0008668: Falcosidekick-ui - runtime security monitoring & detection for containers - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0008668	Kali Linux	Queued Tool Addition	public	2024-03-14 15:09	2024-08-03 16:27

Reporter	kalicccon	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	acknowledged	Resolution	open

Summary	0008668: Falcosidekick-ui - runtime security monitoring & detection for containers
Description	This is a community request to consider including opensource Falco and Falcosidekick-ui, for runtime security monitoring & detection for containers and Kubernetes resources in the next Kali Purple release. There could be a container runtime security module - for individuals running containers locally on-prem, something like this could come preinstalled. List of commands I currently successfully run manually on fresh Kali Purple, to get Falcosidekick-ui u and running and test: https://pastebin.com/dKy2mQhJ Video on-demand on the tool: https://community.cncf.io/events/details/cncf-cncf-online-programs-presents-cloud-native-live-falcosidekick-the-swiss-army-knife-for-cloud-native-security-amp-observability/purchased/7783a246bd20454db84748a424cde563

kalicccon 2024-03-14 15:14 reporter ~0019023 Last edited: 2024-03-14 15:21	3 screenshots of Falcosidekick-ui: https://imgur.com/xWkdpDF https://imgur.com/ZfcgDjn https://imgur.com/8g4m8Vd

Arszilla 2024-03-14 21:32 reporter ~0019024	Please refer to the docs on how to submit proper requests for tool requests: https://www.kali.org/docs/tools/submitting-tools/

kalicccon 2024-03-15 13:00 reporter ~0019032	Thank you for the follow-up, Arszilla. I will reach out to the maintainers of the project to check if there is such interest. Be right back.

g0tmi1k 2024-04-26 15:16 administrator ~0019210	Homepage: https://github.com/falcosecurity/falcosidekick-ui

g0tmi1k 2024-08-02 15:00 administrator ~0019597	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here: https://www.kali.org/docs/development/setting-up-packaging-system/ https://www.kali.org/docs/development/intro-to-packaging-example/ https://www.kali.org/docs/development/intermediate-packaging-example/ https://www.kali.org/docs/development/advanced-packaging-example/ https://www.kali.org/docs/development/rebuilding-a-package-from-source/ https://www.kali.org/docs/development/packaging-apps-with-kaboxer/

kalicccon 2024-08-03 16:27 reporter ~0019601	Hi team! I have a blessing from the project author (Issif) to pack it, now there's also available Falco Talon - accompanying response engine https://github.com/falco-talon/falco-talon?tab=readme-ov-file#falco-talon, I just have to figure out how to do it. Here is an example of a manual install on Kali Purple https://cc-connected.com/blog/projects/kubernetes-threat-detection-falco-sidekick-homelab/ but even better if I figure out packing it, it will take me some time.

Date Modified	Username	Field	Change
2024-03-14 15:09	kalicccon	New Issue
2024-03-14 15:14	kalicccon	Note Added: 0019023
2024-03-14 15:21	kalicccon	Note Edited: 0019023
2024-03-14 21:32	Arszilla	Note Added: 0019024
2024-03-15 13:00	kalicccon	Note Added: 0019032
2024-04-26 15:16	g0tmi1k	Note Added: 0019210
2024-04-29 08:40	daniruiz	Summary	Falcosidekick-ui runtime security monitoring & detection for containers => Falcosidekick-ui - runtime security monitoring & detection for containers
2024-08-02 15:00	g0tmi1k	Note Added: 0019597
2024-08-02 15:00	g0tmi1k	Status	new => acknowledged
2024-08-02 15:00	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2024-08-03 16:27	kalicccon	Note Added: 0019601