osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2024-12-13 17:44:33 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	41d83350a1	make reformat	2023-05-08 13:20:47 -04:00
Thomas Stromberg	778d53b169	Address merge conflicts	2023-05-08 13:11:24 -04:00
Thomas Stromberg	4856a0e80a	fpr: LogiTune, sharingd, gnome, sparkle, plex	2023-05-08 13:07:57 -04:00
Thomas Stromberg	9eed574026	fpr: sharingd, sparkle, golang, Snagit	2023-05-05 15:10:54 -04:00
Thomas Stromberg	272711ae7a	fpr: node, nc, busybox, libvirt, etc	2023-05-05 12:44:46 -04:00
Thomas Stromberg	f3fd822a55	Refactor recently-created-executables to fit within complexity limits	2023-05-03 17:57:58 -04:00
Thomas Stromberg	0202e87b73	fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer	2023-05-03 16:28:00 -04:00
Thomas Stromberg	47124daa01	fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc	2023-05-02 15:25:36 -04:00
Thomas Stromberg	df925eaa6c	fpr: lghub, brew, pve, chrome exts, etc	2023-04-20 20:45:35 -04:00
Thomas Stromberg	9c3f783491	fpr everything	2023-04-17 16:20:35 -04:00
Thomas Stromberg	13a95a4f41	Add exceptions for Kandji	2023-03-17 15:46:00 -04:00
Thomas Stromberg	824efa9705	fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws	2023-03-14 19:00:44 -04:00
Thomas Stromberg	b3825ba2b9	fpr: Canon Universal Installer, melange, GPG, key names	2023-03-06 15:11:11 -05:00
Thomas Stromberg	12a5507907	Optimize recently-created-executables-macos	2023-02-24 17:24:09 -05:00
Thomas Stromberg	4150b1ee7c	macOS: Exceptions for TestFlight apps & specifically Kindle	2023-02-24 17:04:34 -05:00
Thomas Stromberg	fb7cd56249	fpr: abrt-dbus, gdm, chrome, ff, etc	2023-02-24 16:30:17 -05:00
Thomas Stromberg	f87541c945	False positive flush, particularly in talkers	2023-02-17 11:57:23 -05:00
Thomas Stromberg	cf858d193d	fpr: ACE, Prusa, steam, pacman, Xcode, Adobe	2023-02-14 20:16:02 -05:00
Thomas Stromberg	4f4ae0ed38	False positive removal and minor query perf improvements	2023-02-10 10:21:06 -05:00
Thomas Strömberg	eef833287a	Merge pull request #164 from NACHOSWITHCHEESE/fixing-macos-detection-compatibility Modified detections explicitly targeted towards macOS to not include cgroup field	2023-02-08 20:54:45 -05:00
Thomas Stromberg	72326c3b5c	Massive reduction of false positives across the board	2023-02-08 20:06:26 -05:00
echunduri	e44dc167e9	Modified detections explicilty targeted towards macOS to not include cgroup_path fields anymore	2023-02-09 10:57:03 +11:00
Thomas Stromberg	2634e9d45b	Monday morning false-positive purge	2023-02-08 14:37:09 -05:00
Thomas Stromberg	bb3e1f964e	Run make reformat, update max rows for incident response	2023-02-02 17:58:19 -05:00
Thomas Stromberg	2093a26423	Fix broken macOS queries	2023-02-02 15:33:25 -05:00
Thomas Stromberg	404adf3e1f	Another false positive flush: Capital One, tailscaled, agetty, snap, ninja, epson printers, etc	2022-12-15 16:51:58 -05:00
Thomas Stromberg	76d5c8564b	Resolve latest reported false positives	2022-12-02 11:20:18 -05:00
Thomas Stromberg	b9e0ad34a3	Post-Thanksgiving false positive flush	2022-11-28 16:06:07 -05:00
Thomas Stromberg	6a7c4b6668	Pre-Thanksgiving False Positive cleanup, including Pop!OS support	2022-11-22 09:21:03 -05:00
Thomas Stromberg	8047c88374	Run 'make reformat'	2022-11-16 11:02:29 -05:00
Thomas Stromberg	f1a3354495	Address false positives: nginx-ingress-controller, dbus, etc	2022-11-10 11:04:48 -05:00
Thomas Stromberg	cafe37af26	macOS: Add exceptions for SUSE/rancher and DHCP servers	2022-11-04 19:04:31 -04:00
Thomas Stromberg	4464254d62	False-positive updates: tailscale, snapd, WPILib, darkfiles	2022-11-01 07:15:10 -04:00
Thomas Stromberg	caab2a6c82	Loads of fresh new false-positives removal	2022-10-31 17:40:37 -04:00
Thomas Stromberg	1f57719345	Add GPGTools exception	2022-10-29 11:44:13 -04:00
Thomas Stromberg	a00af6c1fa	Merge another day worth of false positives	2022-10-27 10:23:15 -04:00
Thomas Stromberg	7483c845f4	Split the recently-created-executables between macOS/Linux	2022-10-18 14:42:26 -04:00

37 Commits