In this episode of The Landscape, we talk with Luca Guerra from the Falco project, a CNCF incubating project focused on real-time runtime security for containers and Kubernetes. Luca shares how Falco is evolving from a standalone tool into a more customizable security platform with the introduction of a new operator and support for CRDs. With stronger container and Kubernetes integrations, performance improvements, and a growing community of contributors from 15+ companies, Falco is pushing forward on multiple fronts. Luca also touches on how AI tools, thanks to Falco’s open source nature, are already capable of generating Falco rules, and gives a look at what’s ahead.

What you will learn in this episode:

• Falco’s new operator enables CRD-based customization: Users can now deploy and manage Falco rules through Kubernetes-native workflows.
• Improved integrations with Kubernetes and container engines: Falco is streamlining support for modern environments across orchestration layers.
• Performance optimizations underway: The team is focused on making Falco faster and more efficient in production workloads.
• Community involvement spans 15+ companies: Contributions are increasing, and new interest at KubeCon is fueling growth.
• AI tools can already generate Falco rules: Thanks to its open source codebase, Falco can be configured using tools like GPT.