Falco

E703664

behavior-based security tool cloud-native security project intrusion detection system open-source software runtime security tool

Falco is an open-source cloud-native runtime security tool that monitors system behavior to detect and alert on suspicious activity in containers, Kubernetes, and Linux hosts.

Try in SPARQL Jump to: Statements Referenced by

Statements (47)

Predicate	Object
instanceOf	behavior-based security tool ⓘ cloud-native security project ⓘ intrusion detection system ⓘ open-source software ⓘ runtime security tool ⓘ
alertsOn	suspicious activity in Kubernetes ⓘ suspicious activity in containers ⓘ suspicious activity on Linux hosts ⓘ
analyzes	container runtime activity ⓘ file system activity ⓘ kernel-level events ⓘ network activity ⓘ process activity ⓘ
category	cloud-native runtime security tool ⓘ open-source security project ⓘ
coreCapability	behavioral monitoring ⓘ policy-based alerting ⓘ real-time threat detection ⓘ
deploymentModel	agent-based ⓘ
designedFor	Kubernetes clusters NERFINISHED ⓘ cloud-native environments ⓘ containerized workloads ⓘ
detects	anomalous behavior ⓘ security threats at runtime ⓘ suspicious activity ⓘ
domain	Kubernetes security ⓘ Linux security ⓘ cloud security ⓘ container security ⓘ
license	open-source license ⓘ
monitors	Kubernetes workloads ⓘ Linux hosts ⓘ Linux system calls ⓘ containers ⓘ system behavior ⓘ
purpose	detect policy violations ⓘ improve runtime security of cloud-native workloads ⓘ provide security alerts ⓘ
softwareType	intrusion detection ⓘ runtime security ⓘ threat detection ⓘ
sourceModel	open source ⓘ
supportsPlatform	Docker NERFINISHED ⓘ Kubernetes NERFINISHED ⓘ Linux ⓘ
uses	rules engine ⓘ security policies ⓘ

Referenced by (4)

Full triples — surface form annotated when it differs from this entity's canonical label.

Cloud Native Computing Foundation → hostsProject → Falco ⓘ

Body Next to Body → producer → Falco ⓘ

Body Next to Body → collaborationWith → Falco ⓘ

eBPF → usedBy → Falco ⓘ