| JP Vossen via plug on 9 Apr 2022 12:09:36 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] Book: Practical Cloud Native Security with Falco |
I ran across this _Practical Cloud Native Security with Falco_ while looking for something else. It won't be published until 2022-11, but I read some of the early release and it's interesting. I'm surprised I didn't already know about Falco, but I didn't. Take the idea of `libpcap` and the awesome tools that came out of that like WireShark and Snort, then do the same with with eBPF. So eBPF (kernel-side) = `libpcap` and Falco = Snort. Very cool. It seems like Falco can fill the same sort of niche as Wazuh (OSSec), except maybe at a lower level. https://en.wikipedia.org/wiki/EBPF https://falco.org/ https://wazuh.com/ Later, JP -- ------------------------------------------------------------------- JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/ ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug