"Sysdig introduces new Falco features that integrate seamlessly with Stratoshark. These updates enable automatic capture of system data for forensic investigation in the event of specific threats. Falco, which graduated from the CNCF in February 2024, can now store system capture (SCAP) files as soon as certain security rules are triggered. These files can be used directly in Stratoshark, known as the "Wireshark for the cloud.""
"Sysdig has also optimized the Falco plugins k8saudit and gcpaudit. These plugins help Stratoshark uncover crucial context in source events. As a result, teams can convert raw security data into actionable information. The combination leads to a process that combines rapid detection and forensic investigation. "Falco has cemented itself as the gold standard for runtime cloud threat detection, and Stratoshark is quickly becoming the industry's tool of choice for deep cloud system analysis," said Loris Degioanni, founder and CTO of Sysdig."
Falco can now automatically produce and store system capture (SCAP) files when specific security rules trigger, enabling direct use in Stratoshark for forensic analysis. The integration shifts workflows from solely real-time detection to detailed post-event cloud investigation. Sysdig optimized Falco plugins k8saudit and gcpaudit to provide richer contextual insight, allowing Stratoshark to convert raw security logs into actionable information. The combined tooling supports unified workflows where teams detect threats with Falco, capture in-depth incident data, and perform granular system analysis in Stratoshark. The platform has surpassed 175 million downloads and strengthens open source detection-and-response capabilities.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]