falcosecurity-libs
« Back to VersTracker
Description:
Core libraries for Falco and Sysdig
Type: Formula  |  Latest Version: 0.22.2@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  @falco_org  |  formulae.brew.sh
Category: Security
Tags: security monitoring ebpf system-calls devops
Install: brew install falcosecurity-libs
About:
falcosecurity-libs provides the foundational framework for Falco and Sysdig, enabling deep system introspection via kernel modules and eBPF probes. It offers a powerful API for capturing and analyzing system calls and events in real-time. This library is essential for building advanced runtime security and monitoring solutions.
Key Features:
  • High-performance system call capture
  • Support for both kernel modules and eBPF probes
  • Rich event filtering and processing engine
  • Cross-platform compatibility (Linux, Windows, macOS)
Use Cases:
  • Runtime security and threat detection with Falco
  • Interactive system troubleshooting with Sysdig
  • Building custom monitoring and security tools
Alternatives:
  • auditd – Auditd provides kernel-level auditing but is less flexible for real-time, rule-based threat detection compared to Falco's engine.
  • sysdig – Sysdig is a consumer of these libraries for CLI troubleshooting, while this package provides the core framework for any tool.
Version History
Detected Version Rev Change Commit
Oct 21, 2025 1:08am 11 VERSION_BUMP 616677bd
Sep 16, 2025 12:17pm 9 VERSION_BUMP fd825315
Sep 11, 2025 10:15am 7 VERSION_BUMP 9bf57764
« Back to VersTracker  |  Browse Packages  |  About