Falco rule repository
☆178Jun 19, 2026Updated last week
Alternatives and similar repositories for rules
Users that are interested in rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- libsinsp, libscap, the kernel module driver, and the eBPF driver sources☆311Updated this week
- Falco plugins registry☆117Jun 23, 2026Updated last week
- Administrative tooling for Falco☆128Jun 22, 2026Updated last week
- A crawler for kernel releases distributed by the major Linux distributions.☆13Oct 18, 2024Updated last year
- Falco plugins SDK for Rust☆12Jun 3, 2026Updated 3 weeks ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Generate a variety of suspect actions that are detected by Falco rulesets☆121May 22, 2026Updated last month
- Prometheus Metrics Exporter for Falco output events☆121Apr 16, 2025Updated last year
- Response Engine for managing threats in your Kubernetes☆206Updated this week
- Curating Falco rules with MITRE ATT&CK Matrix☆87Mar 7, 2024Updated 2 years ago
- A tool to crawl Linux kernel versions☆25May 25, 2026Updated last month
- Connect Falco to your ecosystem☆675Jun 22, 2026Updated last week
- Fetches the metadata from kubernetes API server and dispatches them to Falco instances☆22Jun 16, 2026Updated 2 weeks ago
- Demo repository for running eBPF in GitHub Actions☆23Mar 27, 2025Updated last year
- A simple WebUI with latest events from Falco☆138Updated this week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Community managed Helm charts for running Falco with Kubernetes☆293Jun 23, 2026Updated last week
- Kit for building Falco drivers: kernel modules or eBPF probes☆70Jun 23, 2026Updated last week
- Falco workflow & testing infrastructure☆33Updated this week
- Send GKE audit events to falco☆12Jan 8, 2023Updated 3 years ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆365Updated this week
- Kubernetes focused container assessment and context discovery tool for penetration testing☆482Nov 7, 2025Updated 7 months ago
- Nginx Multi Cluster Ingress Controller (based on kubernetes/ingress-nginx@v1.1.1)☆20Feb 28, 2024Updated 2 years ago
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆22Aug 13, 2024Updated last year
- ☆10Apr 19, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- eBPF-based Security Observability and Runtime Enforcement☆4,776Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆221Updated this week
- Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions☆26Mar 24, 2021Updated 5 years ago
- ☆13May 29, 2021Updated 5 years ago
- Evolution process of The Falco Project☆62Updated this week
- Tool for building Kubernetes attack paths☆976Jun 20, 2026Updated last week
- A Kubernetes Operator for Lakekeeper (WIP)☆17Apr 30, 2026Updated 2 months ago
- A collection of malicious tools I wrote when playing black team for an invitational CCDC competition☆23Mar 12, 2015Updated 11 years ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆236May 26, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆23Nov 19, 2025Updated 7 months ago
- Reconnaissance test in Kubernetes clusters☆21Oct 19, 2018Updated 7 years ago
- Wazuh Agent as Docker Image☆25May 16, 2024Updated 2 years ago
- Source code of the official Falco website☆39Jun 12, 2026Updated 2 weeks ago
- CLI to install, manage & troubleshoot Kubernetes clusters running Cilium☆577Updated this week
- A repository of example scripts, templates and modules for deploying SentinelOne agents☆29Jun 21, 2026Updated last week
- Sysdig datasource plugin for Grafana (https://grafana.com/)☆38Sep 3, 2024Updated last year