Releases: CrowdStrike/falconpy
Version 0.5.3
FalconPy v0.5.3
This update resolves an endpoint formatting issue (#200) in the entities_processes method of the IOCs Service Class.
- Bug fixes
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 93 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 14 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 142 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 150 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 70 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 109 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 66 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 42 0 100%
src/falconpy/ioc.py 54 0 100%
src/falconpy/iocs.py 76 0 100%
src/falconpy/kubernetes_protection.py 74 0 100%
src/falconpy/malquery.py 70 0 100%
src/falconpy/ml_exclusions.py 42 0 100%
src/falconpy/mssp.py 189 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 42 0 100%
src/falconpy/prevention_policy.py 82 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/recon.py 149 0 100%
src/falconpy/response_policies.py 82 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 42 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 3323 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-07-23 16:44:22.305957
Test results:
No issues identified.
Code scanned:
Total lines of code: 21249
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Issues resolved
- Bug fix: Resolves #200 by moving the failing method to the latest code pattern.
Version 0.5.2
FalconPy v0.5.2
This update resolves an issue with the updateSensorUpdatePoliciesV2 method within the Sensor Update Policy service class.
Special thanks to @alexandreborgo for submitting this fix. 🙇
- Bug fixes
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 93 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 14 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 142 1 99%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 150 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 70 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 109 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 66 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 42 0 100%
src/falconpy/ioc.py 54 0 100%
src/falconpy/iocs.py 76 0 100%
src/falconpy/kubernetes_protection.py 74 0 100%
src/falconpy/malquery.py 70 0 100%
src/falconpy/ml_exclusions.py 42 0 100%
src/falconpy/mssp.py 189 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 42 0 100%
src/falconpy/prevention_policy.py 82 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/recon.py 149 0 100%
src/falconpy/response_policies.py 82 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 10 76%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 42 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 3323 11 99%
Coverage miss due to skipped unit tests. - jshcodes
Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.7.3
92 [0.. 50.. ]
Run started:2021-07-07 21:47:58.067217
Test results:
No issues identified.
Code scanned:
Total lines of code: 21249
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Issues resolved
- Fixed: Incorrect endpoint specified in the updateSensorUpdatePoliciesV2 method within the Sensor Update Policy service class.
Version 0.5.1
FalconPy v0.5.1
This release resolves an issue with parameter payloads in the indicator_create_v1 and indicator_update_v1 methods within the IOC Service Class.
- Bug fixes
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src\falconpy\__init__.py 10 0 100%
src\falconpy\_endpoint\__init__.py 93 0 100%
src\falconpy\_endpoint\_cloud_connect_aws.py 1 0 100%
src\falconpy\_endpoint\_cspm_registration.py 1 0 100%
src\falconpy\_endpoint\_custom_ioa.py 1 0 100%
src\falconpy\_endpoint\_d4c_registration.py 1 0 100%
src\falconpy\_endpoint\_detects.py 1 0 100%
src\falconpy\_endpoint\_device_control_policies.py 1 0 100%
src\falconpy\_endpoint\_event_streams.py 1 0 100%
src\falconpy\_endpoint\_falcon_complete_dashboard.py 1 0 100%
src\falconpy\_endpoint\_falconx_sandbox.py 1 0 100%
src\falconpy\_endpoint\_firewall_management.py 1 0 100%
src\falconpy\_endpoint\_firewall_policies.py 1 0 100%
src\falconpy\_endpoint\_host_group.py 1 0 100%
src\falconpy\_endpoint\_hosts.py 1 0 100%
src\falconpy\_endpoint\_incidents.py 1 0 100%
src\falconpy\_endpoint\_installation_tokens.py 1 0 100%
src\falconpy\_endpoint\_intel.py 1 0 100%
src\falconpy\_endpoint\_ioa_exclusions.py 1 0 100%
src\falconpy\_endpoint\_ioc.py 1 0 100%
src\falconpy\_endpoint\_iocs.py 1 0 100%
src\falconpy\_endpoint\_kubernetes_protection.py 1 0 100%
src\falconpy\_endpoint\_malquery.py 1 0 100%
src\falconpy\_endpoint\_ml_exclusions.py 1 0 100%
src\falconpy\_endpoint\_mssp.py 1 0 100%
src\falconpy\_endpoint\_oauth2.py 1 0 100%
src\falconpy\_endpoint\_overwatch_dashboard.py 1 0 100%
src\falconpy\_endpoint\_prevention_policies.py 1 0 100%
src\falconpy\_endpoint\_quick_scan.py 1 0 100%
src\falconpy\_endpoint\_real_time_response.py 1 0 100%
src\falconpy\_endpoint\_real_time_response_admin.py 1 0 100%
src\falconpy\_endpoint\_recon.py 1 0 100%
src\falconpy\_endpoint\_response_policies.py 1 0 100%
src\falconpy\_endpoint\_sample_uploads.py 1 0 100%
src\falconpy\_endpoint\_sensor_download.py 1 0 100%
src\falconpy\_endpoint\_sensor_update_policies.py 1 0 100%
src\falconpy\_endpoint\_sensor_visibility_exclusions.py 1 0 100%
src\falconpy\_endpoint\_spotlight_vulnerabilities.py 1 0 100%
src\falconpy\_endpoint\_user_management.py 1 0 100%
src\falconpy\_endpoint\_zero_trust_assessment.py 1 0 100%
src\falconpy\_endpoint\deprecated\__init__.py 14 0 100%
src\falconpy\_endpoint\deprecated\_custom_ioa.py 1 0 100%
src\falconpy\_endpoint\deprecated\_firewall_management.py 1 0 100%
src\falconpy\_endpoint\deprecated\_installation_tokens.py 1 0 100%
src\falconpy\_endpoint\deprecated\_ioc.py 1 0 100%
src\falconpy\_endpoint\deprecated\_iocs.py 1 0 100%
src\falconpy\_endpoint\deprecated\_real_time_response.py 1 0 100%
src\falconpy\_endpoint\deprecated\_real_time_response_admin.py 1 0 100%
src\falconpy\_result.py 8 0 100%
src\falconpy\_service_class.py 45 0 100%
src\falconpy\_util.py 141 0 100%
src\falconpy\_version.py 8 0 100%
src\falconpy\api_complete.py 89 0 100%
src\falconpy\cloud_connect_aws.py 74 0 100%
src\falconpy\cspm_registration.py 150 0 100%
src\falconpy\custom_ioa.py 142 0 100%
src\falconpy\d4c_registration.py 70 0 100%
src\falconpy\detects.py 34 0 100%
src\falconpy\device_control_policies.py 77 0 100%
src\falconpy\event_streams.py 15 0 100%
src\falconpy\falcon_complete_dashboard.py 109 0 100%
src\falconpy\falconx_sandbox.py 82 0 100%
src\falconpy\firewall_management.py 148 0 100%
src\falconpy\firewall_policies.py 80 0 100%
src\falconpy\host_group.py 71 0 100%
src\falconpy\hosts.py 64 0 100%
src\falconpy\incidents.py 45 0 100%
src\falconpy\installation_tokens.py 66 0 100%
src\falconpy\intel.py 105 0 100%
src\falconpy\ioa_exclusions.py 42 0 100%
src\falconpy\ioc.py 54 0 100%
src\falconpy\iocs.py 76 0 100%
src\falconpy\kubernetes_protection.py 74 0 100%
src\falconpy\malquery.py 70 0 100%
src\falconpy\ml_exclusions.py 42 0 100%
src\falconpy\mssp.py 189 0 100%
src\falconpy\oauth2.py 34 0 100%
src\falconpy\overwatch_dashboard.py 42 0 100%
src\falconpy\prevention_policy.py 82 0 100%
src\falconpy\quick_scan.py 29 0 100%
src\falconpy\real_time_response.py 147 0 100%
src\falconpy\real_time_response_admin.py 88 0 100%
src\falconpy\recon.py 149 0 100%
src\falconpy\response_policies.py 82 0 100%
src\falconpy\sample_uploads.py 31 0 100%
src\falconpy\sensor_download.py 42 0 100%
src\falconpy\sensor_update_policy.py 117 0 100%
src\falconpy\sensor_visibility_exclusions.py 42 0 100%
src\falconpy\spotlight_vulnerabilities.py 21 0 100%
src\falconpy\user_management.py 75 0 100%
src\falconpy\zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 3322 0 100%
Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.9.5
92 [0.. 50.. ]
Run started:2021-06-28 19:09:44.998191
Test results:
No issues identified.
Code scanned:
Total lines of code: 21249
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Issues resolved
- Fixes #181 by adding the parameters to the create and update ioc functions.
Version 0.5.0
FalconPy v0.5.0
This version update implements the following new Service Classes:
- IOC
- Kubernetes Protection
- Recon
- Response Policies
Implements a minor pattern change and provides new sample source for CSPM registration policy export.
- Enhancement
- Major Feature update
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 93 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 14 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 142 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 150 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 70 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 109 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 66 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 42 0 100%
src/falconpy/ioc.py 50 0 100%
src/falconpy/iocs.py 76 0 100%
src/falconpy/kubernetes_protection.py 74 0 100%
src/falconpy/malquery.py 70 0 100%
src/falconpy/ml_exclusions.py 42 0 100%
src/falconpy/mssp.py 189 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 42 0 100%
src/falconpy/prevention_policy.py 82 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/recon.py 149 0 100%
src/falconpy/response_policies.py 82 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 42 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 3319 0 100%
Bandit analysis
[main] INFO running on Python 3.8.5
Run started:2021-06-23 06:10:13.614256
Test results:
No issues identified.
Code scanned:
Total lines of code: 21243
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
- Added: IOC API Service Class (
ioc.py
)- indicator_combined_v1
- indicator_get_v1
- indicator_create_v1
- indicator_delete_v1
- indicator_update_v1
- indicator_search_v1
- Added: Kubernetes Protection API Service Class (
kubernetes_protection.py
)- GetAWSAccountsMixin0
- CreateAWSAccount
- DeleteAWSAccountsMixin0
- UpdateAWSAccount
- GetLocations
- GetHelmValuesYaml
- RegenerateAPIKey
- GetClusters
- TriggerScan
- Added: Recon API Service Class (
recon.py
)- AggregateNotificationsV1
- PreviewRuleV1
- GetActionsV1
- CreateActionsV1
- DeleteActionV1
- UpdateActionV1
- GetNotificationsDetailedTranslatedV1
- GetNotificationsDetailedV1
- GetNotificationsTranslatedV1
- GetNotificationsV1
- DeleteNotificationsV1
- UpdateNotificationsV1
- GetRulesV1
- CreateRulesV1
- DeleteRulesV1
- UpdateRulesV1
- Q...
Version 0.4.10
FalconPy v.0.4.10
This release adds timeout handling functionality and fixes for proxy support within Service Classes.
Special thanks to @matcha-shake for suggesting this enhancement. 🙇
- Enhancement
- Bug fixes
- Updated unit tests
Using timeouts
The timeout value you pass to the Service or Uber class is utilized for all calls to the requests library. For scenarios where you are creating multiple objects to represent different API's, you will be able to set specific timeouts for each API service collection.
Specifying timeouts
The timeout value is passed directly to the requests library, allowing you to specify a float for a "generic" timeout and a tuple to specify read/connect timeouts. Values should be specified in seconds.
Generic timeouts
Passing a float for the timeout value will allow you to specify a timeout for the entire operation.
# Times out after thirty second for connect and read
from falconpy.cloud_connect_aws import Cloud_Connect_AWS as FalconAWS
falcon = FalconAWS(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}, timeout=30
)
result = falcon.QueryAWSAccounts()
print(result)
Connect / Read timeouts
Using a tuple for the timeout value will allow you to specify individual timeouts for connect and read.
# Times out after one second for connect and read
from falconpy.cloud_connect_aws import Cloud_Connect_AWS as FalconAWS
falcon = FalconAWS(creds={
'client_id': falcon_client_id,
'client_secret': falcon_client_secret
}, timeout=(3.05,26.95)
)
result = falcon.QueryAWSAccounts()
print(result)
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 142 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 190 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2913 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-06-21 19:14:31.312037
Test results:
No issues identified.
Code scanned:
Total lines of code: 18548
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
- Added: Timeout functionality for calls to the requests library
Issues resolved
- Fixed: Service Class proxy functionality support
Other
- Timeout functionality unit tests (
tests/test_timeout.py
)
Version 0.4.9
FalconPy v.0.4.9
This update enables proxy functionality by allowing a dictionary of proxies to be passed to the requests library when called.
- Enhancement
Special thanks go out to @EdgeSync for this contribution. 🙇♂️
Usage example
falcon = FalconSDK.APIHarness(
creds={
"client_id": falcon_client_id,
"client_secret": falcon_client_secret,
},
proxy={
"http": "http://myproxy:8888",
"https": "https://myotherproxy:8080"
}
)
falcon.authenticate()
Unit test coverage
A modified version of test_uber_api_complete.py was utilized to confirm proxy functionality against a private proxy stood up explicitly for this purpose.
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 134 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 88 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 190 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2903 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-05-27 07:10:14.688253
Test results:
No issues identified.
Code scanned:
Total lines of code: 18530
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
- Added: Proxy dictionary which is passed to the requests library when performing a request to the API.
- Related to discussion post: #154
Version 0.4.8
FalconPy 0.4.8
This release contains a refactored MSSP Service Class, which now follows the new pattern for Service Classes. This change was implemented earlier than planned in order to address issue #144.
- Enhancement
- Bug fixes
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 143 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 190 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2910 0 100%
Bandit analysis
[main] INFO running on Python 3.8.5
Run started:2021-04-28 19:42:45.126398
Test results:
No issues identified.
Code scanned:
Total lines of code: 18524
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Issues resolved
- Fixed: Parsing issue with ids argument within MSSP.getChildren (Flight Control Service Class)
- Resolved by migrating
mssp.py
source to the new pattern being tested for Service Classes. - Closes #144
- Resolved by migrating
Version 0.4.7
FalconPy v0.4.7
This release contains a new pattern for Service Classes that allows query string parameter payload values to be passed directly via the function call as arguments.
Example
import json
from falconpy.ml_exclusions import ML_Exclusions as FalconML
falcon = FalconML(creds={"client_id": client_ID, "client_secret": client_secret})
print(json.dumps(falcon.queryMLExclusionsV1(limit=10, offset=20, sort="value.asc"), indent=4))
This release also contains the following Service Classes:
- D4C Registration API
- Installation Tokens API
- IOA Exclusions API
- Falcon Complete Dashboard API
- MalQuery API
- ML Exclusions API
- Overwatch Dashboard API
- Sensor Visibility Exclusions API
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 143 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 159 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2879 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-24 18:39:48.789455
Test results:
No issues identified.
Code scanned:
Total lines of code: 18556
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
New Service Class pattern - Query String parameters can now be passed as function arguments.
This functionality is currently only available in the following new Service Classes while
regression testing is underway.
- Added: D4C Registration API Service Class (
d4c_registration.py
)- GetCSPMAzureAccount
- CreateCSPMAzureAccount
- UpdateCSPMAzureAccountClientID
- GetCSPMAzureUserScriptsAttachment
- GetCSPMAzureUserScripts
- GetCSPMCGPAccount
- GetCSPMGCPAccount (redirects to GetCSPMCGPAccount)
- CreateCSPMGCPAccount
- GetCSPMGCPUserScriptsAttachment
- GetCSPMGCPUserScripts
- Added unit tests (
test_d4c_registration.py
)
- Added: Installation Tokens API Service Class (
installation_tokens.py
)- audit_events_read
- customer_settings_read
- tokens_read
- tokens_create
- tokens_delete
- tokens_update
- audit_events_query
- tokens_query
- Added unit tests (
test_installation_tokens.py
)
- Added: IOA Exclusions API Service Class (
ioa_exclusions.py
)- getIOAExclusionsV1
- createIOAExclusionsV1
- deleteIOAExclusionsV1
- updateIOAExclusionsV1
- queryIOAExclusionsV1
- Added unit tests (
test_ioa_exclusions.py
)
- Added: Falcon Co...
Version 0.4.6
FalconPy v0.4.6
This pull request provides updated functionality to the FalconPy base package.
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 129 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/mssp.py 159 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2368 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-19 10:30:07.881913
Test results:
No issues identified.
Code scanned:
Total lines of code: 17277
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
-
Added: Missing method to Spotlight_Vulnerabilities Service Class (
spotlight_vulnerabilities.py
)- getRemediations
- Added unit test to existing test series (
test_spotlight_vulnerabilities.py
)
-
Added: MSSP (Falcon Flight Control) Service Class
- getChildren
- getCIDGroupMembersBy
- addCIDGroupMembers
- deleteCIDGroupMembers
- getCIDGroupById
- createCIDGroups
- deleteCIDGroups
- updateCIDGroups
- getRolesByID
- addRole
- deleteRoles
- getUserGroupMembersByID
- addUserGroupMembers
- deleteUserGroupMembers
- getUserGroupsByID
- createUserGroup
- deleteUserGroups
- updateUserGroups
- queryChildren
- queryCIDGroupMembers
- queryCIDGroups
- queryRoles
- queryUserGroupMembers
- queryUserGroups
- Added unit tests (
test_mssp.py
)
-
Added: Zero Trust Assessment Service Class
- getAssessmentV1
- Added unit tests (
test_zero_trust_assessment.py
)
Issues resolved
- Fixed KeyError when providing invalid credentials to a Service Class using Credential
or Object authentication, Closes #134
Other
- Moved _endpoint constant library to a private submodule (No impact to existing usage)
- Added payload parameter information to _endpoint constants
- Adds service collection ID to endpoint lists
- This prepares the package for new functionality planned for future releases
- Added:
force_default
function - decorator function that forces default values for function arguments (_util.py
)- Added: Helper function
get_default
- Refactored Uber class to leverage this new functionality
- Unit tests refactored to cover new code paths (
test_uber_api_complete.py
)
- Unit tests refactored to cover new code paths (
- Depending upon feedback, this updated pattern will be implemented within Service Classes to reduce overall function complexity
- Added: Helper function
- Linting
Developers: These patterns are being tested within the Uber Class for migration over to Service Classes in future versions
- Reduced Uber class method complexity
- Added: Helper function
calc_url_from_args
(_util.py
) - Added: Helper function
_create_header_payload
(api_complete.py
, Requires class internal variables)
- Added: Helper function
- Migrated Uber class variables to snake_case format
- Removed unnecessarily complex lambdas
- New class method:
valid_cred_format
, replaces previous lambda class attribute - New class method:
token_expired
, replaces previous lambda class attribute
-...
- New class method:
- Reduced Uber class method complexity
Version 0.4.5
FalconPy 0.4.5
This release provides two additional service classes:
- Custom IOA
- Quick Scan
And updates the Uber class to access three additional API service collections:
- Falcon Complete Dashboards
- Falcon Overwatch Dashboards
- Falcon Flight Control
- Enhancement
- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 84 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 2007 0 100%
Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-12 06:34:01.963124
Test results:
No issues identified.
Code scanned:
Total lines of code: 7389
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
-
Added: Custom Indicators of Attack (IOA) API Service Class (
custom_ioa.py
)- get_patterns
- get_platformsMixin0
- get_rule_groupsMixin0
- create_rule_groupMixin0
- delete_rule_groupsMixin0
- update_rule_groupMixin0
- get_rule_types
- get_rules_get
- get_rulesMixin0
- create_rule
- delete_rules
- update_rules
- validate
- query_patterns
- query_platformsMixin0
- query_rule_groups_fulle
- query_rule_groupsMixin0
- query_rule_types
- query_rulesMixin0
- Added unit tests (
test_custom_ioa.py
)
-
Added: Falcon X Quick Scan API Service Class (
quick_scan.py
)- GetScansAggregate
- GetScans
- ScanSamples
- QuerySubmissionsMixin0
- Added unit tests (
test_quick_scan.py
)
-
Added: Uber class endpoints (
_endpoints.py
)- Falcon Complete Dashboard API
- Falcon Overwatch Dashboard API
- Falcon Flight Control API
Issues resolved
- Fixed unidiomatic type check in
_util.py
(parse_id_list) - Fixed potentially problematic default payload lists and dictionaries (Service Classes and Uber Class)
Other
- Added CHANGELOG.md
- Documentation updates to reflect new service class and upcoming API additions
- Minor comment updates
- Adjusted GitHub actions to test operating systems as separate workflows
- Minor GitHub workflow adjustments
- Unit test updates
- Cloud Connect AWS
- CSPM Registration
- Sensor Download