RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,270 Commits 1 Branch 31 Tags 5.6 MiB
Commit Graph

23 Commits

Author SHA1 Message Date
Thomas Stromberg 00fa80a0d9
Massive false-positive reduction, particularly for uBlue 2024-06-27 09:23:52 -04:00
Thomas Stromberg f72e6424c0 Run reformat 2024-02-16 17:21:00 -05:00
Thomas Stromberg 12a55753b5
fpr: Elastic Defend, gcloud, Warp, etc 2024-02-05 10:45:17 -05:00
Thomas Stromberg ceec1718f9
fpr: snap, mutedeck, idea, Chrome exts 2024-01-18 17:15:37 -05:00
Thomas Stromberg 336a1fca4a
Add exceptions for Elastic Defend 2024-01-08 17:18:25 -05:00
Thomas Stromberg 800e4aa2cc
fpr: kind of everything 2023-12-15 17:10:06 -05:00
Thomas Stromberg 921cdc521e
fpr: nvidia drivers, su, agetty, crystalhd, hercules, etc 2023-07-19 15:22:43 -04:00
Thomas Stromberg 7a78199906
fpr: traceroute, thunderbird, garmin installer, chainctl, etc 2023-03-21 14:07:06 -04:00
Thomas Stromberg fb7cd56249
fpr: abrt-dbus, gdm, chrome, ff, etc 2023-02-24 16:30:17 -05:00
Thomas Stromberg a8ed058d4d
Query performance improvements, add pids, decrease frequency 2023-02-09 17:01:29 -05:00
Thomas Stromberg 72326c3b5c
Massive reduction of false positives across the board 2023-02-08 20:06:26 -05:00
Thomas Stromberg d302a9ff55
Purge false positives, again and again 2023-02-02 21:46:53 -05:00
Thomas Stromberg f9dce0a72d
Include more process information across queries 2023-02-01 13:55:55 -05:00
Thomas Stromberg f7c1557aee
fpr: libinput, kue, updatedb, mariadb, terraform 2023-01-23 08:13:04 -05:00
Thomas Stromberg e3401a07c6
Weekend false-positive flush 2023-01-14 08:19:26 -05:00
Thomas Stromberg 2bcf9316cf
Add some hash fields, fix some false positives 2023-01-09 09:04:38 -05:00
Thomas Stromberg 15d3251120
False-positive flush: mount.ntfs, docker-credential-desktop, exotic socket refactor 2022-12-19 18:06:06 -05:00
Thomas Stromberg 6a7c4b6668
Pre-Thanksgiving False Positive cleanup, including Pop!OS support 2022-11-22 09:21:03 -05:00
Thomas Stromberg a29ca8bc2c
jetbrains-toolbox can be owned by anyone 2022-11-04 08:08:43 -04:00
Thomas Stromberg 2b5ea76729
Apply 'npx sql-formatter -l sqlite' 2022-10-17 19:06:17 -04:00
Thomas Stromberg d2bdffe89e
Add support for interval tags 2022-10-14 14:19:13 -04:00
Thomas Stromberg 20452b128b
Migrate query strings from double to single apostrophes 2022-10-13 14:59:32 -04:00
Thomas Stromberg 26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00