The second video in the free "Falco 101" training course hosted at the Sysdig learning portal:
https://learn.sysdig.com/falco-101

Here we will introduce Falco as a threat detection engine, defining its concepts and key components - events, rules and alerts.

For the full, free Falco 101 course, including fully interactive hands-on labs and much more content to gain expertise on Falco for all kinds of experience levels, visit the Sysdig learning portal.

Below are some of the topics you can expect to find as part of Falco 101:

101.04 - Falco Installation and basic settings
101.05 - Falco Event Sources
101.06 - Falco Rules Basics
101.07 - Falco Rules Deep Dive
101.08 - Fine Tuning Falco Rules (Exceptions)
101.09 - Falco Alerts
101.10 - Falco Response Engine

Chapters:

00:00 Introduction

00:16 What is Falco?

00:33 Core components of Falco

01:01 Background

01:17 Join the community

01:27 Conclusion

MB01BV64OQ1JXEW