osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-01-28 16:22:43 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	6a7c4b6668	Pre-Thanksgiving False Positive cleanup, including Pop!OS support	2022-11-22 09:21:03 -05:00
Thomas Stromberg	9f63e3b21d	Begin making use of cgroup_paths, clear more false positives	2022-11-16 16:52:39 -05:00
Thomas Stromberg	18f17bbee8	Complete cleanup phase 1	2022-11-16 11:18:45 -05:00
Thomas Stromberg	c9605d1c98	Add exceptions for terraform, hugo, macOS updates	2022-11-08 14:32:38 -05:00
Thomas Stromberg	066d8aec1d	Add exceptions for zellij & warp	2022-10-29 14:11:33 -04:00
Thomas Stromberg	897c96bd33	Remove more in-the-wild false positives	2022-10-27 16:55:00 -04:00
Thomas Stromberg	5bbde18759	webmail: Add JFIF, remove BZ2, TAR, GZ from expectations list	2022-10-27 16:26:43 -04:00
Thomas Stromberg	fdb891ba0b	False-positive removal: grype, gedit, mov, abrt-action, dnf	2022-10-21 14:13:29 -04:00
Thomas Stromberg	7d568898c1	Reduce query intervals for some higher overhead queries	2022-10-20 14:56:16 -04:00
Thomas Stromberg	ab94de7770	Add a lot more mitre data	2022-10-19 16:56:32 -04:00
Thomas Stromberg	cee1710f74	Finish out the incident_response refactor	2022-10-19 16:19:53 -04:00
Thomas Stromberg	0160d05ed3	Add new spotlight queries to surface unexpected dmg/iso downloads	2022-10-18 08:52:05 -04:00
Thomas Stromberg	2b5ea76729	Apply 'npx sql-formatter -l sqlite'	2022-10-17 19:06:17 -04:00
Thomas Stromberg	984f754990	Add more false positive filters	2022-10-17 19:01:16 -04:00
Thomas Stromberg	58dec12a49	Remove some false positives	2022-10-17 17:31:47 -04:00
Thomas Stromberg	d2bdffe89e	Add support for interval tags	2022-10-14 14:19:13 -04:00
Thomas Stromberg	20452b128b	Migrate query strings from double to single apostrophes	2022-10-13 14:59:32 -04:00
Thomas Stromberg	26ee658c4a	Initial re-organization around the MITRE ATT&CK framework	2022-10-11 21:53:36 -04:00

18 Commits