falco-security Cloud Native Runtime Security

行业分类
云计算开源地址
https://github.com/darklife/darkriscv授权协议
Apache-2.0 License

CloudNativeRutimeSecurity.

Wattotalk?Joiusothe#falcochaelitheKuberetesSlack.

Latestreleases

Readthechagelog.

developmetstablerpmdebbiary

TheFalcoProject,origiallycreatedbySysdig,isaicubatigCNCFopesourcecloudativerutimesecuritytool.Falcomakesiteasytocosumekerelevets,aderichthoseevetswithiformatiofromKuberetesadtherestofthecloudativestack.FalcohasarichsetofsecurityrulesspecificallybuiltforKuberetes,Liux,adcloud-ative.Ifaruleisviolatediasystem,Falcowillsedaalertotifyigtheuseroftheviolatioaditsseverity.

IstalligFalco

IfyouwouldliketoruFalcoiproductiopleaseadheretotheofficialistallatioguide.

Kuberetes

ToolLikNoteHelmChartRepositoryTheFalcocommuityoffersregularhelmchartreleases.MiikubeTutorialTheFalcodriverhasbeebakeditomiikubeforeasydeploymet.KidTutorialRuigFalcowithkidrequiresadriverothehostsystem.GKETutorialWesuggestusigtheeBPFdriverforruigFalcooGKE.Developig

Falcoisdesigedtobeextesiblesuchthatitcabebuiltitocloud-ativeapplicatiosadifrastructure.

FalcohasagRPCedpoitadaAPIdefiediprotobuf.TheFalcoProjectsupportsvariousSDKsforthisedpoit.

SDKs

LaguageRepositoryGocliet-goRustcliet-rsPythocliet-pyWhatcaFalcodetect?

FalcocadetectadalertoaybehaviorthativolvesmakigLiuxsystemcalls.Falcoalertscabetriggeredbytheuseofspecificsystemcalls,theirargumets,adbypropertiesofthecalligprocess.Forexample,Falcocaeasilydetecticidetsicludigbutotlimitedto:

AshellisruigisideacotaierorpodiKuberetes.Acotaierisruigiprivilegedmode,orismoutigasesitivepath,suchas/proc,fromthehost.Aserverprocessisspawigachildprocessofauexpectedtype.Uexpectedreadofasesitivefile,suchas/etc/shadow.Ao-devicefileiswritteto/dev.Astadardsystembiary,suchasls,ismakigaoutboudetworkcoectio.AprivilegedpodisstartediaKuberetescluster.Documetatio

TheOfficialDocumetatioisthebestresourcetolearaboutFalco.

JoitheCommuity

TogetivolvedwithTheFalcoProjectpleasevisitthecommuityrepositorytofidmore.

Howtoreachout?

Joithe#falcochaelotheKuberetesSlackJoitheFalcomailiglistReadtheFalcodocumetatioCotributig

SeetheCONTRIBUTING.md.

SecurityAudit

AthirdpartysecurityauditwasperformedbyCure53,youcaseethefullreporthere.

Reportigsecurityvulerabilities

Pleasereportsecurityvulerabilitiesfollowigthecommuityprocessdocumetedhere.

LiceseTerms

FalcoislicesedtoyouudertheApache2.0opesourcelicese.