You've just been alerted about a new exploit, but you're unsure how to know if your organization is exposed. Where can you turn for help? This is where Falco comes in. Falco is a CNCF project that provides runtime security for hosts, the cloud, containers, and Kubernetes. In this session we'll look at five famous exploits, and how Falco can be used to detect them. Starting with a quick intro to Falco, we'll then examine exploits for Log4j, Neo4j, Apache, WebLogic, and Jenkins including how they worked and which Falco rules allow us to detect them. By the end of the session you'll have a better understanding of Falco, how it works to detect threats in real time, and how to begin evaluating it for your environment.