FalconPy v0.5.0
This version update implements the following new Service Classes:
- IOC
- Kubernetes Protection
- Recon
- Response Policies
Implements a minor pattern change and provides new sample source for CSPM registration policy export.
- Enhancement
- Major Feature update
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 93 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 14 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 142 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 150 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 70 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 109 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 66 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 42 0 100%
src/falconpy/ioc.py 50 0 100%
src/falconpy/iocs.py 76 0 100%
src/falconpy/kubernetes_protection.py 74 0 100%
src/falconpy/malquery.py 70 0 100%
src/falconpy/ml_exclusions.py 42 0 100%
src/falconpy/mssp.py 189 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 42 0 100%
src/falconpy/prevention_policy.py 82 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/recon.py 149 0 100%
src/falconpy/response_policies.py 82 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 42 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 3319 0 100%Bandit analysis
[main] INFO running on Python 3.8.5
Run started:2021-06-23 06:10:13.614256
Test results:
No issues identified.
Code scanned:
Total lines of code: 21243
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added: IOC API Service Class (
ioc.py)- indicator_combined_v1
- indicator_get_v1
- indicator_create_v1
- indicator_delete_v1
- indicator_update_v1
- indicator_search_v1
- Added: Kubernetes Protection API Service Class (
kubernetes_protection.py)- GetAWSAccountsMixin0
- CreateAWSAccount
- DeleteAWSAccountsMixin0
- UpdateAWSAccount
- GetLocations
- GetHelmValuesYaml
- RegenerateAPIKey
- GetClusters
- TriggerScan
- Added: Recon API Service Class (
recon.py)- AggregateNotificationsV1
- PreviewRuleV1
- GetActionsV1
- CreateActionsV1
- DeleteActionV1
- UpdateActionV1
- GetNotificationsDetailedTranslatedV1
- GetNotificationsDetailedV1
- GetNotificationsTranslatedV1
- GetNotificationsV1
- DeleteNotificationsV1
- UpdateNotificationsV1
- GetRulesV1
- CreateRulesV1
- DeleteRulesV1
- UpdateRulesV1
- QueryActionsV1
- QueryActionsV1
- QueryNotificationsV1
- QueryRulesV1
- Added: Response Policies API Service Class (
response_policies.py)- queryCombinedRTResponsePolicyMembers
- queryCombinedRTResponsePolicies
- performRTResponsePoliciesAction
- setRTResponsePoliciesPrecedence
- getRTResponsePolicies
- createRTResponsePolicies
- deleteRTResponsePolicies
- updateRTResponsePolicies
- queryRTResponsePolicyMembers
- queryRTResponsePolicies
- Updated: CSPM Registration API Service Class (
cspm_registration.py)- Refactored to utilized updated pattern for Service Classes
- Added: PatchCSPMAwsAccount function
- Added: UpdateCSPMAzureTenantDefaultSubscriptionID function
- Added: GetIOAEvents function
- Added: GetIOAUsers function
- Updated: Unit tests
- Updated: Discover for Cloud Registration API Service Class (
d4c_registration.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: IOA Exclusions API Service Class (
ioa_exclusions.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: IOCs API Service Class (
iocs.py)- Refactored to utilized updated pattern for Service Classes
- Updated: Deprecated multiple endpoints as part of the release of the new IOC Service Class (
_endpoint/_iocs.py)
- Updated: Falcon Complete Dashboard API Service Class (
falcon_complete_dashboard.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: Falcon Flight Control API Service Class (
mssp.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: Installation Tokens API Service Class (
installation_tokens.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: Malquery API Service Class (
malquery.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: ML Exclusions API Service Class (
ml_exclusions.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: Overwatch Dashboard API Service Class (
overwatch_dashboard.py)- Refactored to remove unnecessary private method call / import of the sys library
- Updated: Prevention Policies API Service Class (
prevention_policy.py)- Refactored to utilized updated pattern for Service Classes
- Updated: Added add-rule-group and remove-rule-group actions to action_name parameter for performPreventionPoliciesAction function. (
_endpoint/_prevention_policy.py)
- Updated: Sensor Visibility Exclusions API Service Class (
sensor_visibility_exclusions.py)- Refactored to remove unnecessary private method call / import of the sys library
Other
- Added: CSPM Registration API sample - CSPM registration policy export (Thanks to @mccbryan3 🙇)