SECURITY
SECURITY
SECURITY
Sysdig advances open-source cloud security with enhanced Falco threat investigation tools
Cloud-native application security firm Sysdig Inc. today announced new open-source threat investigation and analysis capabilities for its runtime security tool Falco as part of its vision for a unified open-source cloud security platform.
Falco is a runtime security tool that detects suspicious or abnormal behavior in cloud environments in real time. A Cloud Native Computing Foundation graduated project from February 2024, Falco has exceeded 175 million downloads. With the announcement today, it can now record system capture files when specific rules are triggered.
The new files created with the new capabilities are readily consumable by the open-source cloud analysis tool Stratoshark to let users move more quickly from real-time threat detection into post-event analysis. The enhanced integration of Falco with Stratoshark allows users to detect an attack in real time and also drill into captured data with precision so that they can respond with speed and confidence.
With the new capabilities, teams can detect threats in real time with Falco, capture detailed incident data the moment suspicious behavior is flagged and then investigate with precision using Stratoshark. The unified workflow provides end-to-end visibility and response within a single open-source ecosystem to give security teams the ability to act quickly and confidently with full context.
Sysdig says the integration highlights the strength of community-driven innovation, as both Falco and Stratoshark are built on open standards that continually evolve to address emerging threats. Sysdig enables teams to move effortlessly from high-level overviews to granular metadata by bringing enterprise-grade detection and analysis capabilities to the open-source community and democratizing access to powerful cloud security tools.
“With Falco now producing Stratoshark-consumable SCAP files and enriched cloud log metadata, we’re bridging the open-source gap between real-time threat detection and granular forensics,” said Gerald Combs, director of open source projects at Sysdig. “The future of security is built on open source, and the future of open source is built on a platform approach that enables security teams to work faster and more efficiently.”
Earlier this year, Sysdig launched the Sysdig Open Source Community to unify and support the worldwide ecosystem of security professionals, developers, engineers, analysts and students using Falco, Wireshark, Stratoshark and Sysdig OSS. The community was created to foster deeper collaboration, knowledge sharing and a stronger sense of connection across the once-disparate community of users.
The announcement comes as Sysdig and Falco will be at KubeCon + CloudNativeCon North America conference in Atlanta Nov. 10-13.
Image: SiliconANGLE/Ideogram
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
