II.
Tool overview
Reference · livetool:falco
Falco overview
CNCF cloud-native runtime security tool that detects anomalous activity in containers, hosts, and Kubernetes workloads using eBPF and kernel system call inspection. Provides real-time threat detection with a flexible rules engine for custom policies.
Attributes
displayName
Falco
homepageUrl
kind
security
description
CNCF cloud-native runtime security tool that detects anomalous activity in containers,
hosts, and Kubernetes workloads using eBPF and kernel system call inspection.
Provides real-time threat detection with a flexible rules engine for custom policies.
Outgoing edges
alternative_to1
- tool:opa·ToolOpen Policy Agent
belongs_to_language1
- language:cpp·LanguageC++
tool_used_by2
- skill-area:runtime-security·SkillAreaRuntime Security
- skill-area:threat-detection·SkillAreaThreat Detection
used_for2
- skill-area:vulnerability-scanning·SkillAreaVulnerability Scanning
- skill-area:runtime-security·SkillAreaRuntime Security
Incoming edges
alternative_to1
- tool:opa·ToolOpen Policy Agent
composed_of1
- stack-profile:security-operations·StackProfileSecurity Operations Stack (Trivy, Falco, OPA, Vault, Snyk)
integrates_with1
- tool-server:mcp-falco·ToolServerFalco MCP Server