RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,151 Commits 1 Branch 31 Tags 5.6 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Thomas Stromberg 6fe74680a0
fpr: June 28 - final rule tuning 2024-06-28 10:08:04 -04:00
Thomas Stromberg b39fca4e9f
fpr: RSA keys, tcpdump, login, crane, souregraph, etc 2023-09-20 09:30:46 -04:00
Thomas Stromberg 72326c3b5c
Massive reduction of false positives across the board 2023-02-08 20:06:26 -05:00
Thomas Stromberg d415b36b57
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
Thomas Stromberg edc9e4b527
Exclude _darwin_x paths in home 2023-01-13 13:54:28 -05:00
Thomas Stromberg e8af31a348
false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
Thomas Stromberg 05a39a78d3
Flush out more false positives across the stack 2023-01-06 10:36:48 -05:00
Thomas Stromberg 6a7c4b6668
Pre-Thanksgiving False Positive cleanup, including Pop!OS support 2022-11-22 09:21:03 -05:00
Thomas Stromberg dab3b3b878
Fix platform name: darwin instead of macos 2022-10-21 17:39:35 -04:00
Thomas Stromberg d55d1db202
Add /usr/local/bin 2022-10-20 14:11:35 -04:00
Thomas Stromberg 2b5ea76729
Apply 'npx sql-formatter -l sqlite' 2022-10-17 19:06:17 -04:00
Thomas Stromberg d2bdffe89e
Add support for interval tags 2022-10-14 14:19:13 -04:00
Thomas Stromberg 20452b128b
Migrate query strings from double to single apostrophes 2022-10-13 14:59:32 -04:00
Thomas Stromberg 26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00