FalconPy v0.5.4
Changes provided by this update include:
- New query parameter handling functionality to six service classes by moving them to the new code pattern.
- Adds the new Identity Protection service class
- Resolves a bug with BODY payload validation.
- Resolves a flaky unit test for the Kubernetes Protection service class.
- Adds the pylint workflow to push and pull_request actions.
- Adds the create-lambda-layer.sh utility script.
- Updates to PIP package metadata.
- Enhancement
- Bug fixes
- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 13 0 100%
src/falconpy/_endpoint/__init__.py 97 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 16 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 45 0 100%
src/falconpy/_util.py 141 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 150 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 70 0 100%
src/falconpy/detects.py 37 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 20 0 100%
src/falconpy/falcon_complete_dashboard.py 109 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/identity_protection.py 11 0 100%
src/falconpy/incidents.py 49 0 100%
src/falconpy/installation_tokens.py 66 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 42 0 100%
src/falconpy/ioc.py 54 0 100%
src/falconpy/iocs.py 76 0 100%
src/falconpy/kubernetes_protection.py 74 0 100%
src/falconpy/malquery.py 70 0 100%
src/falconpy/ml_exclusions.py 42 0 100%
src/falconpy/mssp.py 189 0 100%
src/falconpy/oauth2.py 34 0 100%
src/falconpy/overwatch_dashboard.py 42 0 100%
src/falconpy/prevention_policy.py 82 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/recon.py 149 0 100%
src/falconpy/response_policies.py 82 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 42 0 100%
src/falconpy/spotlight_vulnerabilities.py 28 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 3368 0 100%Bandit analysis
Run started:2021-07-30 14:17:12.897773
Test results:
No issues identified.
Code scanned:
Total lines of code: 21488
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added
identity_protection.py- Identity Protection service class. - Added utility to create a zip archive to be used with AWS Lambda layers. (
create-lambda-layer.sh)
Issues resolved
- Bug fix: Resolved order of operations issue with body validation in validate_payload helper function. (
_util.py) - Updated
cloud_connect_aws.py- Cloud_Connect_AWS Service Class. Closes #209. - Updated
detects.py- Detects Service Class. Closes #210. - Updated
event_streams.py- Event Streams Service Class. Closes #212. - Updated
incidents.py- Incidents Service Class. Closes #213. - Updated
spotlight_vulnerabilities.py- Spotlight Vulnerabilities Service Class. Closes #214. - Updated
zero_trust_assessment.py- Zero Trust Assessment Service Class. Closes #211. - Updated query used for unit testing of Spotlight Vulnerabilities service class. 2020 -> 2021 (
test_spotlight_vulnerabilities.py) - Bug fix: Resolved flaky unit test for RegenerateAPIKey for Kubernetes Protection service class. (
test_kubernetes_protection.py).
Other
- Added pylint workflow to push / pull_request actions.
- _endpoint module updates to support new service class.
- Added unit testing for new service class.
- Unit testing updates to complete code coverage.
- README.md updated.
- Added additional classifiers and developer requirements to PIP package metadata. (
setup.py)