Releases: CrowdStrike/falconpy
Version 0.4.4
FalconPy v0.4.4
This release contains the version 0.4.4 update for the FalconPy package.
- Enhancement
- Bug fixes
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 82 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 69 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 70 0 100%
src/falconpy/host_group.py 63 0 100%
src/falconpy/hosts.py 58 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 69 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sample_uploads.py 25 0 100%
src/falconpy/sensor_download.py 38 0 100%
src/falconpy/sensor_update_policy.py 105 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1674 0 100%
Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.9.2
Run started:2021-04-04 23:55:51.713411
Test results:
No issues identified.
Code scanned:
Total lines of code: 6516
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
- Added: Sensor Download API Service Class
- GetCombinedSensorInstallersByQuery
- DownloadSensorInstallerById
- GetSensorInstallersEntities
- GetSensorInstallersCCIDByQuery
- GetSensorInstallersByQuery
Unit tests have been developed to cover this new Service Class
Props and thanks go out to @CalebSchwartz for all of his hard work on the Sensor Download Service Class! 🦸
Issues resolved
- Fixed: action_name parameter default bug. Resolved by setting a default value and overriding this value if action_name is present in the parameters dictionary, Closes #114.
Other
- Documentation updated to reflect the new Sensor Download Service Class
Version 0.4.3
FalconPy v0.4.3
Planned production package release: 03.30.21
- Enhancement
Major Feature update- Bug fixes
Breaking Change- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 56 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sample_uploads.py 25 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1622 0 100%
Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.9.2
Run started:2021-03-26 21:13:00.083912
Test results:
No issues identified.
Code scanned:
Total lines of code: 6415
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
- Added: Sample_Uploads service class (sample_uploads.py)
- UploadSampleV3
- GetSampleV3
- DeleteSampleV3
Added: Sample_Uploads unit tests (test_sample_uploads.py)
- Added: FalconDebug - Interactive Python3 debugger that provides a pre-defined API token.
Issues resolved
- Fixed: Issue with Uber class command method using the action_name variable instead of file_name variable for actions passing the file_name parameter.
- Fixed: Issue with setup.py passing GitHub emoji text to the package description.
- Fixed: Issue with Uber class unit testing not deleting uploaded files from Sample_Uploads API. (test_uber_api_complete.py)
Version 0.4.2
FalconPy v0.4.2
- Enhancement
Major Feature update- Bug fixes
Breaking Change- Updated unit tests
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 56 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1597 0 100%
Added features and functionality
-
Added missing method: hosts.py - Added UpdateDeviceTags method to Hosts service class. (Thank you rewgord!) 😄
Unit test added to test_hosts.py to test device tagging functionality.
-
New endpoints added to the Uber class: _endpoint.py
Deprecation Warning: Legacy API operation IDs that made use of the Python reserved characters "." and "-" have been deprecated. New operation IDs have been generated for each that now aligns to the method names defined in the equivalent service class.
-
API Operation summaries added to the Uber class: _endpoint.py - This provides for upcoming functionality that will be announced in future updates.
Issues resolved
- Added method validation to Uber class calls to the requests library. (HTTP 418 is sent when an invalid method is specified.)
Other
- Cleaned up event_streams.py class file to match new patterns.
- Updated return type decorators for service_request and perform_request. (_util.py)
- Updated return type decorators for GetArtifacts, GetReports and GetSampleV2. (falconx_sandbox.py)
- Abstracted all remaining common error output code paths to a stand-alone generic method. (_util.py)
Version 0.4.1
FalconPy v0.4.1
- Enhancement
Major Feature update- Bug fixes
- Breaking Change (See below)
- Updated unit tests
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 77 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 37 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1578 0 100%
Added features and functionality
- New service class: cspm_registration.py - Provides the CSPM_Registration service class for handling Horizon registration in Azure and AWS.
New basic unit tests for the CSPM_Registration service class have been included within this pull request.
- Added methods: falconx_sandbox.py - Support for the following operations have been added to the FalconX_Sandbox service class.
- QuerySampleV1
- DeleteSampleV2
- GetSampleV2
- DeleteReport
- GetReports
Unit tests have been updated to reflect these additional methods
Issues resolved
-
Bug fix: Resolved malformed validator in detects.py - UpdateDetectsByIdsV2
-
Bug fix: Added action_name parameter to operations that require the parameter. (#53)
This issue impacted 6 service classes in total:- device_control_policies.py - Device_Control_Policies - performDeviceControlPoliciesAction
- firewall_policies.py - Firewall_Policies - performFirewallPoliciesAction
- host_group.py - Host_Group - performGroupAction
- hosts.py - Host - PerformActionV2
- prevention_policy.py - Prevention_Policy - performPreventionPoliciesAction
- sensor_update_policy.py - Sensor_Update_Policy - performSensorUpdatePoliciesAction
This issue also impacted the Uber class, resulting in updates to the command method within the APIHarness class.
Unit tests have been updated to reflect these changes
Potential Breaking Change: The action_name parameter does not currently accept unspecified values. This will be resolved in the 0.4.4 version of the package.
Other
- Minor updates to _endpoints.py to reflect operation ID corrections for the CSPM registration API.
- Abstracted common error output code paths to a stand-alone method within _util.py.
Version 0.4.0
FalconPy v0.4.0
- Major Feature update
- Bug fixes
-
Breaking Change - Updated unit tests
Added features and functionality
- Added additional HTTP status codes
- Added parameter input validation handling
- Additional validations are planned for all service classes. Currently only enabled in
cloud_connect_aws.py
.
- Additional validations are planned for all service classes. Currently only enabled in
- Added body payload input validation handling
- Additional validations are planned for all service classes. Currently only enabled in
cloud_connect_aws.py
.
- Additional validations are planned for all service classes. Currently only enabled in
- Added allowed HTTP method restrictions
- Added ID list handling to API operations that require ID lists
-
Developers may now pass in a list of IDs or a comma-delimited string.
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) id_list = ['ID1', 'ID2', 'ID3'] print(json.dumps(falcon.GetAWSAccounts(ids=id_list), indent=4))
or
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) id_list_string = "ID1,ID2,ID3" print(json.dumps(falcon.GetAWSAccounts(ids=id_list_string), indent=4))
-
- Added status code response checks to authentication events
- Instantiate Service classes without having to manage tokens
- Pass in credentials (Now referred to as "credential authentication")
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) print(json.dumps(falcon.QueryAWSAccounts(), indent=4))
- Pass in the entire auth object (Now referred to as "object authentication")
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS auth = FalconAuth.OAuth2(creds={'client_id': client_id, 'client_secret': client_secret}) falcon = FalconAWS.Cloud_Connect_AWS(auth_object=auth) print(json.dumps(falcon.QueryAWSAccounts(), indent=4))
Please note: Passing a token into Service classes is still fully supported. This is now referred to as "legacy authentication".
- Pass in credentials (Now referred to as "credential authentication")
- Added automatic token refresh functionality to Service Class calls
- Developers must make use of either credential or object authentication in order to leverage this functionality.
Issues resolved
- Added dynamic package metadata updates (Issue #14)
- Generalized version control
- New constant file:
_version.py
- New constant file:
- Generalized version control
- Added user-agent string to HTTP headers. (Issue #57)
- Resolved a bug with token deauthentication (Uber and Service classes)
- Resolved a bug in Firewall_Management.update_rule_group
Other
- Abstracted calls to the requests library from all classes, reducing code segment size
- New library:
_util.py
- New class:
_service_class.py
- New class:
_result.py
- All Service Classes refactored
- New library:
- Abstracted endpoint list from the Uber class to a standalone source file
- New constant file:
_endpoint.py
- New constant file:
- Linting / code cleanup
- Added function input parameter datatype specifications (where possible)
- Added function output datatype decorators
- In order to reduce confusion, references to the
json
requests attribute are now always referred to as "body". References to thedata
requests attribute are still referred to as "data".
- 100% unit test coverage
- Internal documentation updates