Falco Rules Logo

Falco Rules

0
Free
Visit Website

This repository contains officially managed Falco Rules by The Falco Project, pre-defined detections for security threats, abnormal behaviors, and compliance-related monitoring. Users can modify community-contributed rules or create custom ones, focusing on syscalls and container events. Stay updated with the Rules Overview Document and release notes for evolving threats and systems.

FEATURES

ALTERNATIVES

Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.

A Python-based web application scanner for OSINT and fuzzing OWASP vulnerabilities

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.

6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.

pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.

JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.

MIDAS (Mac Intrusion Detection Analysis System) - archived and no longer supported.

TCPFLOW is a tool for capturing data transmitted over TCP connections.