Fixed query options and added support for process name for SentinelOne

redcanaryco / surveyor

A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.

MIT License

170 stars 59 forks source link

Fixed query options and added support for process name for SentinelOne #74

Closed xC0uNt3r7hr34t closed 1 year ago

xC0uNt3r7hr34t commented 1 year ago

Fixed type mismatch to allow proper query string conversion to dictionary to properly convert anything specified in --query. Changed operator to containscis for definition files (better result confidence). Added process_name query conversion for SentinelOne.

closes #73