https://socake.github.io/tags/%E5%A8%81%E8%83%81%E6%A3%80%E6%B5%8B/Recent content in 威胁检测 on 黄文卓 | DevOps EngineerHugo -- gohugo.iozh-CN17691281867@163.com (Wenzhuo Huang)17691281867@163.com (Wenzhuo Huang)© 2026 Wenzhuo HuangFri, 03 Oct 2025 09:30:00 +0800https://socake.github.io/posts/falco-runtime-security-deep/Fri, 03 Oct 2025 09:30:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/posts/falco-runtime-security-deep/一份来自生产环境的 Falco 实战笔记：从 eBPF 驱动选型、规则开发方法论、误报治理，到与 Falcosidekick、Loki、SIEM 的告警联动，覆盖 0.40/0.41/0.42 三个版本的关键变更与真实踩坑案例。