Even when processes are in place for vulnerability scanning and implementing pod security and network policies, not every risk will be addressed. You still need mechanisms to confirm these security barriers are effective and provide a last line of defense when they fail. In order to keep up with threats at runtime, an open-source based approach can help you stay up to date.In this webinar, you will learn how to manage security risk at runtime in your RKE environments using Falco, a CNCF project for runtime security. Falco efficiently leverages Extended Berkeley Packet Filter (eBPF), a secure mechanism, to capture system calls and gain deep visibility. By adding Kubernetes application context and Kubernetes API audit events, teams can understand exactly who did what. We will also cover how Sysdig Secure extends the Falco detection engine and eases the burden of creating and updating Falco rules. It can also generate fewer false positives by tuning Falco-based policies for your own environment.
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (19)
Subscribers (5628)
In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights, a unique AI architecture, and open source Falco. Sysdig delivers live visibility by correlating signals across cloud workloads, identities, and services to uncover hidden attack paths. By knowing what is running, teams can prioritize the vulnerabilities, misconfigurations, permissions, and threats that matter most. From prevention to defense, Sysdig helps enterprises move faster and focus on what matters: innovation. Sysdig. Secure Every Second.