├── .github ├── FALCO_VERSIONS ├── PULL_REQUEST_TEMPLATE.md ├── compare-rule-files.sh ├── dependabot.yml ├── scripts │ ├── .python-version │ ├── pyproject.toml │ ├── rules_overview_generator.py │ └── uv.lock └── workflows │ ├── .yamllint │ ├── create-comment.yaml │ ├── pages.yaml │ ├── registry.yaml │ ├── release.yaml │ ├── rules.yaml │ └── yaml-lint.yaml ├── .gitignore ├── CONTRIBUTING.md ├── LICENSE ├── OWNERS ├── README.md ├── RELEASE.md ├── archive ├── README.md ├── application_rules.yaml └── falco-deprecated_rules.yaml ├── docs └── images │ ├── announce.png │ ├── arrow.png │ ├── cross.png │ ├── insight.png │ ├── setting.png │ └── start.png ├── mkdocs.yml ├── proposals └── 20230605-rules-adoption-management-maturity-framework.md ├── registry.yaml └── rules ├── OWNERS ├── falco-incubating_rules.yaml ├── falco-sandbox_rules.yaml └── falco_rules.yaml /.github/FALCO_VERSIONS: -------------------------------------------------------------------------------- 1 | master 2 | 0.42.0 3 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/PULL_REQUEST_TEMPLATE.md -------------------------------------------------------------------------------- /.github/compare-rule-files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/compare-rule-files.sh -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/scripts/.python-version: -------------------------------------------------------------------------------- 1 | 3.12 2 | -------------------------------------------------------------------------------- /.github/scripts/pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/scripts/pyproject.toml -------------------------------------------------------------------------------- /.github/scripts/rules_overview_generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/scripts/rules_overview_generator.py -------------------------------------------------------------------------------- /.github/scripts/uv.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/scripts/uv.lock -------------------------------------------------------------------------------- /.github/workflows/.yamllint: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/.yamllint -------------------------------------------------------------------------------- /.github/workflows/create-comment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/create-comment.yaml -------------------------------------------------------------------------------- /.github/workflows/pages.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/pages.yaml -------------------------------------------------------------------------------- /.github/workflows/registry.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/registry.yaml -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/release.yaml -------------------------------------------------------------------------------- /.github/workflows/rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/rules.yaml -------------------------------------------------------------------------------- /.github/workflows/yaml-lint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.github/workflows/yaml-lint.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/.gitignore -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/LICENSE -------------------------------------------------------------------------------- /OWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/OWNERS -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/README.md -------------------------------------------------------------------------------- /RELEASE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/RELEASE.md -------------------------------------------------------------------------------- /archive/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/archive/README.md -------------------------------------------------------------------------------- /archive/application_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/archive/application_rules.yaml -------------------------------------------------------------------------------- /archive/falco-deprecated_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/archive/falco-deprecated_rules.yaml -------------------------------------------------------------------------------- /docs/images/announce.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/announce.png -------------------------------------------------------------------------------- /docs/images/arrow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/arrow.png -------------------------------------------------------------------------------- /docs/images/cross.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/cross.png -------------------------------------------------------------------------------- /docs/images/insight.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/insight.png -------------------------------------------------------------------------------- /docs/images/setting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/setting.png -------------------------------------------------------------------------------- /docs/images/start.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/docs/images/start.png -------------------------------------------------------------------------------- /mkdocs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/mkdocs.yml -------------------------------------------------------------------------------- /proposals/20230605-rules-adoption-management-maturity-framework.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/proposals/20230605-rules-adoption-management-maturity-framework.md -------------------------------------------------------------------------------- /registry.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/registry.yaml -------------------------------------------------------------------------------- /rules/OWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/rules/OWNERS -------------------------------------------------------------------------------- /rules/falco-incubating_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/rules/falco-incubating_rules.yaml -------------------------------------------------------------------------------- /rules/falco-sandbox_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/rules/falco-sandbox_rules.yaml -------------------------------------------------------------------------------- /rules/falco_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/falcosecurity/rules/HEAD/rules/falco_rules.yaml --------------------------------------------------------------------------------