Lead Image © dunord, 123RF.com

Lead Image © dunord, 123RF.com

Proactive threat detection

Silent Observer

Article from ADMIN 89/2025
By
The Falco tool promises comprehensive threat detection for Docker, Podman, and Kubernetes from network traffic streams.

Regular checks and comprehensive compliance are no longer enough to guarantee security in data centers. Because criminals are getting more savvy and their attacks are becoming increasingly complex and sophisticated, defenses need to keep pace. Proactive monitoring of network traffic has been the order of the day for some time now. Partly in the wake of AI, this approach involves identifying unusual activity from suspicious data packets in network traffic and taking preventive measures before an attacker can exploit the opportunity.

Many services of this kind are on the market, Coroot [1] being just one that has made a name for itself (Figure 1). However, this tool is currently facing some reservations, particularly among European customers, because it can only be used if you are prepared to upload comprehensive information about your own data traffic to the cloud, where the AI part of the application is located.

Figure 1: Coroot performs security analyses with AI but uploads a large volume of data to the cloud for this purpose, whereas Falco is exclusively local in this respect.

A far more down-to-earth solution by the name of Falco

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Photo by mari lezhava on Unsplash
    Tools for testing container vulnerability
    Vulnerable software and incorrect settings cause problems, but administrators have some tools at hand that can help with container security.
    more »
  • Attackers Use PRoot to Expand Scope of Linux Attacks
    more »
  • Sysdig Launches Open Source Stratoshark for Cloud Observability
    more »
  • News for Admins
    The JUPITER supercomputer is set to become the first European exascale computing system, according to a recent agreement...
    more »
  • News for Admins
    In the news: Palo Alto Networks Introduces Cortex Cloud; Canonical to Provide 12 Years of Kubernetes Support; Mirantis Releases Open Source k0rdent; D-Wave Now Offers On-Premises Quantum Computing Systems; IP Fabric 7.0 Released; UK Releases Code of Practice for Securing AI; Red Hat Releases Kubernetes-Native Connectivity Link; OpenVox Automation Framework Announced; Sysdig Launches Open Source Stratoshark for Cloud Observability; Data Center Electricity Demand Projected to Double or Triple by 2028; Red Hat Releases OpenShift Virtualization Tools; 16GB Raspberry Pi 5 Announced; Open Storage Network Adds More Sites.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=