osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-04-01 22:48:03 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	f16c3cdf53	fpr: sourcegraph, nginx, factorio, fan control, emacs, nushell	2023-09-14 17:13:12 -04:00
Thomas Stromberg	190e8adcfd	Merge to master	2023-09-01 17:34:36 -04:00
Thomas Stromberg	84125c4bb1	Remove recently common false positives	2023-09-01 17:09:47 -04:00
Thomas Stromberg	188bc78f4c	Fix errors	2023-08-15 18:29:27 -04:00
Thomas Stromberg	dce2eb2af5	Add many exceptions	2023-08-15 18:13:06 -04:00
Thomas Stromberg	ce2f0f06cb	fpr; Keybase, grype, UpdateBrainService, OpenOffice, sqlproxy	2023-07-20 10:56:49 -04:00
Thomas Stromberg	921cdc521e	fpr: nvidia drivers, su, agetty, crystalhd, hercules, etc	2023-07-19 15:22:43 -04:00
Thomas Stromberg	485f69a61c	fpr: Revolt, Bearly, user executables, melange	2023-07-13 19:43:35 -04:00
Thomas Stromberg	a0e4183bf4	fpr: Velociraptor, nessus, kandji, java, SteelSeries, etc	2023-07-12 17:38:26 -04:00
Thomas Stromberg	c9f0b2bee5	fpr: Steam, Presenting, Wavebox, multipass, parallels, cargo, dnf, Kindle, DaveTheDiver	2023-07-03 07:16:14 -04:00
Thomas Stromberg	cebf617c82	fpr: terragrunt, mdnsResponder, Spotify, Zoom, etc	2023-06-14 10:58:41 -04:00
Thomas Stromberg	ff2ab95431	Remove file sizes from systemd exception key	2023-06-08 18:26:57 -04:00
Thomas Stromberg	c8760e0ae1	fpr: macOS, Signal, Creative Labs, node, etc	2023-06-07 09:55:17 -04:00
Thomas Stromberg	066c88dc18	fpr: multipass, go, macOS, Ubuntu, Opera, git, ko	2023-06-02 19:08:08 -04:00
Thomas Stromberg	9575d18bc2	fpr: FleetDM, Edge, VSCode, dnf, Steam, etc	2023-06-01 11:52:20 -04:00
Thomas Stromberg	111c15e20b	fpr: macOS, yubikey, Premiere, dnf, vagrant, etc	2023-05-23 11:31:37 -04:00
Thomas Stromberg	c6eec0ee17	Query tuning after Geacon testing	2023-05-17 10:54:16 -04:00
Thomas Stromberg	24c2baef28	Make process times broadly available, minor opts	2023-05-16 17:18:39 -04:00
Thomas Stromberg	93f2f2baf4	Fix comma placement	2023-05-16 10:31:46 -04:00
Thomas Stromberg	d5a94b21d1	fpr: Kolide, macOS, nvidia, neko	2023-05-16 10:28:19 -04:00
Thomas Stromberg	41d83350a1	make reformat	2023-05-08 13:20:47 -04:00
Thomas Stromberg	272711ae7a	fpr: node, nc, busybox, libvirt, etc	2023-05-05 12:44:46 -04:00
Thomas Stromberg	0202e87b73	fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer	2023-05-03 16:28:00 -04:00
Thomas Stromberg	76cf1006c6	fpr: microbit, i3, Grammarly for Safari, wine	2023-05-02 17:49:53 -04:00
Thomas Stromberg	47124daa01	fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc	2023-05-02 15:25:36 -04:00
Thomas Stromberg	df925eaa6c	fpr: lghub, brew, pve, chrome exts, etc	2023-04-20 20:45:35 -04:00
Thomas Stromberg	9c3f783491	fpr everything	2023-04-17 16:20:35 -04:00
Thomas Stromberg	d4dd423745	fpr: Grammarly, semodule, docker-compose, xdg, etc	2023-03-30 18:44:01 -04:00
Thomas Stromberg	9b0ed09c8e	fpr: xdg, docker, dbus, bpfilter_umh, docker, spotify, mage	2023-03-28 16:25:26 -04:00
Thomas Stromberg	7a78199906	fpr: traceroute, thunderbird, garmin installer, chainctl, etc	2023-03-21 14:07:06 -04:00
Thomas Strömberg	621967a085	Merge pull request #230 from tstromberg/split-chmod Add exceptions for Kandji	2023-03-17 15:49:30 -04:00
Thomas Stromberg	13a95a4f41	Add exceptions for Kandji	2023-03-17 15:46:00 -04:00
Thomas Stromberg	6ddc478df4	fpr: Brother, Intel OneAPI, k6, firefox	2023-03-17 15:08:22 -04:00
Thomas Stromberg	824efa9705	fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws	2023-03-14 19:00:44 -04:00
Thomas Stromberg	b3825ba2b9	fpr: Canon Universal Installer, melange, GPG, key names	2023-03-06 15:11:11 -05:00
Thomas Stromberg	f25cfe1399	fpr: aws-sdk, melange, Tailscale, Xprotect, etc	2023-03-03 07:24:42 -05:00
Thomas Stromberg	4150b1ee7c	macOS: Exceptions for TestFlight apps & specifically Kindle	2023-02-24 17:04:34 -05:00
Thomas Stromberg	fb7cd56249	fpr: abrt-dbus, gdm, chrome, ff, etc	2023-02-24 16:30:17 -05:00
Thomas Stromberg	d25a89f241	execdir events macOS: Fix ambiguous path	2023-02-17 12:01:08 -05:00
Thomas Stromberg	cf858d193d	fpr: ACE, Prusa, steam, pacman, Xcode, Adobe	2023-02-14 20:16:02 -05:00
Thomas Stromberg	d897f0b50d	fpr: Nessus, mysql-shell, ntia-checker, Ecamm, CopyClip, etc	2023-02-14 08:33:05 -05:00
Thomas Stromberg	4f4ae0ed38	False positive removal and minor query perf improvements	2023-02-10 10:21:06 -05:00
Thomas Strömberg	eef833287a	Merge pull request #164 from NACHOSWITHCHEESE/fixing-macos-detection-compatibility Modified detections explicitly targeted towards macOS to not include cgroup field	2023-02-08 20:54:45 -05:00
echunduri	e44dc167e9	Modified detections explicilty targeted towards macOS to not include cgroup_path fields anymore	2023-02-09 10:57:03 +11:00
Thomas Stromberg	e57f03b89f	fpr: Opera, TextExpander, socket_vmnet, elive, etc	2023-02-08 15:12:10 -05:00
Thomas Stromberg	2634e9d45b	Monday morning false-positive purge	2023-02-08 14:37:09 -05:00
Thomas Stromberg	bb3e1f964e	Run make reformat, update max rows for incident response	2023-02-02 17:58:19 -05:00
Thomas Stromberg	2093a26423	Fix broken macOS queries	2023-02-02 15:33:25 -05:00
Thomas Stromberg	cdcb2d48f3	Slow queries down, minor improvements	2023-02-01 16:17:36 -05:00
Thomas Stromberg	e6824d87e9	Run 'make reformat'	2023-01-20 09:24:24 -05:00

1 2

78 Commits