[apurvadave]

Sysdig inspect (which does the Forensics in these examples) is open source. https://github.com/draios/sysdig-inspect

You can do the same rule - based activity detection through Falco which is also open source. https://github.com/draios/falco

Note that both of these open source projects originate from Sysdig as well.