## Context I would like to try [Falco](https://falco.org/) locally in playground environments to: - Detect a shell spawned inside a container - Detect unexpected outbound network connections - Detect sensitive file access (e.g. `/etc/shadow`) from a container
Context
I would like to try Falco locally in playground environments to:
/etc/shadow) from a container