Falco OMG! PART 1 gh:falcosecurity/falco

Open Source Software Engineer Falco Maintainer Sysdig A talk with a lot of hand gestures 2 Leonardo Grasso Open Source Software Engineer Falco Maintainer Sysdig Leonardo Di Donato

A timeline always works fine Falco created to parse libsinsp events! May 2016 Accepted as a CNCF incubation level hosted project Jan 2020 Sysdig Inc. donated Falco to the CNCF Oct 2018 3 May 2019 Falco Community Calls start! @leodido + @leogr

Falco release process 🔗 is now fully open! ● Coherent SemVer 2 versioning 🌀 ● Falco drivers versions ● Artifacts 📦 🐳 ● Fully automated Join our Community Calls and propose yourself to be part of the next release team! @leodido + @leogr

New contributors YaY! 😺 ❏ IBM ❏ Amazon ❏ Mercari ❏ Hetzner Cloud ❏ DeltaTre ❏ VMWare ❏ move:elevator gh:falcosecurity/.github/maintainers.yaml @leodido + @leogr

Falco Open Infra ❏ EKS ❏ Kubernetes ❏ Prow ❏ ProwJob ❏ Plugins Thanks to Jonah & Max too! prow.falco.org 🔗 gh:falcosecurity/test-infra 🔗 ❏ How Falco uses Prow on AWS for open source testing ❏ By leodido and jonahjon @ AWS blog ❏ Going Beyond CI/CD with Prow ❏ By leodido @ KubeCon NA 2020 ❏ Drivers Build Grid ❏ By leodido, fntlnz, and jonahjon ❏ Update maintainers list + ProwJob definition ❏ By leodido ❏ Update K8S manifests + ProwJob definition ❏ By leogr @leodido + @leogr

download.falco.org 🔗 ❏ Packages ❏ RPM ❏ DEB ❏ Binary ❏ Drivers (more than 3,5K) ❏ Amazon Linux 1 & 2 ❏ Ubuntu & Ubuntu AWS ❏ CentOS ❏ Debian @leodido + @leogr

Contribution of the libraries and the drivers to the CNCF

Contribution of the libraries and the drivers ❏ Libraries ❏ libsinsp ❏ libscap ❏ Drivers ❏ Kernel module ❏ eBPF probe @leodido + @leogr proposal 🔗 blog post 🔗

We go grab a coffee before you ask questions... 10 falcosidekick turn now! ❏ twitter.com/leodido ❏ github.com/leodido ❏ twitter.com/leogrease ❏ github.com/leogr ❏ github.com/falcosecurity/falco ❏ github.com/falcosecurity/libs ❏ kubernetes.slack.com/messages/falco ☕

Connect Falco to your ecosystem with Falcosidekick Falco OMG! PART 2 gh:falcosecurity/falcosidekick

less gesture but still a moustashe 12 Thomas Labarussias SRE at Qonto Falco Contributor Falcosidekick Creator

Falco architecture 13

What is Falcosidekick 14 push push push push pull push push push push only if priority > critical

What is Falcosidekick 15 github.com/falcosecurity/falcosidekick chat logs queue/streaming faas metrics alerting storage and more ... Connects Falco to your ecosystem

Respond to threats 16 AWS Lambda Kubeless OpenFaas Knative Detection Notification Action

Demo 17

“how to translate Falco website into your language” turn now! ❏ github.com/Issif ❏ github.com/falcosecurity/falcosidekick ❏ github.com/falcosecurity/falcosidekick-ui

Falco i18n Falco OMG! PART 3 gh:falcosecurity/falcosidekick

“In real open source, you have the right to control your own destiny.” Linus Torvalds 20 Radhika Puthiyetath Principal Technical Writer, Sysdig Inc. Falco Maintainer

Falco i18n 21 ● Contributor Guidelines ● Translation Guidelines ● OWNER File ● config.toml ● i18n directory ● content directory

Let us grab a coffee and talk more about i18n Thank You ☕