Valk Hotel Amsterdam Zuidas
Run Atomic Red Team™ tests, then step into the Blue Team role to detect threats and create custom Falco™ detection rules in this hands‑on 90‑minute keyboard workshop.
Thank you for registering for our upcoming workshop!
Stay Ahead of Evolving Threats with Falco™
This 90-minute workshop is perfect for anyone looking to deepen their expertise in Kubernetes and cloud-native security. Whether you’re new to the field or an experienced Kubernetes threat detection engineer, you’ll learn how to leverage Falco™ to craft detection rules that extend MITRE ATT&CK® coverage.
By the end of the session, you’ll have a clear understanding of managing threat detection in Kubernetes and the challenges of validating complex rule sets.
What can you expect from attending?
Falco Feeds by Sysdig: Enhance open-source Falco™ with automated, continuously updated security rules from Sysdig’s Threat Research Team
Sysdig Open Source Community is the collaborative hub for developers, security practitioners, students, and open source advocates shaping the future of cloud-native security. Rooted in the same spirit that created Falco, Wireshark, Stratoshark, and sysdig OSS, our community connects contributors and users to learn, build, and grow together.
Explore live discussions, technical deep-dives, contributor resources, events, mentorship, and career opportunities. Whether refining forensic tooling, analyzing syscalls, or exploring eBPF-based runtime security, you will find a welcoming space to expand your skills and voice your ideas.
Frequently asked questions
Yes. This is a hands-on workshop where you’ll follow along with the instructor in real time. Please bring your own fully charged laptop so you can participate fully. Charging stations may be limited.
No local installations are required. All labs will be run in the cloud via Instruqt. Just make sure you have a modern web browser (Chrome, Firefox, or Edge) and we'll provide the Wi-Fi.
This session is ideal for:
Kubernetes practitioners (operators, security engineers, DevOps professionals)
Those new to Kubernetes security who want hands-on exposure
Experienced engineers looking to deepen their threat detection expertise
No. The workshop is designed for both beginners and experienced practitioners. You’ll get value whether this is your first time working with Falco, or you’re refining your detection engineering skills.
Yes. Open source is in Sysdig’s DNA. From Falco to the Wireshark Foundation to Stratoshark, we have seen the power of community-driven innovation. That is why we launched the Sysdig Open Source Community, a dedicated space for practitioners and enthusiasts to connect, learn, and collaborate.
Whether you are sharing ideas, exploring OSS best practices, or just starting your open source journey, this community was built for you.
