github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-10-21 03:27:36 +00:00
Code Issues Projects Releases Wiki Activity
Files
23d5e5a968c475d030ab732f5f05abe9edff08c5
falco/rules
History
Kaizhe Huang 23d5e5a968 Rule updates 2019 04.v4 mitre persistence (#578) 
* rules update: add rules for mitre framework

* rules update: add mitre persistence rules

* minor changes

* add exclude hidden directories list

* limit hidden files creation in container

* minor fix

* minor fix

* tune rules to have only_check_container macro

* rules update: add rules for remove data from disk and clear log

* minor changes

* minor fix rule name

* add check_container_only macro

* addresses comments

* add rule for updating package repos

* Don't consider dd a bulk writer

Threre are enough legitimate cases to exclude it.

* Make cron/chmod policies opt-in

They have enough legitimate uses that we shouldn't run by default.

* minor fix
2019-04-11 22:22:34 -07:00
..
application_rules.yaml
Rules versioning (#492)
2019-01-29 12:43:15 -08:00
CMakeLists.txt
K8s audit evts (#450)
2018-11-09 10:15:39 -08:00
falco_rules.local.yaml
Better copyright notices (#426)
2018-09-26 19:49:19 -07:00
falco_rules.yaml
Rule updates 2019 04.v4 mitre persistence (#578)
2019-04-11 22:22:34 -07:00
k8s_audit_rules.yaml
Rule updates 2019.02.v1 (#551)
2019-03-08 19:23:18 -08:00