osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-21 12:36:50 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	8e3d6a1614	False positives: melange, ~/dev, debian-sa1, AdBlock, cover, kubelr, etc	2022-11-18 10:27:43 -05:00
Thomas Stromberg	018eb595c5	Add goa-daemon exception (sends telemetry to Google)	2022-11-17 10:17:45 -05:00
Thomas Stromberg	eeeaeecda1	Add exceptions for Microsoft teams, ldconfig, fix go build paths	2022-11-17 07:20:19 -05:00
Thomas Stromberg	9f63e3b21d	Begin making use of cgroup_paths, clear more false positives	2022-11-16 16:52:39 -05:00
Thomas Stromberg	3d7bc8363e	More false positive management	2022-11-16 14:49:36 -05:00
Thomas Stromberg	18f17bbee8	Complete cleanup phase 1	2022-11-16 11:18:45 -05:00
Thomas Stromberg	8047c88374	Run 'make reformat'	2022-11-16 11:02:29 -05:00
Thomas Stromberg	f7237c3641	https client: Add cargo running from homedir	2022-11-10 12:26:38 -05:00
Thomas Stromberg	f1a3354495	Address false positives: nginx-ingress-controller, dbus, etc	2022-11-10 11:04:48 -05:00
Thomas Stromberg	3dec23370c	More exclusions	2022-11-08 12:59:11 -05:00
Thomas Stromberg	f93a18d112	Refactor execdir, remove false positives	2022-11-07 20:36:37 -05:00
Thomas Stromberg	213e29afcc	Simplify macos-execdir, reduce false positives	2022-11-07 10:03:43 -05:00
Thomas Stromberg	cafe37af26	macOS: Add exceptions for SUSE/rancher and DHCP servers	2022-11-04 19:04:31 -04:00
Thomas Stromberg	8f873cfd85	Add exception for Tailscale MagicDNS	2022-11-04 11:52:39 -04:00
Thomas Stromberg	948eb2edda	Add tcp/3443 for chrome	2022-11-04 08:07:14 -04:00
Thomas Stromberg	44babb9288	Add exception for ko from a home directory	2022-11-04 08:05:59 -04:00
Thomas Stromberg	e650ab6abc	Add exception for Discord	2022-11-03 16:02:45 -04:00
Thomas Stromberg	e7e714c9db	Make another stab at reducing false positives across the map	2022-11-03 11:51:54 -04:00
Thomas Stromberg	eb6851df7f	talkers-macos: Fix typo in protocol field name	2022-11-01 07:19:10 -04:00
Thomas Stromberg	4464254d62	False-positive updates: tailscale, snapd, WPILib, darkfiles	2022-11-01 07:15:10 -04:00
Thomas Stromberg	caab2a6c82	Loads of fresh new false-positives removal	2022-10-31 17:40:37 -04:00
Thomas Stromberg	6e2f7059b5	Add exceptions for Steam on Linux	2022-10-30 10:19:33 -04:00
Thomas Stromberg	cf7b8dcbef	talkers/listeners: Add exceptions for Steam & Java	2022-10-30 10:05:40 -04:00
Thomas Stromberg	5b6a150f81	Address merge conflict	2022-10-30 09:44:25 -04:00
Thomas Stromberg	46ef9668d7	Add exception for 'go run'	2022-10-30 09:39:48 -04:00
Thomas Stromberg	889ad9a5fd	Add exception for whois	2022-10-30 09:39:10 -04:00
Thomas Stromberg	b74b07af8e	Filter out more Electron apps	2022-10-29 19:56:27 -04:00
Thomas Stromberg	066d8aec1d	Add exceptions for zellij & warp	2022-10-29 14:11:33 -04:00
Thomas Stromberg	6c78695b73	Final KubeCon 2022 false-positive cleanup	2022-10-28 19:24:00 -04:00
Thomas Stromberg	897c96bd33	Remove more in-the-wild false positives	2022-10-27 16:55:00 -04:00
Thomas Stromberg	5da942402b	Add an exception for dnf on port 80	2022-10-27 10:38:26 -04:00
Thomas Stromberg	a00af6c1fa	Merge another day worth of false positives	2022-10-27 10:23:15 -04:00
Thomas Stromberg	239df4ea1f	Reduce more false positives found on macOS and Linux	2022-10-25 21:27:41 -04:00
Thomas Stromberg	23351973ea	detection: Reduce Linux desktop false positives	2022-10-25 11:39:51 -04:00
Thomas Strömberg	50f4c3d452	Merge pull request #31 from tstromberg/talkers-ff Add exception for firefox-wrapper on port 80	2022-10-24 11:11:13 -04:00
Thomas Stromberg	43d143e640	Add GitKraken QUIC exception	2022-10-24 11:07:39 -04:00
Thomas Stromberg	e1e6662345	Add exceptions for java, yay	2022-10-24 11:07:20 -04:00
Thomas Stromberg	5d4d8ff5c0	Add exceptions for java, yay	2022-10-24 11:06:46 -04:00
Thomas Stromberg	e9ad2660a2	Address merge conflict	2022-10-24 10:04:26 -04:00
Thomas Stromberg	cfed94d0d9	Add exception for firefox-wrapper on port 80	2022-10-21 18:15:41 -04:00
Thomas Strömberg	e643bf4ab0	Merge pull request #28 from tstromberg/false-positives-again2 linux talkers: Add another firefox & chainctl exception	2022-10-21 17:46:40 -04:00
Thomas Stromberg	7d3590f9a1	Add another firefox & chainctl exception	2022-10-21 17:44:53 -04:00
Thomas Stromberg	3a944b2af8	Fix platform name: darwin	2022-10-21 17:38:47 -04:00
Thomas Stromberg	fdb891ba0b	False-positive removal: grype, gedit, mov, abrt-action, dnf	2022-10-21 14:13:29 -04:00
Thomas Stromberg	ed2bede71f	linux https client: Add 1password	2022-10-21 11:28:31 -04:00
Thomas Stromberg	2538e7f7ce	macos talkers: add grype, chainctl	2022-10-21 11:26:50 -04:00
Thomas Stromberg	a31108984f	linux talkers: add more ports for thunderbird, chrome, firefox	2022-10-21 11:22:24 -04:00
Thomas Stromberg	1359cdd38d	linux ports: add registry on 5000	2022-10-21 11:15:05 -04:00
Thomas Stromberg	b6af630ad8	linux https clients: add nix, pacman, thunderbird, chainctl, kubectl, socket process, go, tf, webkit, xmobar	2022-10-21 11:12:44 -04:00
Thomas Strömberg	dfe9f64953	Merge pull request #18 from chainguard-dev/reformat2 Reduce query intervals for some higher overhead queries	2022-10-20 14:56:38 -04:00

1 2

93 Commits