osquery-defense-kit

Commit Graph

Author	SHA1	Message	Date
Thomas Stromberg	6c78695b73	Final KubeCon 2022 false-positive cleanup	2022-10-28 19:24:00 -04:00
Thomas Stromberg	897c96bd33	Remove more in-the-wild false positives	2022-10-27 16:55:00 -04:00
Thomas Stromberg	a00af6c1fa	Merge another day worth of false positives	2022-10-27 10:23:15 -04:00
Thomas Stromberg	239df4ea1f	Reduce more false positives found on macOS and Linux	2022-10-25 21:27:41 -04:00
Thomas Stromberg	43d143e640	Add GitKraken QUIC exception	2022-10-24 11:07:39 -04:00
Thomas Stromberg	3a944b2af8	Fix platform name: darwin	2022-10-21 17:38:47 -04:00
Thomas Stromberg	2538e7f7ce	macos talkers: add grype, chainctl	2022-10-21 11:26:50 -04:00
Thomas Stromberg	a973dcbcf2	Add more Linux/macOS talker exceptions	2022-10-20 13:12:46 -04:00
Thomas Stromberg	186617890c	Add more real-world exceptions to unexpected-talkers	2022-10-20 13:03:46 -04:00
Thomas Stromberg	ab94de7770	Add a lot more mitre data	2022-10-19 16:56:32 -04:00
Thomas Stromberg	1bbd284a3c	Work through another series of false positives	2022-10-19 15:26:03 -04:00
Thomas Stromberg	535d835290	Simplify exotic commands queries, remove more false positives	2022-10-18 11:32:18 -04:00
Thomas Stromberg	50d1b42f80	Add provisio	2022-10-17 20:59:09 -04:00
Thomas Stromberg	9bf85e3137	Flush out more false positives	2022-10-17 20:37:44 -04:00
Thomas Stromberg	de51dcdfcb	Minor adjustments	2022-10-17 17:11:15 -04:00
Thomas Stromberg	d2bdffe89e	Add support for interval tags	2022-10-14 14:19:13 -04:00
Thomas Stromberg	d1f1d20192	Fix trailing apostrophe	2022-10-14 10:26:25 -04:00
Thomas Stromberg	432a727f41	Add Slack Technologies signature	2022-10-14 10:22:50 -04:00
Thomas Stromberg	20452b128b	Migrate query strings from double to single apostrophes	2022-10-13 14:59:32 -04:00
Thomas Stromberg	26ee658c4a	Initial re-organization around the MITRE ATT&CK framework	2022-10-11 21:53:36 -04:00

20 Commits