-
OSS001.1 - LAB: Detecting a Cryptomining Malware attack with Falco and Prometheus
- Feedback
-
Survey - Help us improve the content we deliver.
Detecting a Cryptomining Malware attack with Falco and Prometheus
Learn how to detect Cryptominers with Falco and Prometheus
Sysdig provides and maintains this training free of charge to all of those interested in learning about runtime security and Falco. None of the usage data of this training is used to capture enterprise support leads.
This course reproduces a real exploit of a Jenkins vulnerability (misconfiguration) that allows code-execution in the system where it runs (in this case, a k8s pod).
After the attack, Falco and Prometheus will be used to detect the incident.
Goals:
- Learn how to be alerted about cryptominer activity at runtime with Falco
- Observe abnormal activity with Prometheus and node-exporter
- Apply other best practices to be protected against known and unknown vulnerabilities
Prerequisites:
- Falco 101
- Introduction to Prometheus training