19 Commits

Author	SHA1	Message	Date
Thomas Stromberg	eeeaeecda1	Add exceptions for Microsoft teams, ldconfig, fix go build paths	2022-11-17 07:20:19 -05:00
Thomas Stromberg	9f63e3b21d	Begin making use of cgroup_paths, clear more false positives	2022-11-16 16:52:39 -05:00
Thomas Stromberg	3d7bc8363e	More false positive management	2022-11-16 14:49:36 -05:00
Thomas Stromberg	8047c88374	Run 'make reformat'	2022-11-16 11:02:29 -05:00
Thomas Stromberg	f1a3354495	Address false positives: nginx-ingress-controller, dbus, etc	2022-11-10 11:04:48 -05:00
Thomas Stromberg	f93a18d112	Refactor execdir, remove false positives	2022-11-07 20:36:37 -05:00
Thomas Stromberg	fffff696a7	Ignore weird Logitech commands, and add grandparent process info	2022-11-03 14:25:13 -04:00
Thomas Stromberg	e7e714c9db	Make another stab at reducing false positives across the map	2022-11-03 11:51:54 -04:00
Thomas Stromberg	caab2a6c82	Loads of fresh new false-positives removal	2022-10-31 17:40:37 -04:00
Thomas Stromberg	81b97536e9	Exclude locatedb updates	2022-10-29 12:11:46 -04:00
Thomas Stromberg	6c78695b73	Final KubeCon 2022 false-positive cleanup	2022-10-28 19:24:00 -04:00
Thomas Stromberg	239df4ea1f	Reduce more false positives found on macOS and Linux	2022-10-25 21:27:41 -04:00
Thomas Stromberg	8516aec8c3	Fix broken osascript script, move duplicate check out of exotic	2022-10-21 17:42:44 -04:00
Thomas Stromberg	356db76a44	Filter out sh -i if launched by sh, ukh if launchedb by lima, Socket. if launched by compile	2022-10-21 14:11:45 -04:00
Thomas Stromberg	535d835290	Simplify exotic commands queries, remove more false positives	2022-10-18 11:32:18 -04:00
Thomas Stromberg	5839a20fb3	Detect more	2022-10-18 10:08:34 -04:00
Thomas Stromberg	9c233f5248	Decrease poll time to 60 seconds	2022-10-17 17:31:32 -04:00
Thomas Stromberg	d2bdffe89e	Add support for interval tags	2022-10-14 14:19:13 -04:00
Thomas Stromberg	10a7091e62	Decrease exotic-events complexity by splitting & simplifying	2022-10-13 18:31:59 -04:00