Upgrade to Pro — share decks privately, control downloads, hide ads and more …

FalcOMG That's Awesome

FalcOMG That's Awesome

On this panel, the Falco maintainers will discuss the great things happening in Falco a cloud-native runtime security project, the de facto Kubernetes threat detection engine. This panel of key Falco maintainers will cover:
- Brief Overview of Falco and its history
- Updates on Falco and its subprojects (Falco, falcosidekick etc)
- Contributions of the core drivers and libraries (libsinsp , libscap, the kernel module driver the eBPF driver source) and what this means for the community
- Roadmap Capabilities.

What's Coming!

Interactive QA on what you would like to see in the project.

Leonardo Di Donato

May 06, 2021
Tweet

More Decks by Leonardo Di Donato

Other Decks in Technology

Transcript

  1. Falco OMG! PART 1 gh:falcosecurity/falco

  2. Open Source Software Engineer Falco Maintainer Sysdig A talk with

    a lot of hand gestures 2 Leonardo Grasso Open Source Software Engineer Falco Maintainer Sysdig Leonardo Di Donato
  3. A timeline always works fine Falco created to parse libsinsp

    events! May 2016 Accepted as a CNCF incubation level hosted project Jan 2020 Sysdig Inc. donated Falco to the CNCF Oct 2018 3 May 2019 Falco Community Calls start! @leodido + @leogr
  4. Falco release process 🔗 is now fully open! • Coherent

    SemVer 2 versioning 🌀 • Falco drivers versions • Artifacts 📦 🐳 • Fully automated Join our Community Calls and propose yourself to be part of the next release team! @leodido + @leogr
  5. New contributors YaY! 😺 ❏ IBM ❏ Amazon ❏ Mercari

    ❏ Hetzner Cloud ❏ DeltaTre ❏ VMWare ❏ move:elevator gh:falcosecurity/.github/maintainers.yaml @leodido + @leogr
  6. Falco Open Infra ❏ EKS ❏ Kubernetes ❏ Prow ❏

    ProwJob ❏ Plugins Thanks to Jonah & Max too! prow.falco.org 🔗 gh:falcosecurity/test-infra 🔗 ❏ How Falco uses Prow on AWS for open source testing ❏ By leodido and jonahjon @ AWS blog ❏ Going Beyond CI/CD with Prow ❏ By leodido @ KubeCon NA 2020 ❏ Drivers Build Grid ❏ By leodido, fntlnz, and jonahjon ❏ Update maintainers list + ProwJob definition ❏ By leodido ❏ Update K8S manifests + ProwJob definition ❏ By leogr @leodido + @leogr
  7. download.falco.org 🔗 ❏ Packages ❏ RPM ❏ DEB ❏ Binary

    ❏ Drivers (more than 3,5K) ❏ Amazon Linux 1 & 2 ❏ Ubuntu & Ubuntu AWS ❏ CentOS ❏ Debian @leodido + @leogr
  8. Contribution of the libraries and the drivers to the CNCF

  9. Contribution of the libraries and the drivers ❏ Libraries ❏

    libsinsp ❏ libscap ❏ Drivers ❏ Kernel module ❏ eBPF probe @leodido + @leogr proposal 🔗 blog post 🔗
  10. We go grab a coffee before you ask questions... 10

    falcosidekick turn now! ❏ twitter.com/leodido ❏ github.com/leodido ❏ twitter.com/leogrease ❏ github.com/leogr ❏ github.com/falcosecurity/falco ❏ github.com/falcosecurity/libs ❏ kubernetes.slack.com/messages/falco ☕
  11. Connect Falco to your ecosystem with Falcosidekick Falco OMG! PART

    2 gh:falcosecurity/falcosidekick
  12. less gesture but still a moustashe 12 Thomas Labarussias SRE

    at Qonto Falco Contributor Falcosidekick Creator
  13. Falco architecture 13

  14. What is Falcosidekick 14 push push push push pull push

    push push push only if priority > critical
  15. What is Falcosidekick 15 github.com/falcosecurity/falcosidekick chat logs queue/streaming faas metrics

    alerting storage and more ... Connects Falco to your ecosystem
  16. Respond to threats 16 AWS Lambda Kubeless OpenFaas Knative Detection

    Notification Action
  17. Demo 17

  18. “how to translate Falco website into your language” turn now!

    ❏ github.com/Issif ❏ github.com/falcosecurity/falcosidekick ❏ github.com/falcosecurity/falcosidekick-ui
  19. Falco i18n Falco OMG! PART 3 gh:falcosecurity/falcosidekick

  20. “In real open source, you have the right to control

    your own destiny.” Linus Torvalds 20 Radhika Puthiyetath Principal Technical Writer, Sysdig Inc. Falco Maintainer
  21. Falco i18n 21 • Contributor Guidelines • Translation Guidelines •

    OWNER File • config.toml • i18n directory • content directory
  22. Let us grab a coffee and talk more about i18n

    Thank You ☕