Rachid is a cloud expert involved in multiple opensource experts program Docker Captain, Microsoft MVP, Snyk ambassador.
In his previous roles as head of the infrastructure team for the French registry and C.I.O of a worldwide
recognized CRM and E-COMMERCE agency, he recognized the need to bring the latest technology at a production level to businesses of all sizes and founded sevensphere.
Through sevensphere, Rachid offers training and consultancy for companies striving to dive into microservices container based infrastructure.
Husband and father, Rachid spends his spare time, participating in multiple OSS communities, teaching cloud architecture at a software engineering school
In this session, we'll be diving into detecting and reacting to suspicious behaviour that can occur within a Kubernetes cluster. We'll be using Falco, the CNCF's most advanced open source runtime security project and some other tools from its ecosystem.
As the use of Kubernetes grows, the need to secure these environments also becomes more critical. Falco, a CNCF project, is the de facto solution for runtime threat detection in Linux and Kubernetes environments. It offers complete visibility at kernel level by capturing Syscalls via eBPF, analysing this flow using a powerful rules engine and alerting when a rule is triggered.
Over time, the Falco ecosystem has grown to include the ability to retrieve events from a variety of sources, such as SaaS or Cloud provider audit logs, and to integrate with dozens of tools for notification, analysis and reaction.
In this talk, attendees will learn about the basics of Falco, how to connect it to existing systems and will be treated to a real-time demonstration of how to remediate an intrusion.
Searching for speaker images...