Omni Hotel South Tower, Atrium Level
This event is located in Omni Hotel South Tower, and take the elevator to the Atrium Level.
Thank you for registering for our upcoming workshop!
Stay Ahead of Evolving Threats with Falco™
This 90-minute workshop is perfect for anyone looking to deepen their expertise in Kubernetes and cloud-native security. Whether you’re new to the field or an experienced Kubernetes threat detection engineer, you’ll learn how to leverage Falco™ to craft detection rules that extend MITRE ATT&CK® coverage.
By the end of the session, you’ll have a clear understanding of managing threat detection in Kubernetes and the challenges of validating complex rule sets.
What can you expect from attending?
Workshop Agenda
2:00-4:00 PM Workshop hosted by Sysdig
4:00-6:00 PM Happy Hour with Loris Degioanni and the OSS Community
Madeline (Maddie) Preston is a Customer Reliability Escalation Engineer at Sysdig, where she helps organizations resolve their most complex cloud-native challenges. With more than a decade of experience at Sysdig, Broadcom, VMware Tanzu, Pivotal, and Omnicell she has developed deep expertise in Kubernetes, container orchestration, and secure multi-tenant platforms.
Widely recognized as a trusted leader and subject matter expert, Maddie is known for her calm approach under pressure and her ability to translate technical complexity into clear, actionable solutions. She has guided teams through high-stakes situations with confidence and clarity, earning a reputation for collaboration, resilience, and technical excellence. Passionate about empowering practitioners, Maddie makes advanced concepts approachable and equips others to succeed at scale.
Sysdig Open Source Community is the collaborative hub for developers, security practitioners, students, and open source advocates shaping the future of cloud-native security. Rooted in the same spirit that created Falco, Wireshark, Stratoshark, and sysdig OSS, our community connects contributors and users to learn, build, and grow together.
Explore live discussions, technical deep-dives, contributor resources, events, mentorship, and career opportunities. Whether refining forensic tooling, analyzing syscalls, or exploring eBPF-based runtime security, you will find a welcoming space to expand your skills and voice your ideas.
Frequently asked questions
Yes. This is a hands-on workshop where you’ll follow along with the instructor in real time. Please bring your own laptop so you can participate fully.
No local installations are required. All labs will be run in the cloud via Instruqt. Just make sure you have a modern web browser (Chrome, Firefox, or Edge) and we'll provide the Wi-Fi.
This session is ideal for:
Kubernetes practitioners (operators, security engineers, DevOps professionals)
Those new to Kubernetes security who want hands-on exposure
Experienced engineers looking to deepen their threat detection expertise
No. The workshop is designed for both beginners and experienced practitioners. You’ll get value whether this is your first time working with Falco, or you’re refining your detection engineering skills.
Yes. Open source is in Sysdig’s DNA. From Falco to the Wireshark Foundation to Stratoshark, we have seen the power of community-driven innovation. That is why we launched the Sysdig Open Source Community, a dedicated space for practitioners and enthusiasts to connect, learn, and collaborate.
Whether you are sharing ideas, exploring OSS best practices, or just starting your open source journey, this community was built for you.
