Home
Blog
Security
April 25, 2023
min

How to deploy sysdig Falco on an EKS cluster

Deploying Sysdig Falco on an Amazon EKS (Elastic Kubernetes Service) cluster
Stream Team
No items found.
No items found.

TL;DR

Step-by-Step Guide

Update kubeconfigMake sure your kubeconfig is set up to interact with your EKS cluster.

You can update it using the AWS CLI:

aws eks --region <region> update-kubeconfig --name <cluster_name>

Add the Sysdig Helm repository

  1. helm repo add falcosecurity https://falcosecurity.github.io/charts
    helm repo update

Install Falco

Deploy Falco to your EKS cluster using Helm:

  1. helm install falco falcosecurity/falco
  2. You can customize the installation by creating a custom values file and passing it with -f <your-values-file.yaml>.
  3. Ensure you review and adjust the configuration to suit your security and monitoring needs.

Verify InstallationCheck if Falco pods are running:

  1. kubectl get pods -l app=falco
  2. This command lists the Falco pods, ensuring they are running.

Configure Rules (Optional)Falco comes with a default set of rules, but you might want to customize them according to your use case. You can do this by editing the Falco configuration files or custom rules files.

Set Up Alerts (Optional)For production use, you'll likely want to set up alerting. Falco can send alerts to different destinations like email, Slack, or a custom HTTP endpoint. Configure this in the Falco settings.

Read more here - https://falco.org/docs/install-operate/deployment/

About Stream Security

Stream.Security delivers the only cloud detection and response solution that SecOps teams can trust. Born in the cloud, Stream’s Cloud Twin solution enables real-time cloud threat and exposure modeling to accelerate response in today’s highly dynamic cloud enterprise environments. By using the Stream Security platform, SecOps teams gain unparalleled visibility and can pinpoint exposures and threats by understanding the past, present, and future of their cloud infrastructure. The AI-assisted platform helps to determine attack paths and blast radius across all elements of the cloud infrastructure to eliminate gaps accelerate MTTR by streamlining investigations, reducing knowledge gaps while maximizing team productivity and limiting burnout.

Stream Team
Related Articles
All
Security
articles >
A Layered Approach to Reducing False Positives in Cloud Security
Security
A Layered Approach to Reducing False Positives in Cloud Security
Discover how real-time context in cloud security can reduce false positives and improve threat response. Stream Security provides visibility into network reachability, identity exploitability, and security controls, helping teams prioritize genuine risks and mitigate threats efficiently without disrupting business operations.
Tal Shladovsky
Sep 18, 2024
5
min
How to Outpace the Adversary with Stream Security
Security
How to Outpace the Adversary with Stream Security
As organizations increasingly migrate to the cloud, the landscape of cybersecurity evolves, presenting new and complex challenges for security teams. The dynamic nature of cloud environments, coupled with the scale and sophistication of potential threats, demands a proactive and context-driven approach to threat detection. Traditional security measures often fall short, requiring security teams to adapt and develop strategies that can effectively identify, prioritize, and neutralize threats in the cloud. In this blog, we’ll review threat detection challenges in the cloud, and how Stream Security can help overcome these challenges.
Tal Shladovsky
Aug 28, 2024
6
min
Why Cloud Security Tools Have So Many False Positives?
Security
Why Cloud Security Tools Have So Many False Positives?
Struggling with cloud security false positives? Learn how to overcome alert fatigue and focus on real threats by understanding the root causes of false alarms in dynamic cloud environments. Explore specific examples and discover how Stream Security can help you drastically reduce false positives and streamline your security response. Prioritize real risks and improve your cloud security posture today.
Tal Shladovsky
Aug 20, 2024
6
min

Step into the Future of SecOps

Take a test drive >
Schedule a live demo >