RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-16 17:37:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
742 Commits 1 Branch 31 Tags 6.9 MiB
c04901d50a
Commit Graph

14 Commits

Author SHA1 Message Date
Thomas Stromberg
bc359d69ce
Linux events: decrease CPU usage of elevated children & execdir 2023-02-17 10:40:58 -05:00
Thomas Stromberg
bb3e1f964e
Run make reformat, update max rows for incident response 2023-02-02 17:58:19 -05:00
Thomas Stromberg
cdcb2d48f3
Slow queries down, minor improvements 2023-02-01 16:17:36 -05:00
Thomas Stromberg
f9dce0a72d
Include more process information across queries 2023-02-01 13:55:55 -05:00
Thomas Stromberg
83cc38207e
fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc 2023-01-23 20:33:52 -05:00
Thomas Stromberg
e3401a07c6
Weekend false-positive flush 2023-01-14 08:19:26 -05:00
Thomas Stromberg
e8af31a348
false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
Thomas Stromberg
4eb6993272
Catch up to some older false positives we ran into 2023-01-06 17:11:24 -05:00
Thomas Stromberg
49a19a6fd5
Sort out more false positives 2022-12-16 17:37:32 -05:00
Thomas Stromberg
404adf3e1f
Another false positive flush: Capital One, tailscaled, agetty, snap, ninja, epson printers, etc 2022-12-15 16:51:58 -05:00
Thomas Stromberg
16f9b2f3ee
Remove more false positives: kind, gopls, docker.socket, etc 2022-12-15 10:20:16 -05:00
Thomas Stromberg
60e5435ed4
Allow mount-product-files and / (bad data), add cgroup_path 2022-12-15 09:20:41 -05:00
Thomas Stromberg
3dec23370c
More exclusions 2022-11-08 12:59:11 -05:00
Thomas Stromberg
f93a18d112
Refactor execdir, remove false positives 2022-11-07 20:36:37 -05:00