This video shows you how to use Falco to detect potential risks and then log them to different Parseable log streams depending on their severity using Fluent Bit.
Security threat hunting by nature is extensive. You’d ideally want to capture everything you can - with least amount of instrumentation. This is where eBPF shines. You can capture OS level metrics, events with zero instrumentation with eBPF based systems. eBPF is now one of the widest-used options in the cloud native space.
In this post we’ll focus on Falco, a security tool that provides runtime security across hosts, containers, Kubernetes, and cloud environments.
#ebpf #falco #observability #logging #analysis #alerts
Published: 23 February 2025