Join Dan “Pop” Papandrea as we talk through a scary situation: Not having runtime protection for your containers and cloud services. In this session, you will learn how to use Falco, the de facto runtime security tool for Kubernetes and the cloud. We'll cover topics including:
- What is Falco and what are its sub projects?
- Intrusion detection for containers using Falco
- Rules and events detection for AWS Cloudtrail logs
- How to use Falco-sidekick and its tooling to visually see violations in real-time and how to address them
You will walk away knowing exactly what someone did in their last container/cloud.