Session

The Falco Playground: a Cocktail of WebAssembly and Runtime Security

Falco is a CNCF tool for Runtime Security, for both Linux systems and cloud logs, and the highest adopted threat detection project for Kubernetes. Its powerful engine is configured with a simple rule language based on YAML. However, the community still lacks an official IDE for writing and playing with Falco rules.

Past attempts always met friction due to the Falco engine's lack of portability, being written in C++ for its performance and low-level programming requirements. Wait, can't C++ be compiled into WebAssembly nowadays? If so, can't Falco run on a browser?

That's how Jason and Rohith, a core maintainer and a contributor of Falco, developed a backend-less Falco Playground web app for the Google Summer of Code. Join this session to learn how they ported a large production-grade C++ codebase to WASM, with the unique tech mix-up of web development and a thread detection tool for the Linux kernel.

Falco can now run anywhere: are there new runtime detection opportunities too?

Rohith Raju

Gsoc 2023 @ CNCF Falco

Bengaluru, India

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top