Releases: falcosecurity/rules
Releases · falcosecurity/rules
falco-rules-1.0.2
Signed version of the Falco rules 1.0.x series.
falco-rules-1.0.2-rc1
Falco Rules 1.0.2 RC1 - signed release
falco-sandbox-rules-2.0.0-rc1
fix(build): add registry argument Signed-off-by: Luca Guerra <luca@guerra.sh>
falco-rules-2.0.0-rc1
fix(build): add registry argument Signed-off-by: Luca Guerra <luca@guerra.sh>
falco-incubating-rules-2.0.0-rc1
fix(build): add registry argument Signed-off-by: Luca Guerra <luca@guerra.sh>
falco-deprecated-rules-2.0.0-rc2
fix(build): add registry argument Signed-off-by: Luca Guerra <luca@guerra.sh>
falco-deprecated-rules-2.0.0-rc1
update(registry): add incubating, sandbox, and deprecated rules files Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
falco-rules-1.0.1
What's Changed
- update(ci): add falco v0.35 to CI checks by @jasondellaluce in #77
- fix(ci): publish a version check comment event with no changes by @jasondellaluce in #79
- fix(rules/falco_rules): solve shadowing issues with "Drop and execute new binary in container" by @jasondellaluce in #83
Full Changelog: falco-rules-1.0.0...falco-rules-1.0.1
Contributors
jasondellaluce
Assets 2
falco-rules-1.0.0
What's Changed
- update(ci): use an explicit role instead of a secret by @LucaGuerra in #21
- docs(README.md): clarifications and improvements by @leogr in #22
- update k8s registry domain by @cpanato in #30
- update(falco_rules): disable three rules by default by @jasondellaluce in #34
- new(rules): introduce rule to detect drop and execute pattern in cont… by @loresuso in #20
- Added dnf-automatic to list of rpm_binaries by @petterreinholdtsen in #26
- merge the two docker_binaries into a single one, the first was overrided by @Issif in #27
- fix(rules): fix ptrace attach and injection rule by @loresuso in #37
- fix(rules): add authorized_server_binary list by @ch3n9w in #41
- fix(rules)!: require explicit accept4 reference, overlapping syscall names deprecated by @incertum in #44
- cleanup(rules)!: refactor kernel module rule by @incertum in #43
- new(rules): add umount macro by @incertum in #45
- Macro(network_tool_binaries) Added netcat binary by @darryk10 in #47
- Adding conda as a package manager for Python that could be used by @pabloem in #49
- Adding AKS rules by @migg24 in #53
- fix(registry/index): do not add artifact name to keywords if already present by @alacuku in #61
- Rule: PTRACE anti-debug attempt by @Brucedh in #40
- Rule: Search Private Keys or Passwords / Add private key candidates by @owlinux1000 in #60
- update: avoid write below etc to trigger with falcoctl by @loresuso in #68
- update: add extra CI checks for rules changes by @jasondellaluce in #67
- chore(rules/falco_rules.yaml): fix space by @jasondellaluce in #70
- fix(ci): solve issues with create-comment by @jasondellaluce in #71
- fix(ci): fix http request body in create-comment by @jasondellaluce in #73
- fix(ci): skip rules jobs when no rule is changed by @jasondellaluce in #72
- chore(rules/falco_rules.yaml): fix comment by @jasondellaluce in #74
- docs(README.md): add scope and status badges by @leogr in #75
New Contributors
- @cpanato made their first contribution in #30
- @loresuso made their first contribution in #20
- @petterreinholdtsen made their first contribution in #26
- @Issif made their first contribution in #27
- @ch3n9w made their first contribution in #41
- @darryk10 made their first contribution in #47
- @pabloem made their first contribution in #49
- @migg24 made their first contribution in #53
- @Brucedh made their first contribution in #40
- @owlinux1000 made their first contribution in #60
Full Changelog: falco-rules-0.1.0...falco-rules-1.0.0
Contributors
petterreinholdtsen, pabloem, and 13 other contributors
Assets 2
falco-rules-1.0.0-rc1
Rules RC for Falco 0.35.0