InfoQ Homepage Threat detection Content on InfoQ
News
RSS Feed-
Falco, Cloud-Native Security Tool for Kubernetes, Graduates from CNCF
CNCF announced the graduation of Falco, a tool designed for Linux systems and a de facto Kubernetes threat-detection engine. The project successfully met all graduation requirements, including undergoing the due diligence process, completing a third-party security audit, and obtaining the software licensing approvals.
-
Microsoft Open Sources AzDetectSuite Library for Detection Engineering in Azure
The Microsoft security team recently released AzDetectSuite, a collection of KQL queries and detection alerts against security threads on Azure and AzureAD. The open-source project provides basic detection capabilities at a low cost, targeting small environments within the Microsoft cloud platform.
-
Threat-Detection Tool Falco Now Supports Multiple Event Sources, Syscall Selection, and More
The latest release of Falco adds the ability to handle multiple simultaneous event sources within the same instance, support for selecting which syscalls to capture, a new Kernel Crawler to collect the most recent supported kernel versions, and more.