Skip to content

0.13.1
Compare
Choose a tag to compare
@mstemm mstemm released this 17 Jan 15:29
· 3826 commits to master since this release
0.13.1
ddf55d3

Released 2019-01-16

Major Changes

Minor Changes

  • Unbuffer outputs by default. This helps make output readable when used in environments like K8s. [#494]

  • Improved documentation for running Falco within K8s and getting K8s Audit Logging to work with Minikube and Falco as a Daemonset within K8s. [#496]

  • Fix AWS Permissions for Kubernetes Response Engine [#465]

  • Tighten compilation flags to include -Wextra and -Werror [#479]

  • Add k8s.ns.name to outputs when -pk argument is used [#472]

  • Remove kubernetes-response-engine from system:masters [#488]

Bug Fixes

  • Ensure -pc/-pk only apply to syscall rules and not k8s_audit rules [#495]

  • Fix a potential crash that could occur when using the falco engine and rulesets [#468]

  • Fix a regression where format output options were mistakenly removed [#485]

Rule Changes

  • Fix FPs related to calico and writing files below etc [#481]

  • Fix FPs related to apt-config/apt-cache, apk [#490]

  • New rules Launch Package Management Process in Container, Netcat Remote Code Execution in Container, Lauch Suspicious Network Tool in Container look for host-level network tools like netcat, package management tools like apt-get, or network tool binaries being run in a container. [#490]

  • Fix the inbound and outbound macros so they work with sendto/recvfrom/sendmsg/recvmsg. [#470]

  • Fix FPs related to prometheus/openshift writing config below /etc. [#470]

Assets 2
Loading