github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-05 03:22:41 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 6016c5979f new: ability to filter by a node when fetching K8S metadata Leonardo Grasso 2021-06-09 16:38:07 +02:00
  • 2e27b8e1d9 build(cmake/modules): upgrade driver version to f7029e Leonardo Grasso 2021-06-09 16:37:54 +02:00
  • 5d245f6569 Minimally working rule loading + eval w/ plugins Mark Stemm 2021-07-09 11:30:21 -07:00
  • b1d88c509f Update to reflect new plugin api/config in proposal Mark Stemm 2021-07-02 17:17:41 -07:00
  • b5b1763d09 docs: CHANGELOG for Falco 0.29.1 changeset 0.29.1 Leonardo Di Donato 2021-06-29 16:40:45 +02:00
  • d6690313a0 update(rules): bump the required engine version to version 9 Leonardo Di Donato 2021-06-21 10:08:30 +00:00
  • 98ce88f7ef chore(rules): imporve name of the list for userfaultfd exceptions Leonardo Di Donato 2021-06-17 13:24:52 +00:00
  • 9ff8099501 update(userspace/engine): bump falco engine version Leonardo Di Donato 2021-06-17 12:10:37 +00:00
  • 7db4778f55 update(rules): introducing list user_known_userfaultfd_activities to exclude processes known to use userfaultfd syscall Leonardo Di Donato 2021-06-17 12:08:58 +00:00
  • 7f761ade4b update(rules): introducing the macro consider_userfaultfd_activities to act as a gate Leonardo Di Donato 2021-06-17 12:02:29 +00:00
  • 84257912e0 update(rules): tag rule as syscall Leonardo Di Donato 2021-06-17 11:06:42 +00:00
  • 9bc942c654 new(rules): detect unprivileged (successful) userfaultfd syscalls Leonardo Di Donato 2021-06-11 13:20:09 +00:00
  • 8216b435cb update(rules): adding container info to the output of the Lryke detecting kernel module injections from containers Leonardo Di Donato 2021-06-11 13:19:28 +00:00
  • 78f710c706 docs(release.md): update maxgio 2021-06-22 17:41:27 +02:00
  • 1dd97c1b6f docs(release.md): update maxgio 2021-06-22 17:41:02 +02:00
  • 3ef5716fa2 docs(release.md): document website snapshot for new minor versions maxgio92 2021-06-22 15:13:40 +02:00
  • 64102078c7 docs(release.md): update gh release description template maxgio92 2021-06-22 14:31:42 +02:00
  • 9703853da8 docs(changelog.md): add new non-user facing change 0.29.0 maxgio92 2021-06-21 14:22:06 +02:00
  • 96403fa275 docs(changelog.md): fix typo in rules change log maxgio92 2021-06-21 12:51:22 +02:00
  • acd5422b55 Fix link to CONTRIBUTING.md in the Pull Request Template Thomas Spear 2021-06-18 18:16:04 -05:00
  • 099c79ddde docs(changelog.md): add release 0.29.0 maxgio92 2021-06-17 13:58:54 +02:00
  • 0f24448d18 rules(list miner_domains): add rx.unmineable.com for anti-miner detection Lorenzo Fontana 2021-06-16 10:30:25 +00:00
  • 1b63ad1aed build: upgrade driver version to 17f5d Leonardo Grasso 2021-06-15 12:27:24 +02:00
  • b268d4d6c3 rule update(Non sudo setuid): check user id as well in case user name info is not available Kaizhe Huang 2021-06-03 22:18:38 -07:00
  • 684a5d85ff disable test Kaizhe Huang 2021-06-05 21:46:51 -07:00
  • 58cea0c5e7 minor fix Kaizhe Huang 2021-06-04 22:19:16 -07:00
  • 38ebc61808 fix tests Kaizhe Huang 2021-06-04 21:02:01 -07:00
  • 535db19991 disable change thread namespace test Kaizhe Huang 2021-06-03 22:05:41 -07:00
  • abe46a19a0 minor changes Kaizhe Huang 2021-05-03 13:21:49 -07:00
  • 96fc8d1a27 update test Kaizhe Huang 2021-05-02 22:24:15 -07:00
  • ad82f66be3 rules update(Change thread namespace and Set Setuid or Setgid bit): disable by default Kaizhe Huang 2021-04-27 23:51:07 -07:00
  • c60fac9e34 build(test): upgrade urllib3 to 1.26.5 Leonardo Grasso 2021-06-04 11:00:39 +02:00
  • 35dc315390 add known k8s service accounts Sverre Boschman 2021-05-25 10:00:47 +02:00
  • e9bb50ce4f build: upgrade driver version to 70316 build/upgrade-driver-version-for-0-29-0 Leonardo Grasso 2021-06-03 18:28:56 +02:00
  • 62c995f309 revert: add notes for 0.28.2 release maxgio92 2021-06-01 13:47:36 +02:00
  • 55a84881ec wip build/update-driver-version-wip Leonardo Grasso 2021-06-01 15:00:28 +02:00
  • d8bc52912e docs(CHANGELOG.md): add hotfix #1662 hotfix/grpc-in-packages Leonardo Grasso 2021-06-01 09:55:31 +02:00
  • 1164c639d6 fix(cmake/modules): avoid gRCP files to be installed into packages Leonardo Grasso 2021-05-31 18:05:27 +02:00
  • 3432551295 changelog: add notes for 0.28.2 release maxgio92 2021-05-27 13:31:00 +02:00
  • 09e1604fe0 rule update(Debugfs Launched in Privileged Container): fix typo in description Kaizhe Huang 2021-05-22 00:19:02 +00:00
  • c7f18edd5a new(userspace/falco): input plugin support via configuration Leonardo Grasso 2021-05-21 12:33:18 +02:00
  • 6adf79ea25 update(userspace/engine): bump Falco engine version Leonardo Grasso 2021-05-20 15:25:11 +02:00
  • 8b10a35a40 build(cmake/modules): upgrade libs and drivers version to 13ec67ebd23417273275296813066e07cb85bc91 Leonardo Grasso 2021-05-18 08:31:02 +02:00
  • da7279da1d build(cmake/modules): upgrade libs and drivers version to 13ec67ebd23417273275296813066e07cb85bc91 Leonardo Grasso 2021-05-18 08:31:02 +02:00
  • 05f5aa2af3 chore(cmake/modules): do not build libscap examples Leonardo Grasso 2021-05-06 15:43:51 +02:00
  • 53a1be66b0 chore(docker/builder): remove never used MINIMAL_BUILD option Leonardo Grasso 2021-05-03 16:46:36 +02:00
  • f7b572bea5 build(docker/builder): upgrade cmake version Leonardo Grasso 2021-05-03 16:24:23 +02:00
  • ed59f33f3f build(userspace/falco): add GRPC_LIBRARIES when gRPC is bundled Leonardo Grasso 2021-04-30 13:15:27 +02:00
  • b41acdff1c build(cmake/modules): always use bundled jsoncpp Leonardo Grasso 2021-04-29 15:47:35 +02:00
  • 4acc089b1f build(userspace/falco): add_depenedency for gRPC when bundled Leonardo Grasso 2021-04-29 15:38:17 +02:00
  • 591d4e500e build: always use bundled b64 Leonardo Grasso 2021-04-27 12:59:59 +02:00
  • 79bdcb030b build: correct yamlcpp dependency for falco Leonardo Grasso 2021-04-27 12:22:03 +02:00
  • f4dba52ee2 build(cmake/modules): ncurses dependency is not required anymore Leonardo Grasso 2021-04-22 16:55:15 +02:00
  • bfc0021cdd build: update build system to support libs cmake modules Leonardo Grasso 2021-04-22 16:54:21 +02:00
  • e616f79bac build: switch to falcosecurity-libs external project Leonardo Grasso 2021-02-17 09:45:46 +01:00
  • 4006452b1f chore(cmake/modules): rename sysdig to falcosecurity-libs Leonardo Grasso 2021-02-17 09:36:27 +01:00
  • 59831b077e docs(release.md): update github release template mentioning the release manager maxgio92 2021-05-14 13:50:42 +02:00
  • 0d95beb1e3 docs(release.md): update post-release tasks order maxgio92 2021-05-14 13:31:07 +02:00
  • 2e27d5dded docs(release.md): add blog announcement to post-release tasks maxgio92 2021-05-14 13:15:04 +02:00
  • 24f64cab33 docs(proposals): fix libs contribution name Leonardo Di Donato 2021-05-06 10:59:52 +02:00
  • 0f36ff030e add Yahoo!Japan as an adopter Yu Kitazume 2021-05-12 12:10:43 +09:00
  • 601ec5cf85 add Replicated to adopters diamonwiggins 2021-05-10 17:49:51 +00:00
  • f237f277e7 changelog: add notes for 0.28.1 release 0.28.1 Carlos Panato 2021-05-07 11:37:59 +02:00
  • 2226a1508c exception to privileged container for EKS images ismail yenigul 2021-05-06 02:33:43 +03:00
  • 6f64c21ad9 urelease/docs: fix link and small refactor in the text Carlos Panato 2021-04-29 10:48:51 +02:00
  • fd6a1d0d05 clean(rules/falco_rules.yaml): remove deprecated oci image repositories maxgio92 2021-04-28 16:17:42 +02:00
  • 87438ec723 Add Secureworks to adopters David Windsor 2021-04-22 13:49:54 -04:00
  • d0be6d96d0 build: enable ASLR for statically linked build Leonardo Grasso 2021-04-07 16:45:31 +02:00
  • aefd67eb8a build: hardening flags Leonardo Grasso 2021-04-07 15:23:45 +02:00
  • 6e94c37399 new(test): regression test for FAL-01-003 Leonardo Di Donato 2021-04-19 12:47:39 +00:00
  • d3c22d3d0c new(test/trace_files): test fixture for FAL-01-003 Leonardo Di Donato 2021-04-19 12:46:59 +00:00
  • 366975bc3b Adding MathWorks to Falco's adopter list natchaphon-r 2021-04-15 20:57:43 -04:00
  • f9692fcb82 Adding MathWorks to Falco's adopter list natchaphon-r 2021-04-15 20:51:38 -04:00
  • e95ab26f33 update(rules): stricter detection of man-db postinst exception Leonardo Grasso 2021-04-15 14:52:39 +02:00
  • 23a611b343 chore(rules): remove too week macro python_running_sdchecks Leonardo Grasso 2021-04-15 11:46:55 +02:00
  • 2658d65373 adding known users /and how to add your name Dan POP 2021-04-18 10:56:06 -04:00
  • 600501e141 update(userspace/falco): handle the case there wasn't been any previously processed event Leonardo Di Donato 2021-04-16 10:38:06 +00:00
  • 0df18fd786 update(userspace/falco): print out current time when a timeouts notification gets emitted Leonardo Di Donato 2021-04-16 09:47:49 +00:00
  • c1da6d21b9 new: syscall_event_timeouts configuration block Leonardo Di Donato 2021-04-16 09:06:09 +00:00
  • c4a73bdd8e update(userspace/falco): a null event when there's a timeout is unlikely Leonardo Di Donato 2021-04-15 10:57:33 +00:00
  • 28a339e4bc new(userspace/engine): likely/unlikely macros in utils Leonardo Di Donato 2021-04-15 10:56:48 +00:00
  • 65a168ab5a new(userspace/falco): output msg when the number of consecutive timeouts without an event is greater than a given threshold Leonardo Di Donato 2021-04-15 10:30:58 +00:00
  • 46425b392c fix(userspace): handle exceptions for process_k8s_audit_event Lorenzo Fontana 2021-04-13 15:19:18 +02:00
  • 8b0d22dee9 docs: update link for HackMD community call notes Leo Di Donato 2021-04-12 12:54:45 +02:00
  • a7e04fe6e6 Add falco engine info to --support output Mark Stemm 2021-03-16 18:28:48 -07:00
  • c6aa255fc8 docs: update CHANGELOG 0.28.0 Leonardo Di Donato 2021-04-12 15:52:04 +02:00
  • 6b8769c13a ci: add missing infra context to publish stable Falco packages Leonardo Di Donato 2021-04-12 15:47:35 +02:00
  • 02b5ddd5ab update: CHANGELOG for Falco 0.28.0 Leonardo Di Donato 2021-04-09 17:03:03 +02:00
  • 90a3ded07d update: CHANGELOG (Falco 0.28.0) Leonardo Di Donato 2021-04-09 16:14:23 +02:00
  • ccb7c19b31 chore: RELEASE.md refinements Leo Di Donato 2021-04-09 12:57:58 +02:00
  • 2e97d0e27c chore(rules): cleanup old macros Leonardo Di Donato 2021-04-09 14:50:32 +00:00
  • 06086df21e chore(rules): re-enable negation of package_mgmt_procs for Write below binary dir rule Leonardo Di Donato 2021-04-09 14:31:10 +00:00
  • bd562a1ed9 update(userspace/engine): remove warnings for missing exceptions Lorenzo Fontana 2021-04-07 17:13:52 +02:00
  • 194cdf7873 update(rules): revert exceptions in default ruleset for k8s audit Lorenzo Fontana 2021-04-07 15:33:17 +02:00
  • 35fe14e691 rules(list user_known_sa_list): revert as an empty list for user overwrite rules(list known_sa_list): list of known sa moved here from user_known_sa_list Lorenzo Fontana 2021-04-07 13:59:42 +02:00
  • abc79fb548 update(rules): revert exceptions in default ruleset Lorenzo Fontana 2021-04-07 13:40:20 +02:00
  • b6fc44e304 build(.config): pin awscli version Leonardo Grasso 2021-04-09 12:37:47 +02:00
  • f14b37984c Add test for some containers being privileged Mark Stemm 2021-04-05 16:15:04 -07:00
  • ecccb9f26c Extract array miss as "no value" vs failed extract Mark Stemm 2021-04-05 15:56:06 -07:00
  • f4ff2ed072 chore(test): replace bucket url with official distribution url Lorenzo Fontana 2021-04-08 14:43:58 +02:00