home/categories/security/mukul975-anthropic-cybersecurity-skills-skills-performing-cloud-native-forensics-with-falco-skill-md
securitytesting-security
performing-cloud-native-forensics-with-falco
Uses Falco YAML rules for runtime threat detection in containers and Kubernetes, monitoring syscalls for shell spawns, file tampering, network anomalies, and privilege escalation. Manages Falco rules via the Falco gRPC API and parses Falco alert output. Use when building container runtime security or investigating k8s cluster compromises.
maintainer
mukul975
更新於 4/6/2026
星標
4240
分支
464
quick start
Installation and usage
Uses Falco YAML rules for runtime threat detection in containers and Kubernetes, monitoring syscalls for shell spawns, file tampering, network anomalies, and privilege escalation. Manages Falco rules via the Falco gRPC API and parses Falco alert output. Use when building container runtime security or investigating k8s cluster compromises.
安裝
$ install --globalskills.sh
使用
安裝後,您可以透過在終端機執行以下指令來使用此技能:
skills use performing-cloud-native-forensics-with-falco