Macro(network_tool_binaries) Added netcat binary

Signed-off-by: <darryk10>stefano.chierici@sysdig.com
falcosecurity · Apr 6, 2023 · 1bd7e4a · 1bd7e4a
1 parent 5857874
commit 1bd7e4a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
@@ -2506,7 +2506,7 @@
   tags: [network, k8s, container, mitre_persistence, T1205.001]
 
 - list: network_tool_binaries
-  items: [nc, ncat, nmap, dig, tcpdump, tshark, ngrep, telnet, mitmproxy, socat, zmap]
+  items: [nc, ncat, netcat, nmap, dig, tcpdump, tshark, ngrep, telnet, mitmproxy, socat, zmap]
 
 - macro: network_tool_procs
   condition: (proc.name in (network_tool_binaries))