I’m excited to announce Falco 0.42.0, bringing major performance and observability improvements to your runtime security experience!
Key highlights
Capture recording: record and replay Falco events for deeper forensic analysis, now easily inspectable with Stratoshark
Performance boost: up to 30% faster thanks to the new “drop enter” syscalls optimization
Plugin event schema validation: better compatibility and safer plugin interactions
Thread-table auto-purging: improved memory management for long-running Falco sessions
static_fields support: easily attach custom static metadata to every event (perfect for tagging clusters, environments, or deployments)
Note: This release includes some breaking changes (for example, evt.dir is deprecated), so please review the upgrade notes before updating.
A huge thank you to Leonardo Di Giovanna and Iacopo Rozzo for leading this release and to all contributors who made it possible! 
Read the full announcement here: Introducing Falco 0.42.0 | Falco