Falco 0.6.0 Released

Falco 0.6.0 introduces several enhancements and new features, aiming to improve functionality and security for users. This release includes the addition of tags to Falco rules, allowing users to categorize and manage rules more efficiently by enabling or disabling them based on tags such as "filesystem," "software_mgmt," and "container." A notable update is the introduction of a standalone kernel module, falco-probe, which allows independent updates from sysdig without compatibility issues. The release also offers support for compiling on OSX, includes sample Kubernetes YAML files for deployment, and has undergone security scanning for the Falco Docker image with updates to third-party libraries. Additionally, the update addresses numerous rule changes to reduce false positives, particularly in scenarios involving Kubernetes liveness checks and security software operations. Users can access the complete set of changes through the changelog on GitHub, with the release available via RPM/Debian packages, Docker Hub, and GitHub.