11:00 – 11:30 Cloud Native Runtime Security with Sysdig & Falco

What if we can detect abnormal behavior in the application, container runtime, cloud & cluster environment using the same process? 


In this talk, we’ll present Falco (a CNCF project for runtime security) along with Sysdig Secure (a commercial tool). 

We will show how to use Falco to tap into Linux system calls, the Kubernetes audit logs, and cloud events to provide low-level insight into application and platform behavior, and how to write security rules to detect abnormal behavior. 


Finally, we’ll end with taking a forensic capture of a security anomaly and performing a more detailed analysis of the event.


Peter Andersson,

Lead Solution Architect Nordics – Sysdig