Falco Rules Extensions

Falco rules are used to implement threat detection policies. Sysdig Secure extends the open source Falco rules file format, defining additional top level objects in addition to rules, macros, and lists. It also defines rules for additional event sources.