From f463df9cf936544fe9672d94c1c1fe7726b77e1f Mon Sep 17 00:00:00 2001
From: Mark Stemm <mark.stemm@sysdig.com>
Date: Wed, 21 Dec 2016 15:13:36 -0800
Subject: [PATCH] Updated About Falco (markdown)

---
 About-Falco.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/About-Falco.md b/About-Falco.md
index d63e490..33a6517 100644
--- a/About-Falco.md
+++ b/About-Falco.md
@@ -11,6 +11,10 @@ Falco can detect and alert on any behavior that involves making Linux system cal
 - A non-device file is written to `/dev`
 - A standard system binary (like `ls`) makes an outbound network connection
 
+## How Falco Compares to Other Security Tools like SELinux, Auditd, etc.
+
+One of the questions we often get when we talk about Sysdig Falco is “How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies?”. We wrote a [blog post](https://sysdig.com/blog/selinux-seccomp-falco-technical-discussion/) comparing Falco to other tools.
+
 ## How you use it
 
 Falco is deployed as a long-running daemon. You can install it as a debian/rpm