osquery-defense-kit

Commit Graph

Author	SHA1	Message	Date
Thomas Stromberg	bb79251001	Merge branch 'main' into fpr-jul12	2024-07-12 17:08:41 -04:00
Thomas Strömberg	c591d6d595	Merge pull request #372 from egibs/littlesnitch-allows Add Little Snitch exception_key	2024-07-12 17:08:32 -04:00
Thomas Stromberg	134782202d	Add google-cloud-sdk log-streaming	2024-07-12 17:02:36 -04:00
Thomas Stromberg	61fe50ce72	Add google-cloud-sdk log-streaming	2024-07-12 17:01:34 -04:00
Thomas Stromberg	ddd3041a64	Add rpm-ostreed-automatic service	2024-07-12 16:58:31 -04:00
Thomas Stromberg	6c292f11af	fpr: kas, bitnami, redis, bincapz, kolide, docker, whatsapp	2024-07-12 16:55:49 -04:00
egibs	2c3409df10	Even higher values Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>	2024-07-12 13:30:48 -05:00
egibs	fe84cb911c	Higher result/timeout values Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>	2024-07-12 13:21:02 -05:00
egibs	03789d2957	Add LittleSnitch exception_key Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>	2024-07-12 13:12:43 -05:00
Thomas Strömberg	82f4957484	Merge pull request #371 from tstromberg/fpr-jul1 fpr: lima, rpm-ostree, gitsign, kde, python, etc	2024-07-01 21:57:29 -04:00
Thomas Stromberg	4df51743d0	fpr: lima, rpm-ostree, gitsign, kde, python, etc	2024-07-01 21:56:28 -04:00
Thomas Strömberg	f4b0ed2d48	Merge pull request #370 from tstromberg/fpr-jun25 fpr: PCP, SDDM, Chrome, etc	2024-06-28 10:32:19 -04:00
Thomas Stromberg	910590ed6b	fpr: PCP, SDDM, Chrome, etc	2024-06-28 10:31:27 -04:00
Thomas Strömberg	32bd629b10	Merge pull request #369 from tstromberg/fpr-jun25 fpr: Rule toning for podman, pip, zed, java, ssh, and more	2024-06-28 10:09:16 -04:00
Thomas Stromberg	6fe74680a0	fpr: June 28 - final rule tuning	2024-06-28 10:08:04 -04:00
Thomas Strömberg	eecc2a3ed0	Merge pull request #368 from tstromberg/fpr-jun25 Massive false-positive reduction, particularly for uBlue	2024-06-27 09:24:44 -04:00
Thomas Stromberg	00fa80a0d9	Massive false-positive reduction, particularly for uBlue	2024-06-27 09:23:52 -04:00
Thomas Strömberg	0ddcb75ce0	Merge pull request #367 from tstromberg/fpr-jun25 fpr: Universal Blue and a little bit of everything else	2024-06-25 20:49:33 -04:00
Thomas Stromberg	18e05c5a4c	fpr: June 25	2024-06-25 20:48:09 -04:00
Thomas Strömberg	4601b6c2fa	Merge pull request #366 from tstromberg/fpr-may22 fpr: Fedora Silverblue, MHLinkServer, Elastic, ptyxis, Zed	2024-05-23 21:25:22 -04:00
Thomas Stromberg	4aeff07118	More SilverBlue/Elastic allows	2024-05-23 21:22:59 -04:00
Thomas Stromberg	ab2535717f	fpr: Fedora Silverblue, MHLinkServer, new terminals	2024-05-23 17:26:33 -04:00
Thomas Strömberg	a0c49efb3f	Merge pull request #365 from tstromberg/fpr-apr25 mark command-events & execdir-events as 'extra' due to high CPU usage	2024-04-29 09:33:44 -04:00
Thomas Stromberg	03ea3bcff2	mark command-events & execdir-events as 'extra' due to high CPU usage	2024-04-29 09:33:06 -04:00
Thomas Strömberg	6dd798c4a0	Merge pull request #364 from tstromberg/fpr-apr25 fpr: MHLink, k3d, BlueFin, query tuning	2024-04-26 16:14:37 -04:00
Thomas Stromberg	5dd614f54c	fpr: MHLink, k3d, BlueFin, query tuning	2024-04-26 16:14:02 -04:00
Thomas Strömberg	2f790f0408	Merge pull request #363 from tstromberg/springbreak FPR: Docker, Yubikey, Aerospace, WhatsApp, nuclei, etc.	2024-03-29 10:13:55 -04:00
Thomas Stromberg	5ef3c88213	Overdue False Positive Reduction	2024-03-29 10:12:36 -04:00
Thomas Stromberg	b61869c062	Merge branch 'main' into springbreak	2024-03-29 08:07:15 -04:00
Thomas Stromberg	0e5c8ec11e	Allows for Docker, Yubico, /dev/zero	2024-03-29 08:07:01 -04:00
Thomas Strömberg	dd6b2e43fb	Merge pull request #360 from jedsalazar/pr/jed/harden-runner-osq-dk Add Harden Runner audit configs	2024-03-15 19:10:28 -04:00
Thomas Strömberg	a673c28222	Merge pull request #362 from tstromberg/kandji Performance tuning, mark some Linux queries as 'extra'	2024-03-15 19:07:10 -04:00
Thomas Stromberg	3447f95d9e	Performance tuning, mark some Linux queries as 'extra'	2024-03-15 19:06:16 -04:00
Thomas Strömberg	6eb5b9ebdb	Merge pull request #361 from tstromberg/kandji Allow Kandji to do weird things with expect	2024-03-15 15:35:44 -04:00
Thomas Stromberg	9342485881	Allow Kandji to do weird things with expect	2024-03-15 15:30:40 -04:00
Jed Salazar	abacf79511	Add Harden Runner audit configs Signed-off-by: Jed Salazar <jedsalazar@gmail.com>	2024-03-12 11:51:40 -06:00
Thomas Strömberg	7c5599c07d	Merge pull request #359 from tstromberg/fpr-mar7 fpr: snapd, cups, ubuntu, etc	2024-03-07 16:34:34 -05:00
Thomas Stromberg	d3352610f4	fpr: snapd, cups, ubuntu, etc	2024-03-07 16:33:01 -05:00
Thomas Strömberg	72f1828475	Merge pull request #358 from tstromberg/fpr-feb26 fpr: Docker Desktop, code-oss, incus, geoclue, etc	2024-02-26 17:29:47 -05:00
Thomas Stromberg	2bdc79bc2b	fix typo	2024-02-26 17:29:23 -05:00
Thomas Stromberg	342d813bf8	fpr: Docker Desktop, code-oss, incus, etc	2024-02-26 17:26:56 -05:00
Thomas Strömberg	51ecee8d9b	Merge pull request #357 from tstromberg/feb16-fpr fpr: Incus, Firefox, mbim, networkd, incus	2024-02-23 16:27:35 -05:00
Thomas Stromberg	a266879668	Merge branch 'main' into feb16-fpr	2024-02-23 16:25:24 -05:00
Thomas Stromberg	5507ae1458	fpr: Firefox, Rapid7, Incus	2024-02-23 16:25:18 -05:00
Thomas Strömberg	d1f6aede22	Merge pull request #356 from tstromberg/ktaint Ignore taint code 4096 (out-of-tree driver)	2024-02-23 15:10:23 -05:00
Thomas Stromberg	af07ef9888	Ignore taint code 4096 (out-of-tree driver)	2024-02-22 11:48:53 -05:00
Thomas Strömberg	6b5d744505	Merge pull request #355 from tstromberg/feb16-fpr fpr: Elastic, IR, Velociraptor, BitDefender, incus, Adguard	2024-02-16 17:24:41 -05:00
Thomas Stromberg	f22d27b1a6	fix Chrome merge conflict	2024-02-16 17:23:23 -05:00
Thomas Stromberg	f72e6424c0	Run reformat	2024-02-16 17:21:00 -05:00
Thomas Stromberg	b1e05d6612	merge conflict	2024-02-16 17:17:45 -05:00

... 2 3 4 5 6 ...

1312 Commits All Branches Search

1312 Commits

All Branches