osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-17 09:57:10 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	5c47d0eda2	fpr: sway, chrome, elastic, plugable, terraform, etc	2025-02-06 11:01:48 -05:00
Matthew Lorimor	5654de19e1	Sort a bunch of lines and remove duplicates	2025-01-22 15:28:09 -06:00
Thomas Stromberg	fdd6ee5371	Add exceptions for bootloader-service and Kolide	2025-01-07 16:22:25 -05:00
Thomas Stromberg	6fb7fa69e1	fpr: mumbel, gvproxy, chainlink, telegram, systemd, etc	2024-11-18 16:16:52 -05:00
Thomas Stromberg	c65ddc8c0c	exceptions for Bluefin systemd services	2024-10-11 10:06:57 -04:00
Thomas Stromberg	a3fcee2ad3	Enable suspicious systemd, disable unexpected-active	2024-10-11 10:00:37 -04:00
Thomas Stromberg	9a1a4b049e	fpr: prosoft, ujust, kandji-library-manager, etc	2024-09-26 12:40:04 -04:00
Thomas Stromberg	8d583131ca	fpr: cups, zed, pycharm, msedge, surfshark, ubiquiti	2024-09-24 15:10:21 -04:00
Thomas Stromberg	4d0a9fd533	fpr: sequoia, osquery, cups, atops, transmission, etc	2024-09-23 11:07:53 -04:00
Thomas Stromberg	4b10d10520	False-positives be damned	2024-08-27 18:40:43 -04:00
Thomas Stromberg	783cb7633c	improve boot-sysctl entry	2024-08-26 21:10:08 -04:00
Thomas Stromberg	8e3996ba1a	active systemd: populate more in-the-wild content	2024-08-26 21:06:57 -04:00
Thomas Stromberg	ddd3041a64	Add rpm-ostreed-automatic service	2024-07-12 16:58:31 -04:00
Thomas Stromberg	4df51743d0	fpr: lima, rpm-ostree, gitsign, kde, python, etc	2024-07-01 21:56:28 -04:00
Thomas Stromberg	00fa80a0d9	Massive false-positive reduction, particularly for uBlue	2024-06-27 09:23:52 -04:00
Thomas Stromberg	18e05c5a4c	fpr: June 25	2024-06-25 20:48:09 -04:00
Thomas Stromberg	ab2535717f	fpr: Fedora Silverblue, MHLinkServer, new terminals	2024-05-23 17:26:33 -04:00
Thomas Stromberg	5dd614f54c	fpr: MHLink, k3d, BlueFin, query tuning	2024-04-26 16:14:02 -04:00
Thomas Stromberg	342d813bf8	fpr: Docker Desktop, code-oss, incus, etc	2024-02-26 17:26:56 -05:00
Thomas Stromberg	e42ea9a4bc	massive fpr: Rapid7, Elastic, everything	2024-01-26 14:07:37 -05:00
Thomas Stromberg	336a1fca4a	Add exceptions for Elastic Defend	2024-01-08 17:18:25 -05:00
Thomas Stromberg	310e51d2a2	fpr: Capture One, Grammarly, Mullvad, etc	2023-12-08 17:12:27 -05:00
Thomas Stromberg	23fadda33b	fpr: rootlesskit, sshd, Fedora, Oracle Linux	2023-10-25 13:42:22 -04:00
Thomas Stromberg	5f2680ca8b	fpr: Monday, Splunk, Gnome, Git, Grammarly, etc	2023-10-02 11:35:11 -04:00
Thomas Stromberg	a7f0b3001d	Reduce false positives on Ubuntu + Lima	2023-09-26 13:09:22 -04:00
Thomas Stromberg	b39fca4e9f	fpr: RSA keys, tcpdump, login, crane, souregraph, etc	2023-09-20 09:30:46 -04:00
Thomas Stromberg	f16c3cdf53	fpr: sourcegraph, nginx, factorio, fan control, emacs, nushell	2023-09-14 17:13:12 -04:00
Thomas Stromberg	190e8adcfd	Merge to master	2023-09-01 17:34:36 -04:00
Thomas Stromberg	84125c4bb1	Remove recently common false positives	2023-09-01 17:09:47 -04:00
Thomas Stromberg	188bc78f4c	Fix errors	2023-08-15 18:29:27 -04:00
Thomas Stromberg	dce2eb2af5	Add many exceptions	2023-08-15 18:13:06 -04:00
Thomas Stromberg	430f397f1e	fpr: Velociraptor, Hyprland, iio	2023-07-12 15:00:36 -04:00
Thomas Stromberg	ff2ab95431	Remove file sizes from systemd exception key	2023-06-08 18:26:57 -04:00
Thomas Stromberg	9575d18bc2	fpr: FleetDM, Edge, VSCode, dnf, Steam, etc	2023-06-01 11:52:20 -04:00
Thomas Stromberg	111c15e20b	fpr: macOS, yubikey, Premiere, dnf, vagrant, etc	2023-05-23 11:31:37 -04:00
Thomas Stromberg	02337c28f0	fpr: cleanup and new additions	2023-04-27 12:00:08 -04:00
Thomas Stromberg	df925eaa6c	fpr: lghub, brew, pve, chrome exts, etc	2023-04-20 20:45:35 -04:00
Thomas Stromberg	98e502b039	fpr: add new containerd systemd file	2023-03-28 16:31:02 -04:00
Thomas Stromberg	fbab3701c0	fpr: Docker, Zwift, macOS updates, etc	2023-03-20 17:05:02 -04:00
Thomas Stromberg	fbc2b207b4	fpr: Signal, apko, aws, melange, dash, stern	2023-03-16 17:29:11 -04:00
Thomas Stromberg	824efa9705	fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws	2023-03-14 19:00:44 -04:00
Thomas Stromberg	09652bd91f	fpr: SA keys, libgtop, haproxy, gvproxy, slirp	2023-03-14 16:05:16 -04:00
Thomas Stromberg	b3825ba2b9	fpr: Canon Universal Installer, melange, GPG, key names	2023-03-06 15:11:11 -05:00
Thomas Stromberg	f25cfe1399	fpr: aws-sdk, melange, Tailscale, Xprotect, etc	2023-03-03 07:24:42 -05:00
Thomas Stromberg	fb7cd56249	fpr: abrt-dbus, gdm, chrome, ff, etc	2023-02-24 16:30:17 -05:00
Thomas Stromberg	d904ca60cf	Add exceptions for Debian running under lima	2023-02-23 10:33:10 -05:00
Thomas Stromberg	3a4e0450a6	Uncomment remaining columns	2023-02-20 19:11:23 -05:00
Thomas Stromberg	d3780c0a6c	Remove ubuntu-lts false-positives on lima	2023-02-20 19:10:12 -05:00
Thomas Stromberg	82de4c9c2a	systemd units: increase size bucket from 100 to 225	2023-02-20 13:10:07 -05:00
Thomas Stromberg	f87541c945	False positive flush, particularly in talkers	2023-02-17 11:57:23 -05:00

1 2

77 Commits