FalconPy v0.6.3
This update merges the functionality of the two IOC service classes. Provides two new service classes, and deprecates the CS_USERNAME parameter from the CustomIOA and FirewallManagement service classes.
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 14 0 100%
src/falconpy/_endpoint/__init__.py 105 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 1 0%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 20 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 62 0 100%
src/falconpy/_util.py 167 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/api_complete.py 93 0 100%
src/falconpy/cloud_connect_aws.py 38 0 100%
src/falconpy/cspm_registration.py 76 0 100%
src/falconpy/custom_ioa.py 68 0 100%
src/falconpy/d4c_registration.py 36 0 100%
src/falconpy/detects.py 18 0 100%
src/falconpy/device_control_policies.py 49 0 100%
src/falconpy/event_streams.py 13 0 100%
src/falconpy/falcon_complete_dashboard.py 54 0 100%
src/falconpy/falcon_container.py 7 0 100%
src/falconpy/falconx_sandbox.py 56 0 100%
src/falconpy/firewall_management.py 60 0 100%
src/falconpy/firewall_policies.py 50 0 100%
src/falconpy/host_group.py 45 0 100%
src/falconpy/hosts.py 55 0 100%
src/falconpy/identity_protection.py 8 0 100%
src/falconpy/incidents.py 25 0 100%
src/falconpy/installation_tokens.py 27 0 100%
src/falconpy/intel.py 59 0 100%
src/falconpy/ioa_exclusions.py 23 0 100%
src/falconpy/ioc.py 44 0 100%
src/falconpy/iocs.py 38 0 100%
src/falconpy/kubernetes_protection.py 40 0 100%
src/falconpy/malquery.py 35 0 100%
src/falconpy/ml_exclusions.py 23 0 100%
src/falconpy/mssp.py 93 0 100%
src/falconpy/oauth2.py 46 0 100%
src/falconpy/overwatch_dashboard.py 23 0 100%
src/falconpy/prevention_policy.py 42 0 100%
src/falconpy/quarantine.py 24 24 0%
src/falconpy/quick_scan.py 19 0 100%
src/falconpy/real_time_response.py 82 0 100%
src/falconpy/real_time_response_admin.py 50 0 100%
src/falconpy/recon.py 73 0 100%
src/falconpy/report_executions.py 16 0 100%
src/falconpy/response_policies.py 42 0 100%
src/falconpy/sample_uploads.py 20 0 100%
src/falconpy/scheduled_reports.py 12 0 100%
src/falconpy/sensor_download.py 39 0 100%
src/falconpy/sensor_update_policy.py 70 0 100%
src/falconpy/sensor_visibility_exclusions.py 23 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 49 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 2227 25 99%Coverage miss with this merge due to lack of unit testing for quarantine service class. This will be remedied in a subsequent merge.
Bandit analysis
[main] INFO running on Python 3.9.6
Run started:2021-08-27 20:14:46.536026
Test results:
No issues identified.
Code scanned:
Total lines of code: 22105
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added: New FalconContainer Service Class.
falcon_container.py - Added: Two new methods (operations)) to the Hosts Service Class.
hosts.py- query_device_login_history / QueryDeviceLoginHistory
- query_network_address_history / QueryGetNetworkAddressHistoryV1
- Added: New method (operation)) to the SpotlightVulnerabilities Service Class.
spotlight_vulnerabilities.py- get_remediations_v2 - getRemediationsV2
- Migrated: Ported still viable methods from legacy IOCS Service Class
iocs.pyto the new IOC Service Class.ioc.py- devices_count / DevicesCount
- devices_ran_on / DevicesRanOn
- processes_ran_on / ProcessesRanOn
- entities_processes / entities_processes
- Updated: Deprecated 5 methods within the legacy IOCS Service Class.
iocs.py- get_ioc / GetIOC
- create_ioc / CreateIOC
- delete_ioc / DeleteIOC
- update_ioc / UpdateIOC
- query_iocs / QueryIOCs
- Updated: Deprecated cs_username keyword from all methods within CustomIOA and FirewallManagement Service Classes. Closes #320. Closes #321.
custom_ioa.py,firewall_management.py - Added: New Quarantine Service Class and endpoints.
quarantine.py - Updated: Updated endpoint for getComplianceV1 operation within ZeroTrustAssessment Service Class.
zero_trust_assessment.py