Posted on

Monitor Kubernetes Events With Falco For Free

Kubernetes is now the platform of choice for many companies to manage their applications both on-premises and in the cloud. Its emergence a few years ago drastically changed the way we work. The flexibility of this platform has allowed us to increase the productivity of the engineering teams, thus requiring new working methods more adapted to this dynamic environment.

Kubernetes requested an adaptation of the security control processes to ensure the continuity of the reliability of this system. Falco is a tool that fits into this ecosystem.

Posted on

Securing a K3s Cluster

Container security is the process of implementing security tools and policies to protect the container, its application, and performance, including infrastructure, software supply chain, system tools, system libraries, and runtime against security threats.

Runtime security is a critical piece in a cloud-native security story.  Access control and policy enforcement are important prevention techniques, but runtime security is needed to detect threats that evade preventions.  

Posted on

Security With Falco

Introduction

Securing a container platform is a multi-step process spanning from development to production. The process of securing containers is continuous. It should be integrated into your development process, automated to remove the number of manual touchpoints, and extended into the maintenance and operation of the underlying infrastructure. Container security thus is the process of implementing security tools and policies to ensure that your container is running as intended.  

docker containerThere are a lot of Docker security practices and Kubernetes security practices. But there are gaps: there could be Image vulnerabilities or container abnormalities still. Some of these can be captured and addressed using various static container image scanning tools. But there is a need to analyze the container behavior at run-time to detect any bogus configurations, which are intentional or not, leading to data loss, security intrusions, and eventually leading to different vulnerabilities. If a container is not running as expected, then it could attack that exploited an existing vulnerability. So the run-time container scanning is essential to detect any action that deviates from the norm.