Wednesday, January 8, 2020

Falco's runtime security accepted by Cloud Native Computing Foundation

The Cloud Native Computing Foundation has accepted Falco, the open source cloud-native runtime security project originally created by Sysdig, as a CNCF incubation-level hosted project.

Falco entered the CNCF as a Sandbox Project in October 2018, the first and still the only runtime security technology to join. In the event of unexpected behavior at runtime, Falco detects and alerts, reducing the risk of a security incident.

Falco’s accomplishments since joining the CNCF

  • 100 percent increase in commits year-over-year
  • 64 committers
  • More than 2,000 GitHub stars
  • 55 contributors, including engineers from Frame.io, Shopify, Snap, and Booz Allen Hamilton
  • Adoption of a governance model that sets guidelines and standards for both contributors and maintainers was implemented during the last year. 
  • Falco was also made available in the Google marketplace and included in the launch of several major cloud projects, including AWS Firelens and Google Anthos. 
  • The Falco community created an operator that is available in the OperatorHub.io.

“It is great to see Falco advance within the CNCF to the incubating stage. As cloud-native technologies and our ecosystem matures, focus rightly shifts towards security. Falco fills a key gap in the cloud-native security landscape around intrusion detection. Combined with other projects and technologies on the prevention side, we have a comprehensive open source toolkit to enable an enhanced security posture for those investing in cloud native,” said Joe Beda, Principal Engineer at VMware and CNCF TOC Member.