github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-01-29 21:48:32 +00:00
Code Issues Projects Releases Wiki Activity

Adding Glossary

Browse Source 
- Adding section to define language used in the project

Signed-off-by: Kris Nova <kris@nivenly.com>
This commit is contained in:
Kris Nova
2020-01-26 21:22:19 +01:00
committed by poiana
parent 40fbc96736
commit b088a57dd0
1 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
brand/README.md
View File

@@ -108,3 +108,35 @@ Falco however alerts when unusual behavior occurs.
This is commonly referred to as **detection** or **forensics**.
---
# Glossary
#### Probe
Used to describe the `.o` object that would be dynamically loaded into the kernel as a secure and stable (e)BPF probe.
This is one option used to pass kernel events up to userspace for Falco to consume.
Sometimes this word is incorrectly used to refer to a `module`.
#### Module
Used to describe the `.ko` object that would be loaded into the kernel as a potentially risky kernel module.
This is one option used to pass kernel events up to userspace for Falco to consume.
Sometimes this word is incorrectly used to refer to a `probe`.
#### Driver (deprecated)
An older, more generalized term for a `module` or `probe`. We discourage the use of this word as a project.
#### Falco
The name of the project, and also the name of [the main engine](https://github.com/falcosecurity/falco) that the rest of the project is built on.
#### Sysdig, Inc
The name of the company that originally created The Falco Project, and later donated to the CNCF.
#### sysdig
A [CLI tool](https://github.com/draios/sysdig) used to evaluate kernel system events at runtime.