RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
814 Commits 1 Branch 31 Tags 5.7 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Thomas Stromberg 824efa9705
fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws 2023-03-14 19:00:44 -04:00
Thomas Stromberg 72326c3b5c
Massive reduction of false positives across the board 2023-02-08 20:06:26 -05:00
Thomas Stromberg 2093a26423
Fix broken macOS queries 2023-02-02 15:33:25 -05:00
Thomas Stromberg f5fe9a4aac
Refactor process_events queries for more accurate parenting 2023-01-26 11:40:54 -05:00
Thomas Stromberg 5bbde18759
webmail: Add JFIF, remove BZ2, TAR, GZ from expectations list 2022-10-27 16:26:43 -04:00
Thomas Stromberg fdb891ba0b
False-positive removal: grype, gedit, mov, abrt-action, dnf 2022-10-21 14:13:29 -04:00
Thomas Stromberg ab94de7770
Add a lot more mitre data 2022-10-19 16:56:32 -04:00
Thomas Stromberg cee1710f74
Finish out the incident_response refactor 2022-10-19 16:19:53 -04:00
Thomas Stromberg 0160d05ed3
Add new spotlight queries to surface unexpected dmg/iso downloads 2022-10-18 08:52:05 -04:00