FalconPy v0.7.0
This update contains the first group of service classes refactored to the latest code pattern (rev 4). This new pattern abstracts body payload handling into keywords while still allowing for legacy body payload usage. It also moves all docstrings to PEP-257 format, and provides a couple of ease of use enhancements.
- Enhancement
- Major Feature update
- Bug fixes
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 59 0 100%
src/falconpy/_base_url.py 6 0 100%
src/falconpy/_endpoint/__init__.py 107 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 20 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_payload/__init__.py 6 0 100%
src/falconpy/_payload/_detects.py 10 0 100%
src/falconpy/_payload/_generic.py 55 0 100%
src/falconpy/_payload/_malquery.py 50 0 100%
src/falconpy/_payload/_recon.py 67 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 53 0 100%
src/falconpy/_util.py 179 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/api_complete.py 95 0 100%
src/falconpy/cloud_connect_aws.py 38 0 100%
src/falconpy/cspm_registration.py 76 0 100%
src/falconpy/custom_ioa.py 68 0 100%
src/falconpy/d4c_registration.py 36 0 100%
src/falconpy/detects.py 28 0 100%
src/falconpy/device_control_policies.py 49 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 54 0 100%
src/falconpy/falcon_container.py 7 0 100%
src/falconpy/falconx_sandbox.py 56 0 100%
src/falconpy/firewall_management.py 60 0 100%
src/falconpy/firewall_policies.py 50 0 100%
src/falconpy/host_group.py 45 0 100%
src/falconpy/hosts.py 65 0 100%
src/falconpy/identity_protection.py 8 0 100%
src/falconpy/incidents.py 25 0 100%
src/falconpy/installation_tokens.py 27 0 100%
src/falconpy/intel.py 63 0 100%
src/falconpy/ioa_exclusions.py 23 0 100%
src/falconpy/ioc.py 44 0 100%
src/falconpy/iocs.py 38 0 100%
src/falconpy/kubernetes_protection.py 40 0 100%
src/falconpy/malquery.py 49 0 100%
src/falconpy/ml_exclusions.py 23 0 100%
src/falconpy/mssp.py 93 0 100%
src/falconpy/oauth2.py 48 0 100%
src/falconpy/overwatch_dashboard.py 23 0 100%
src/falconpy/prevention_policy.py 42 0 100%
src/falconpy/quarantine.py 24 0 100%
src/falconpy/quick_scan.py 26 0 100%
src/falconpy/real_time_response.py 82 0 100%
src/falconpy/real_time_response_admin.py 50 0 100%
src/falconpy/recon.py 97 0 100%
src/falconpy/report_executions.py 16 0 100%
src/falconpy/response_policies.py 42 0 100%
src/falconpy/sample_uploads.py 24 0 100%
src/falconpy/scheduled_reports.py 12 0 100%
src/falconpy/sensor_download.py 32 0 100%
src/falconpy/sensor_update_policy.py 70 0 100%
src/falconpy/sensor_visibility_exclusions.py 32 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 49 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 2560 0 100%Bandit analysis
[main] INFO running on Python 3.9.7
Run started:2021-09-27 04:38:02.286214
Test results:
No issues identified.
Code scanned:
Total lines of code: 24494
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added: Updated
__all__parameter in root__init__.py, publishing all PEP8 class names. This change allows developers to import these classes directly.from falconpy import Hosts falcon = Hosts(client_id="CLIENT_ID_HERE", client_secret="CLIENT_SECRET_HERE") result = falcon.query_devices_by_filter() print(result)
- Added: Private Base URL enum.
_base_url.py- You may now specify your base URL by name or by URL.
- US1
- US2
- USGOV1
- EU1
- You may now specify your base URL by name or by URL.
- Added: Default value for action_name parameter in refresh_active_stream method of EventStreams service class.
event_streams.py - Added: Payload handling sub-module.
_payload/_payload/__init__.py_payload/_detects.py_payload/generic.py_payload/malquery.py_payload/recon.py
- Updated: Service Class Refactoring (Rev 4)
- Provides: Body Payload Abstraction - Abstracted BODY payload parameters for all methods using PATCH, POST or PUT requests into keywords. Legacy usage pattern of passing the BODY payload directly as the body keyword is still supported.
- Provides: PEP-257 formatting of all docstrings.
detects.py- Closes #353.event_streams.py- Closes #349falcon_container.py- Closes #348hosts.py- Closes #340.intel.py- Closes #352malquery.py- Closes #354quick_scan.py- Closes #351recon.py- Closes #350report_executions.py- Closes #346sample_uploads.py- Closes #344scheduled_reports.py- Closes #345sensor_download.py- Closes #343sensor_visibility_exclusions.py- Closes #347spotlight_vulnerabilities.py- Closes #342zero_trust_assessment.py- Closes #341
- Updated: Endpoint module updated to reflect recent swagger changes.
_cspm_registration.py_mssp.py
Issues resolved
- Updated: Linter updates now result in usage of
formatbeing marked as a failure for scenarios where anf-stringcan be used. Updated all occurances of this issue to make use off-stringformatting._service_class.py_util.pyapi_complete.pyoauth2.py
Other
- Updated: PEP-257 syntax applied to all docstrings in all touched files.
- Updated: README.md updates