Update README.md

2025-08-31 14:20:04 +00:00 · 2016-05-02 10:59:31 -07:00
parent 14c1e30c24
commit 9729058b9b
1 changed files with 2 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -4,8 +4,9 @@
 ## Overview
 Brief description of what, why, how, and pointer to website.

-### What kind of events can Falco detect?
+### What kind of behaviors can Falco detect?

+Falco can detect and alert on any behavior that involves making Linux system calls.  Thanks to Sysdig's core decoding and state tracking functionality, Falco alerts can be triggered by the use of specific system calls, their arguments, and by properties of the calling process. Rules are expressed in a high-level, human-readable language. 


 ## Installing Falco