kpexec VS falco

Kubectl-debug - Allows you to run a new container with all the troubleshooting tools installed in running pod for debugging purpose PowerfulSeal - A powerful testing tool for Kubernetes clusters Crash-diagnostic - Crash-Diagnostics is a tool to help investigate, analyze, and troubleshoot unresponsive or crashed Kubernetes clusters K9s - Kubernetes CLI To Manage Your Clusters In Style! Kubernetes CLI Plugin - Doctor - kubectl cluster triage plugin for k8s - 🏥 (brew doctor equivalent) Knative Inspect - A light-weight debugging tool for Knative's system components Kubeman - To find information from Kubernetes clusters, and to investigate issues related to Kubernetes and Istio kpexec - kpexec is a kubernetes cli that runs commands in a container with high privileges

https://github.com/falcosecurity/falco

Like snort, but looks at system calls.

From one noob to another - I had a lot of fun setting up Falco (https://falco.org) and creating custom policies & alerts.

Falco is a well-known open source security solution originally created by Sysdig. It’s a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.

Use some kind of SIEM or Falco to alert you to threats (you can't stop them, but a human can always intervene)

Falco, is a security project that can help you detect threats from within your cluster.

https://falco.org/ is a security-focused monitoring and alerting with an eBPF option

On the cgo side I want to highlight two talks: one from Loris Cro about dealing with cross-complition difficulties, that the usage of cgo brings, using the Zig language and the other from Jason Dellaluce and Leonardo Grasso about how to extend Falco, a Kubernetes threat detection engine, which is written in C++, with plugins written in Go, explaining the challenges of integrating cgo in both C and Go.