Detecting a Cryptomining Malware attack with Falco and Prometheus

About this course

Sysdig provides and maintains this training free of charge to all of those interested in learning about runtime security and Falco. None of the usage data of this training is used to capture enterprise support leads.

This course reproduces a real exploit of a Jenkins vulnerability (misconfiguration) that allows code-execution in the system where it runs (in this case, a k8s pod).

After the attack, Falco and Prometheus will be used to detect the incident.

Goals:

Learn how to be alerted about cryptominer activity at runtime with Falco
Observe abnormal activity with Prometheus and node-exporter
Apply other best practices to be protected against known and unknown vulnerabilities

Prerequisites:

Falco 101
Introduction to Prometheus training

Curriculum

OSS001.1 - LAB: Detecting a Cryptomining Malware attack with Falco and Prometheus
Feedback
Survey - Help us improve the content we deliver.

About this course

This course reproduces a real exploit of a Jenkins vulnerability (misconfiguration) that allows code-execution in the system where it runs (in this case, a k8s pod).

After the attack, Falco and Prometheus will be used to detect the incident.

Goals:

Learn how to be alerted about cryptominer activity at runtime with Falco
Observe abnormal activity with Prometheus and node-exporter
Apply other best practices to be protected against known and unknown vulnerabilities

Prerequisites:

Falco 101
Introduction to Prometheus training

Curriculum

OSS001.1 - LAB: Detecting a Cryptomining Malware attack with Falco and Prometheus
Feedback
Survey - Help us improve the content we deliver.

Detecting a Cryptomining Malware attack with Falco and Prometheus

Learn how to detect Cryptominers with Falco and Prometheus

Also available as part of:

About this course

Goals:

Prerequisites:

Curriculum

Goals:

Prerequisites: