Multi-Cloud Threat Detection with Falco and AWS Security Hub CSPM

EVENT DETAILS

Modern cloud environments often span multiple providers, clusters, and services making runtime threat detection and centralised visibility increasingly challenging.

In this session, we'll explore how organisations can strengthen their Kubernetes security posture by combining Falco's runtime threat detection with AWS Security Hub CSPM centralised security management.

You will discover how to deploy Falco in Amazon EKS clusters, detect anomalous behaviour at the kernel level, and forward actionable alerts into AWS Security Hub CSPM to create a unified, multi-cloud security pipeline.

Through a practical demonstration, we will walk through the full workflow from runtime detection to centralized alert management, showing how teams can build scalable security operations across containerized environments.

Join this session to hear about:

• How Falco detects runtime threats and suspicious behaviour in Kubernetes environments
  
• How to deploy Falco in minutes using the AWS Marketplace, avoiding manual configuration and integrated with AWS Security Hub CSPM
• Tracing the complete workflow: from a raw Falco detection to an actionable, manageable alert
• Centralize your visibility by managing and triaging alerts directly within AWS Security Hub CSPM
• Best practices for Falco in multi-cloud Kubernetes environments
  

Presenter: Dan Belmonte Strategic Alliances Solutions Architect – Sysdig