chore(rules/falco_rules.yaml): fix comment

[jasondellaluce]

What type of PR is this?

/kind cleanup

Any specific area of the project related to this PR?

/area rules

What this PR does / why we need it:

Just here to give a final test round to the CI.

Which issue(s) this PR fixes:

Special notes for your reviewer:

[github-actions]

rules/falco_rules.yaml

Comparing e6d87f3bdb17e571dfad9102de055a8f2c9eb323 with latest tag falco-rules-0.1.0

Major changes:

• List white_listed_modules has been removed
• Rule Contact EC2 Instance Metadata Service From Container has been disabled at default
• Rule Outbound Connection to C2 Servers has been disabled at default
• Rule Java Process Class File Download has been disabled at default

Minor changes:

• Required engine version was incremented from 13 to 17
• Rule PTRACE anti-debug attempt has been added
• Rule Drop and execute new binary in container has been added
• Macro ptrace_attach_or_injection has been added
• Macro kernel_module_load has been added
• Macro known_aks_mount_in_privileged_containers has been added
• List known_drop_and_execute_containers has been added
• List allowed_container_images_loading_kernel_module has been added
• List authorized_server_binary has been added
• List python_package_managers has been added

Patch changes:

• Rule Linux Kernel Module Injection Detected changed its output fields
• Rule PTRACE attached to process matches more events than before
• List docker_binaries has some item added or removed
• List rpm_binaries has some item added or removed
• List package_mgmt_binaries has some item added or removed
• List safe_etc_dirs has some item added or removed
• List falco_privileged_images has some item added or removed
• List network_tool_binaries has some item added or removed
• List user_known_k8s_ns_kube_system_images has some item added or removed

[jasondellaluce]

Automatic comments work on forks too! I'll let reviewers decide whether to merge this or not.

[Andreagit97]

/approve
I love it! feel free to unhold it if you think it is ready
/hold

[poiana]

LGTM label has been added.

Git tree hash: 671b86f88c832316aec56da0113cb7d5ab7b4c89

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Andreagit97, jasondellaluce

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Andreagit97,jasondellaluce]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[jasondellaluce]

/unhold