From ae7924cc41dd2e58c7275bd81489d3b91a74ba8b Mon Sep 17 00:00:00 2001 From: Kris Nova Date: Fri, 1 Nov 2019 20:02:36 +0100 Subject: [PATCH] Cleaning up some nomenclature First of a handful of PRs to start clarifying the independence of Falco I don't see any breaking changes here, just cosmetic changes. Signed-off-by: Kris Nova --- .travis.yml | 3 +-- ADOPTERS.md | 2 +- CONTRIBUTING.md | 2 +- README.md | 4 ++-- integrations/k8s-using-deployment/falco.yaml | 2 +- test/confs/psp.yaml | 2 +- test/falco_tests.yaml | 2 +- test/falco_tests_psp.yaml | 2 +- userspace/engine/falco_utils.cpp | 2 +- userspace/engine/falco_utils.h | 2 +- 10 files changed, 11 insertions(+), 12 deletions(-) diff --git a/.travis.yml b/.travis.yml index 6e7c658c..74bcf10e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,8 +28,7 @@ install: - export BRANCH=$(if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then echo $TRAVIS_BRANCH; else echo $TRAVIS_PULL_REQUEST_BRANCH; fi) - sudo apt-get install rpm linux-headers-$(uname -r) libelf-dev - git clone https://github.com/draios/sysdig.git ../sysdig - # if available, use the branch with the same name in sysdig - - pushd ../sysdig && (git checkout "${BRANCH}" || exit 0) && echo "Using sysdig branch:" $(git rev-parse --abbrev-ref HEAD) && popd + - pushd ../sysdig && (git checkout "${BRANCH}" || exit 0) && echo "Using branch:" $(git rev-parse --abbrev-ref HEAD) && popd script: - mkdir build - ./scripts/build "${TRAVIS_BUILD_DIR}/.." "${TRAVIS_BUILD_DIR}/build" diff --git a/ADOPTERS.md b/ADOPTERS.md index 1b84c631..d2d6326e 100644 --- a/ADOPTERS.md +++ b/ADOPTERS.md @@ -17,5 +17,5 @@ This is a list of production adopters of Falco (in alphabetical order): * [Sumo Logic](https://www.sumologic.com/) - Sumo Logic provides a SaaS based log aggregation service that provides dashboards and applications to easily identify and analyze problems in your application and infrastructure. Sumo Logic provides native integrations for many CNCF projects, such as Falco, that allows end users to easily collect Falco events and analyze Falco events on DecSecOps focused dashboards. -* [Sysdig](https://www.sysdig.com/) Sysdig created Falco in 2016 to detect unexpected or suspicious activity using a rules engine on top of the data that comes from the sysdig kernel system call probe. Sysdig provides tooling to help with vulnerability management, compliance, detection, incident response and forensics in Cloud-native environments. Sysdig Secure has extended falco to include: a rule library, the ability to update macros, lists & rules via the user interface and API, automated tuning of rules, and rule creation based on profiling known system behavior. On top of the basic Falco rules, Sysdig Secure implements the concept of a "Security policy" that can comprise several rules which are evaluated for a user-define infrastructure scope like Kubernetes namespaces, OpenShift clusters, deployment workload, cloud regions etc. +* [Sysdig](https://www.sysdig.com/) Sysdig originally created Falco in 2016 to detect unexpected or suspicious activity using a rules engine on top of the data that comes from the sysdig kernel system call probe. Sysdig provides tooling to help with vulnerability management, compliance, detection, incident response and forensics in Cloud-native environments. Sysdig Secure has extended falco to include: a rule library, the ability to update macros, lists & rules via the user interface and API, automated tuning of rules, and rule creation based on profiling known system behavior. On top of the basic Falco rules, Sysdig Secure implements the concept of a "Security policy" that can comprise several rules which are evaluated for a user-define infrastructure scope like Kubernetes namespaces, OpenShift clusters, deployment workload, cloud regions etc. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 28e4f021..26fabe9c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -76,7 +76,7 @@ Some examples: ### Slack -Other discussion, and **support requests** should go through the `#falco` channel in the Sysdig slack, please join [here](https://slack.sysdig.com). +Other discussion, and **support requests** should go through the `#falco` channel in the open source slack, please join [here](https://slack.sysdig.com). ## Pull Requests diff --git a/README.md b/README.md index 6f204da9..c8778788 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,7 @@ CII Best Practices: [![CII Best Practices](https://bestpractices.coreinfrastruct --- -Falco is a behavioral activity monitor designed to detect anomalous activity in your applications. Powered by [sysdig’s](https://github.com/draios/sysdig) system call capture infrastructure, Falco lets you continuously monitor and detect container, application, host, and network activity—all in one place—from one source of data, with one set of rules. +Falco is a behavioral activity monitor designed to detect anomalous activity in your applications. Falco audits a system at the most fundamental level, the kernel. Falco then enriches this data with other input streams such as container runtime metrics, and Kubernetes metrics. Falco lets you continuously monitor and detect container, application, host, and network activity—all in one place—from one source of data, with one set of rules. Falco is hosted by the Cloud Native Computing Foundation (CNCF) as a sandbox level project. If you are an organization that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details read the [Falco CNCF project proposal](https://github.com/cncf/toc/tree/master/proposals/falco.adoc). @@ -47,7 +47,7 @@ Join the Community --- * [Join the mailing list](http://bit.ly/2Mu0wXA) for news and a Google calendar invite for our Falco open source meetings. Note: this is the only way to get a calendar invite for our open meetings. * [Website](https://falco.org) for Falco. -* Join our [Public Slack](https://slack.sysdig.com) channel for open source Sysdig and Falco announcements and discussions. +* Join our [Open Source Slack](https://slack.sysdig.com) channel for open source Sysdig and Falco announcements and discussions. Office hours --- diff --git a/integrations/k8s-using-deployment/falco.yaml b/integrations/k8s-using-deployment/falco.yaml index 085ed55c..31ef4cbe 100644 --- a/integrations/k8s-using-deployment/falco.yaml +++ b/integrations/k8s-using-deployment/falco.yaml @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 Draios Inc dba Sysdig. +# Copyright (C) 2016-2018 The Falco Authors.. # # This file is part of falco . # diff --git a/test/confs/psp.yaml b/test/confs/psp.yaml index b3384009..29a3f323 100644 --- a/test/confs/psp.yaml +++ b/test/confs/psp.yaml @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 Draios Inc dba Sysdig. +# Copyright (C) 2016-2018 The Falco Authors.. # # This file is part of falco . # diff --git a/test/falco_tests.yaml b/test/falco_tests.yaml index a6cb7eea..801c1678 100644 --- a/test/falco_tests.yaml +++ b/test/falco_tests.yaml @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 Draios Inc dba Sysdig. +# Copyright (C) 2016-2018 The Falco Authors.. # # This file is part of falco. # diff --git a/test/falco_tests_psp.yaml b/test/falco_tests_psp.yaml index a9d2a613..30b7662b 100644 --- a/test/falco_tests_psp.yaml +++ b/test/falco_tests_psp.yaml @@ -1,5 +1,5 @@ # -# Copyright (C) 2016-2018 Draios Inc dba Sysdig. +# Copyright (C) 2016-2018 The Falco Authors.. # # This file is part of falco. # diff --git a/userspace/engine/falco_utils.cpp b/userspace/engine/falco_utils.cpp index 101deab0..dff6fd44 100644 --- a/userspace/engine/falco_utils.cpp +++ b/userspace/engine/falco_utils.cpp @@ -1,5 +1,5 @@ /* -Copyright (C) 2016-2018 Draios Inc dba Sysdig. +Copyright (C) 2016-2018 The Falco Authors. This file is part of falco. diff --git a/userspace/engine/falco_utils.h b/userspace/engine/falco_utils.h index 62afd6e8..0c812a05 100644 --- a/userspace/engine/falco_utils.h +++ b/userspace/engine/falco_utils.h @@ -1,5 +1,5 @@ /* -Copyright (C) 2016-2018 Draios Inc dba Sysdig. +Copyright (C) 2016-2018 The Falco Authors. This file is part of falco.