RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
610 Commits 1 Branch 31 Tags 5.7 MiB
Commit Graph

10 Commits

Author SHA1 Message Date
Thomas Stromberg 45ab183557
fpr: New Chrome etxensions, vbox, chrome, gcloud, gdm3, yay, etc 2023-01-30 14:58:47 -05:00
Thomas Stromberg 83cc38207e
fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc 2023-01-23 20:33:52 -05:00
Thomas Stromberg 8e9ae0fda3
Less false positives: particularly among systemctl calls 2023-01-20 08:40:08 -05:00
Thomas Stromberg 7b79b19090
False positive reduction: Messenger, Chrome, Final Cut Pro, etc 2023-01-18 09:49:56 -05:00
Thomas Stromberg cb896b9e10
Filter out new false positives 2023-01-13 15:24:18 -05:00
Thomas Stromberg dd3149a34b
Add support for .pkg files 2023-01-13 13:47:02 -05:00
Thomas Stromberg 16f9b2f3ee
Remove more false positives: kind, gopls, docker.socket, etc 2022-12-15 10:20:16 -05:00
Thomas Stromberg ab94de7770
Add a lot more mitre data 2022-10-19 16:56:32 -04:00
Thomas Stromberg cee1710f74
Finish out the incident_response refactor 2022-10-19 16:19:53 -04:00
Thomas Stromberg 0160d05ed3
Add new spotlight queries to surface unexpected dmg/iso downloads 2022-10-18 08:52:05 -04:00