Slide 1

Slide 1 text

Falco OMG! PART 1 gh:falcosecurity/falco

Slide 2

Slide 2 text

Open Source Software Engineer Falco Maintainer Sysdig A talk with a lot of hand gestures 2 Leonardo Grasso Open Source Software Engineer Falco Maintainer Sysdig Leonardo Di Donato

Slide 3

Slide 3 text

A timeline always works fine Falco created to parse libsinsp events! May 2016 Accepted as a CNCF incubation level hosted project Jan 2020 Sysdig Inc. donated Falco to the CNCF Oct 2018 3 May 2019 Falco Community Calls start! @leodido + @leogr

Slide 4

Slide 4 text

Falco release process πŸ”— is now fully open! ● Coherent SemVer 2 versioning πŸŒ€ ● Falco drivers versions ● Artifacts πŸ“¦ 🐳 ● Fully automated Join our Community Calls and propose yourself to be part of the next release team! @leodido + @leogr

Slide 5

Slide 5 text

New contributors YaY! 😺 ❏ IBM ❏ Amazon ❏ Mercari ❏ Hetzner Cloud ❏ DeltaTre ❏ VMWare ❏ move:elevator gh:falcosecurity/.github/maintainers.yaml @leodido + @leogr

Slide 6

Slide 6 text

Falco Open Infra ❏ EKS ❏ Kubernetes ❏ Prow ❏ ProwJob ❏ Plugins Thanks to Jonah & Max too! prow.falco.org πŸ”— gh:falcosecurity/test-infra πŸ”— ❏ How Falco uses Prow on AWS for open source testing ❏ By leodido and jonahjon @ AWS blog ❏ Going Beyond CI/CD with Prow ❏ By leodido @ KubeCon NA 2020 ❏ Drivers Build Grid ❏ By leodido, fntlnz, and jonahjon ❏ Update maintainers list + ProwJob definition ❏ By leodido ❏ Update K8S manifests + ProwJob definition ❏ By leogr @leodido + @leogr

Slide 7

Slide 7 text

download.falco.org πŸ”— ❏ Packages ❏ RPM ❏ DEB ❏ Binary ❏ Drivers (more than 3,5K) ❏ Amazon Linux 1 & 2 ❏ Ubuntu & Ubuntu AWS ❏ CentOS ❏ Debian @leodido + @leogr

Slide 8

Slide 8 text

Contribution of the libraries and the drivers to the CNCF

Slide 9

Slide 9 text

Contribution of the libraries and the drivers ❏ Libraries ❏ libsinsp ❏ libscap ❏ Drivers ❏ Kernel module ❏ eBPF probe @leodido + @leogr proposal πŸ”— blog post πŸ”—

Slide 10

Slide 10 text

We go grab a coffee before you ask questions... 10 falcosidekick turn now! ❏ twitter.com/leodido ❏ github.com/leodido ❏ twitter.com/leogrease ❏ github.com/leogr ❏ github.com/falcosecurity/falco ❏ github.com/falcosecurity/libs ❏ kubernetes.slack.com/messages/falco β˜•

Slide 11

Slide 11 text

Connect Falco to your ecosystem with Falcosidekick Falco OMG! PART 2 gh:falcosecurity/falcosidekick

Slide 12

Slide 12 text

less gesture but still a moustashe 12 Thomas Labarussias SRE at Qonto Falco Contributor Falcosidekick Creator

Slide 13

Slide 13 text

Falco architecture 13

Slide 14

Slide 14 text

What is Falcosidekick 14 push push push push pull push push push push only if priority > critical

Slide 15

Slide 15 text

What is Falcosidekick 15 github.com/falcosecurity/falcosidekick chat logs queue/streaming faas metrics alerting storage and more ... Connects Falco to your ecosystem

Slide 16

Slide 16 text

Respond to threats 16 AWS Lambda Kubeless OpenFaas Knative Detection Notification Action

Slide 17

Slide 17 text

Demo 17

Slide 18

Slide 18 text

β€œhow to translate Falco website into your language” turn now! ❏ github.com/Issif ❏ github.com/falcosecurity/falcosidekick ❏ github.com/falcosecurity/falcosidekick-ui

Slide 19

Slide 19 text

Falco i18n Falco OMG! PART 3 gh:falcosecurity/falcosidekick

Slide 20

Slide 20 text

β€œIn real open source, you have the right to control your own destiny.” Linus Torvalds 20 Radhika Puthiyetath Principal Technical Writer, Sysdig Inc. Falco Maintainer

Slide 21

Slide 21 text

Falco i18n 21 ● Contributor Guidelines ● Translation Guidelines ● OWNER File ● config.toml ● i18n directory ● content directory

Slide 22

Slide 22 text

Let us grab a coffee and talk more about i18n Thank You β˜•