osquery-defense-kit

Commit Graph

Author	SHA1	Message	Date
Thomas Stromberg	190e8adcfd	Merge to master	2023-09-01 17:34:36 -04:00
Thomas Stromberg	84125c4bb1	Remove recently common false positives	2023-09-01 17:09:47 -04:00
Thomas Stromberg	dce2eb2af5	Add many exceptions	2023-08-15 18:13:06 -04:00
Thomas Stromberg	ce2f0f06cb	fpr; Keybase, grype, UpdateBrainService, OpenOffice, sqlproxy	2023-07-20 10:56:49 -04:00
Thomas Stromberg	fb7cd56249	fpr: abrt-dbus, gdm, chrome, ff, etc	2023-02-24 16:30:17 -05:00
Ian Brown	551d7dbb8c	fpr: Fujitsu, vmware, objective-see, paragon, etc Signed-off-by: Ian Brown <ian@zestysoft.com>	2023-02-18 12:02:40 -08:00
Thomas Stromberg	8d4531198f	fpr: My ORA, Ecamm, setroubleshootd, etc	2023-02-14 19:46:36 -05:00
Thomas Stromberg	a8ed058d4d	Query performance improvements, add pids, decrease frequency	2023-02-09 17:01:29 -05:00
echunduri	e44dc167e9	Modified detections explicilty targeted towards macOS to not include cgroup_path fields anymore	2023-02-09 10:57:03 +11:00
Thomas Stromberg	2093a26423	Fix broken macOS queries	2023-02-02 15:33:25 -05:00
Thomas Stromberg	f9dce0a72d	Include more process information across queries	2023-02-01 13:55:55 -05:00
Thomas Stromberg	f2023c0021	Update interval tags, mostly for persistence	2022-10-14 14:26:49 -04:00
Thomas Stromberg	d2bdffe89e	Add support for interval tags	2022-10-14 14:19:13 -04:00
Thomas Stromberg	20452b128b	Migrate query strings from double to single apostrophes	2022-10-13 14:59:32 -04:00
Thomas Stromberg	e785c35614	v0.0.1	2022-10-13 09:11:17 -04:00
Thomas Stromberg	26ee658c4a	Initial re-organization around the MITRE ATT&CK framework	2022-10-11 21:53:36 -04:00

16 Commits