gVisor+Falco: Strengthen K8s & Container Security Without Losing Visibility

gVisor is an application kernel that provides an additional layer of isolation between running applications and the host operating system. This extra layer greatly improves the security of workloads but can impede container visibility. Discover how Falco integrates with the gVisor runtime to continue isolating your containers while keeping an eye on behavior.

Hear from the gVisor and Falco community developers that made it possible to leverage the powerful gVisor isolation and sandboxing capabilities while enjoying Falco’s deep visibility and flexible detection engine.

You'll learn how to:

Implement runtime security
Install and configure gVisor and Falco
Extend Docker configuration to enable gVisor
Forward your Falco events by leveraging Falco Sidekick

Speakers:
Luca Guerra, Open Source Engineer, Sysdig
Nicolas Lacasse, Software Engineer, Google

Thank you!

We’ve received your submission and will be in touch soon.

Trusted globally

Prioritize and stop the threats that matter most.

When attackers move at cloud speed, every second counts. From prevention to defense, Sysdig is purpose-built and proven for the scale, speed, and complexity of the cloud.