scope
falco
Our great sponsors
| scope | falco | |
|---|---|---|
| 4 | 42 | |
| 5,817 | 6,883 | |
| 0.1% | 2.7% | |
| 0.0 | 9.8 | |
| 9 months ago | 1 day ago | |
| Go | C++ | |
| Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
scope
-
IA et Calcul scientifique dans Kubernetes avec le langage Julia, K8sClusterManagers.jl
Weave Scope
-
Interactive Architecture Diagrams
There are products that will introspect a k8s cluster and give a diagram like: https://www.weave.works/oss/scope/
-
Kubernetes Security Checklist 2021
Build observability and visibility processes in order to understand what is happening in infrastructure and services (Luntry, WaveScope)
falco
-
Cisco Acquires Splunk
https://github.com/falcosecurity/falco
Like snort, but looks at system calls.
-
An Overview of Kubernetes Security Projects at KubeCon Europe 2023
Falco is a well-known open source security solution originally created by Sysdig. Itβs a CNCF incubating project and one of the few (as far as I can tell) options on this list that uses eBPF to scan for vulnerabilities.
-
K8s secret management
Use some kind of SIEM or Falco to alert you to threats (you can't stop them, but a human can always intervene)
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 2/2
Falco, is a security project that can help you detect threats from within your cluster.
-
Go based eBPF projects
https://falco.org/ is a security-focused monitoring and alerting with an eBPF option
- eBPF β Running sandboxed programs in a privileged context such as OS kernel
-
Implement DevSecOps to Secure your CI/CD pipeline
Falco is a cloud native Kubernetes threat detection tool. It can detect unexpected behavior, intrusions, and data theft in real time. In the backend, it uses Linux eBPF technology to trace your system and applications at runtime. For example, it can detect if someone tries to read a secret file inside a container, access a pod as a root user, etc, and trigger a webhook or send logs to the monitoring system. There are similar tools like Tetragon, KubeArmor, and Tracee which also provide Kubernetes runtime security.
-
Blackhat 2022 recap β Trends and highlights
Log everything but know the limits: the golden rule of security is to log everything, but in some cases we exceed the limits. Attackers use this to hide their actions and go unnoticed. At this point, we want to highlight another option. Try to detect at runtime or at the time when these logs occur to avoid the large amount of logs (only one window is sufficient if the initial compromise attack is detected). That is what Falco open source tries to do.
- Live Packet Capture to Grafana
-
Manage Falco easier with Giant Swarm App Platform
Falco is the de facto Kubernetes threat detection engine, and also extends its reach to cloud and Linux hosts. It monitors the behavior of every process in the node and can alert us when something fishy happens.
What are some alternatives?
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Kyverno - Kubernetes Native Policy Management
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
gatekeeper - π Gatekeeper - Policy Controller for Kubernetes
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
istio - Connect, secure, control, and observe services.
tracee - Linux Runtime Security and Forensics using eBPF
grype - A vulnerability scanner for container images and filesystems
loki - Like Prometheus, but for logs.
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
kube-hunter - Hunt for security weaknesses in Kubernetes clusters