Evan Gibler
|
81571d08a1
|
Merge pull request #428 from egibs/20241120-fpr
Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more
|
2024-11-20 14:06:38 -06:00 |
|
egibs
|
78ec36eca0
|
Add elastic-endpoint
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-11-20 14:02:05 -06:00 |
|
egibs
|
a24c3d2333
|
Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-11-20 13:45:50 -06:00 |
Thomas Strömberg
|
d078e4a1ca
|
Merge pull request #427 from tstromberg/nov19
suspicious systemd: accept any char instead of single quote
|
2024-11-19 16:12:21 -05:00 |
|
Thomas Stromberg
|
4c4423a474
|
suspicious systemd: accept any char instead of single quote
|
2024-11-19 16:09:38 -05:00 |
|
Thomas Strömberg
|
a2c2571ee9
|
Merge pull request #426 from tstromberg/nov19
fpr: mark exotic queries as extra, add flatpak/pop-os uid0 procs
|
2024-11-19 16:03:35 -05:00 |
|
Thomas Stromberg
|
8237521d0d
|
fpr: mark exotic queries as extra, add flatpak/pop-os uid0 procs
|
2024-11-19 15:49:30 -05:00 |
|
Thomas Strömberg
|
b85f602726
|
Merge pull request #425 from tstromberg/nov19
fpr: mumble, gvproxy, chainlink, telegram, systemd, IRCCloud, nfsd
|
2024-11-18 16:28:04 -05:00 |
|
Thomas Stromberg
|
6fb7fa69e1
|
fpr: mumbel, gvproxy, chainlink, telegram, systemd, etc
|
2024-11-18 16:16:52 -05:00 |
|
Thomas Strömberg
|
5e2a562417
|
Merge pull request #424 from tstromberg/fpr-nov13
fpr: mc, colima, webfilterproxyd, headlamp, record it, etc
|
2024-11-13 16:54:01 -05:00 |
|
Thomas Stromberg
|
71096ba4c7
|
fpr: mc, colima, webfilterproxyd, headlamp, record it, etc
|
2024-11-13 16:34:12 -05:00 |
Dave Smith
|
f610ee5e4d
|
Merge pull request #423 from r0cketlad/main
fpr: mostly uid0 things
|
2024-11-12 08:32:31 -05:00 |
|
Dave Smith
|
ca768ca4fa
|
fpr: mostly uid0 things
|
2024-11-12 07:37:29 -05:00 |
|
Dave Smith
|
95ccc3dda1
|
Merge pull request #422 from r0cketlad/main
fpr: zypper, bambu, terraform, etc
|
2024-11-08 08:08:15 -05:00 |
|
Dave Smith
|
f8a942425d
|
fpr: zypper, bambu, terraform, etc
|
2024-11-08 07:34:33 -05:00 |
|
Dave Smith
|
ee8619bee6
|
Merge pull request #421 from r0cketlad/main
FPR: containerd, cupsd, etc
|
2024-11-07 17:28:15 -05:00 |
|
Dave Smith
|
f9ae1fe921
|
Update unexpected-uid0-daemon-linux.sql
fixed syntax error
Signed-off-by: Dave Smith <dave.smith@chainguard.dev>
|
2024-11-07 17:19:13 -05:00 |
|
Dave Smith
|
7219f64571
|
FPR: containerd, cupsd, etc
|
2024-11-07 17:11:45 -05:00 |
|
Dave Smith
|
c5b507a230
|
Merge pull request #420 from r0cketlad/main
false positive reduction: apt, auditd, dockerd, etc.
|
2024-11-07 11:50:32 -05:00 |
|
Dave Smith
|
335aca58b7
|
false positive reduction: apt, auditd, dockerd, etc.
|
2024-11-07 10:00:40 -05:00 |
|
Dave Smith
|
12019d4ae1
|
Merge pull request #419 from egibs/20241101-exceptions
Add rules for bambu-studio, extensions, firefox-bin, goland, xdg, and more
|
2024-11-01 15:32:20 -04:00 |
|
egibs
|
be9e4f7053
|
Add rules for bambu-studio, extensions, firefox-bin, goland, xdg, and more
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-11-01 14:27:33 -05:00 |
|
Evan Gibler
|
331e363f1f
|
Merge pull request #418 from egibs/20241031-exceptions
More exceptions to cut down on alert noise
|
2024-10-31 15:52:08 -05:00 |
|
egibs
|
b121d1f96c
|
More exceptions to cut down on alert noise
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-31 15:47:35 -05:00 |
|
Evan Gibler
|
d52f919599
|
Merge pull request #417 from egibs/20241030-exceptions
Add exceptions for apache2, ChatGPT, and Discord among others
|
2024-10-30 14:24:51 -05:00 |
|
egibs
|
1d7a67da0f
|
Add cg to unexpected-dns-traffic-events, add ubuntu-advantage
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 13:06:38 -05:00 |
|
egibs
|
5acc2b922c
|
Add msedge
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 11:35:32 -05:00 |
|
egibs
|
4abd265459
|
Address PR comments
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 11:33:49 -05:00 |
|
egibs
|
18e9879b01
|
Add deskflow-server and additional repos directory
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 10:28:00 -05:00 |
|
egibs
|
4b47a29a2c
|
Sort
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 08:57:52 -05:00 |
|
egibs
|
afb1facdf1
|
Add chainlink to unexpected-talkers-macos
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 08:50:30 -05:00 |
|
egibs
|
e487aac574
|
Add exceptions for apache2, ChatGPT, and Discord among others
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-30 08:10:07 -05:00 |
Thomas Strömberg
|
f12e6d9258
|
Merge pull request #416 from tstromberg/oct30
|
2024-10-30 09:03:12 -04:00 |
|
Thomas Stromberg
|
b3c427792b
|
fpr: framework nix, etc
|
2024-10-30 08:30:43 -04:00 |
|
Dave Smith
|
12077261e7
|
Merge pull request #415 from egibs/arc-unexpected-talker-exception
Add Arc browser talker exception
|
2024-10-29 17:43:13 -04:00 |
|
egibs
|
7b1e152266
|
Add Arc browser talker exception
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-29 16:33:58 -05:00 |
|
Evan Gibler
|
b47bc10f2e
|
Merge pull request #414 from egibs/20241029-more-exceptions
Add exceptions for Arc, busybox, and Edge; fix existing exceptions
|
2024-10-29 14:41:25 -05:00 |
|
egibs
|
f67335babb
|
Add exceptions for Arc, busybox, and Edge; fix existing exceptions
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-29 14:15:40 -05:00 |
|
Evan Gibler
|
bcdc354126
|
Merge pull request #413 from egibs/20241029-exceptions
Add exceptions for Xcode, Zen browser, Hugo, Krew, and more
|
2024-10-29 12:43:22 -05:00 |
|
egibs
|
9a95064139
|
Add exceptions for Xcode, Zen browser, Hugo, Krew, and more
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
|
2024-10-29 12:18:07 -05:00 |
|
Thomas Strömberg
|
29c2844af0
|
Merge pull request #412 from r0cketlad/main
fpr: bwrap
|
2024-10-29 10:36:42 -04:00 |
Dave Smith
|
f4559b3f97
|
fpr: bwrap
|
2024-10-29 09:34:42 -04:00 |
|
Dave Smith
|
a695f5d2f5
|
Merge pull request #410 from tstromberg/oct25
fpr: kubectl, zoom, /opt, chrome, Autodesk Fusion, GitButler
|
2024-10-25 16:38:43 -04:00 |
|
Dave Smith
|
98d214e2ad
|
Merge pull request #411 from chainguard-dev/r0cketlad-patch-1
add extra tag to high_disk_bytes_read.sql
|
2024-10-25 16:36:47 -04:00 |
|
Dave Smith
|
0c10622a50
|
add extra tag to high_disk_bytes_read.sql
Signed-off-by: Dave Smith <dave.smith@chainguard.dev>
|
2024-10-25 14:17:32 -04:00 |
|
Thomas Strömberg
|
7fad85ceeb
|
Merge pull request #409 from chainguard-dev/r0cketlad-patch-1
add extra tag to unified_log_macos.sql
|
2024-10-25 11:29:55 -04:00 |
|
Thomas Stromberg
|
1c17532ae8
|
fpr: kubectl, zoom, /opt, chrome, Autodesk Fusion
|
2024-10-25 11:29:40 -04:00 |
|
Dave Smith
|
3a005452ee
|
add extra tag to unified_log_macos.sql
Signed-off-by: Dave Smith <dave.smith@chainguard.dev>
|
2024-10-25 10:53:19 -04:00 |
|
Dave Smith
|
f59a4bdb58
|
Merge pull request #408 from chainguard-dev/r0cketlad-patch-1
add extra tag to setxid-cmdline-overflow-attempt.sql
|
2024-10-24 19:37:25 -04:00 |
|
Dave Smith
|
7ad81b16c2
|
add extra tag to setxid-cmdline-overflow-attempt.sql
Signed-off-by: Dave Smith <dave.smith@chainguard.dev>
|
2024-10-24 18:42:46 -04:00 |