1 مستودع
Installation and rollout of runtime security monitoring agents across diverse host and container environments.
Distinct from Container Cluster Deployments: Focuses on the deployment of a security monitor rather than general cluster deployment or secure binary installation.
Explore 1 awesome GitHub repository matching devops & infrastructure · Runtime Security Deployment. Refine with filters or upvote what's useful.
Falco is an eBPF runtime security monitor and cloud native detection engine that identifies abnormal behavior and security threats across hosts and containers. It functions as a Linux kernel event auditor, capturing system calls and kernel events in real-time to detect malicious activity. The system distinguishes itself through a rule-based threat detection model that evaluates system activity against a library of community-maintained rules and custom security definitions. It enriches raw kernel events with container and Kubernetes metadata to provide observability into isolated environments
Installs security monitoring across hosts, containers, or clusters using packages, archives, and operators.