osquery-defense-kit/detection/c2
egibs a24c3d2333
Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
2024-11-20 13:45:50 -06:00
..
unexpected-dns-traffic-events.sql Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more 2024-11-20 13:45:50 -06:00
unexpected-dns-traffic.sql Add rules for bambu-studio, extensions, firefox-bin, goland, xdg, and more 2024-11-01 14:27:33 -05:00
unexpected-https-linux.sql widen query scope 2024-10-16 09:32:00 -04:00
unexpected-https-macos.sql fpr: framework nix, etc 2024-10-30 08:30:43 -04:00
unexpected-icmp-socket-events.sql Performance tuning, mark some Linux queries as 'extra' 2024-03-15 19:06:16 -04:00
unexpected-icmp-socket.sql Performance tuning, mark some Linux queries as 'extra' 2024-03-15 19:06:16 -04:00
unexpected-root-libcurl-proc-linux.sql fpr: mc, colima, webfilterproxyd, headlamp, record it, etc 2024-11-13 16:34:12 -05:00
unexpected-root-libcurl-proc-macos.sql fpr: prosoft, ujust, kandji-library-manager, etc 2024-09-26 12:40:04 -04:00
unexpected-talker-events.sql Add events and extra tags to relevant event-based queries 2024-09-24 15:36:03 -04:00
unexpected-talkers-linux.sql fpr: mumbel, gvproxy, chainlink, telegram, systemd, etc 2024-11-18 16:16:52 -05:00
unexpected-talkers-macos.sql Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more 2024-11-20 13:45:50 -06:00