RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-03 03:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
e6824d87e9
osquery-defense-kit/detection/initial_access
History
Thomas Stromberg dc154a6199
FPR: Meta Pixel Helper, systemctl, pia-daemon, 1Passwd, iTerm, Brave
2023-01-20 09:04:00 -05:00
..
unexpected-diskimage-source-macos.sql Less false positives: particularly among systemctl calls 2023-01-20 08:40:08 -05:00
unexpected-shell-parent-events.sql FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
unexpected-shell-parents.sql FPR: Meta Pixel Helper, systemctl, pia-daemon, 1Passwd, iTerm, Brave 2023-01-20 09:04:00 -05:00
unexpected-volume-contents.sql Begin making use of cgroup_paths, clear more false positives 2022-11-16 16:52:39 -05:00
unexpected-webmail-downloads.sql webmail: Add JFIF, remove BZ2, TAR, GZ from expectations list 2022-10-27 16:26:43 -04:00