FalconPy v1.0.4
This update provides new functionality for managing the token renewal window. (The time buffer allotted between token expiration and the time FalconPy automatically renews this token.) The maximum amount of time this window can be set to is 20 minutes, which will refresh your token every 10 minutes. This also moves the default for this value from 20 seconds to 120 seconds (the minimum).
The SpotlightVulnerabilities Service Class received a minor update, providing a check for the filter keyword when using the query_vulnerabilities_combined (combinedQueryVulnerabilities) method.
A fix for when trailing backslashes are provided as part of a base_url value is included as well.
- Enhancement
- Bug fixes
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 63 0 100%
src/falconpy/_base_url.py 7 0 100%
src/falconpy/_endpoint/__init__.py 117 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_discover.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_filevantage.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_message_center.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 22 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_discover.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_payload/__init__.py 24 0 100%
src/falconpy/_payload/_cloud_connect_aws.py 22 0 100%
src/falconpy/_payload/_cspm_registration.py 40 0 100%
src/falconpy/_payload/_d4c_registration.py 10 0 100%
src/falconpy/_payload/_detects.py 13 0 100%
src/falconpy/_payload/_device_control_policy.py 13 0 100%
src/falconpy/_payload/_falconx.py 25 0 100%
src/falconpy/_payload/_firewall.py 65 0 100%
src/falconpy/_payload/_generic.py 65 0 100%
src/falconpy/_payload/_host_group.py 30 0 100%
src/falconpy/_payload/_ioa.py 29 0 100%
src/falconpy/_payload/_ioc.py 36 0 100%
src/falconpy/_payload/_malquery.py 56 0 100%
src/falconpy/_payload/_message_center.py 22 0 100%
src/falconpy/_payload/_mssp.py 15 0 100%
src/falconpy/_payload/_prevention_policy.py 19 0 100%
src/falconpy/_payload/_real_time_response.py 27 0 100%
src/falconpy/_payload/_recon.py 72 0 100%
src/falconpy/_payload/_reports.py 18 0 100%
src/falconpy/_payload/_response_policy.py 19 0 100%
src/falconpy/_payload/_sensor_update_policy.py 24 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 74 0 100%
src/falconpy/_util.py 186 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/api_complete.py 113 0 100%
src/falconpy/cloud_connect_aws.py 47 0 100%
src/falconpy/cspm_registration.py 118 0 100%
src/falconpy/custom_ioa.py 85 0 100%
src/falconpy/d4c_registration.py 47 0 100%
src/falconpy/detects.py 28 0 100%
src/falconpy/device_control_policies.py 66 0 100%
src/falconpy/discover.py 10 0 100%
src/falconpy/event_streams.py 19 0 100%
src/falconpy/falcon_complete_dashboard.py 76 0 100%
src/falconpy/falcon_container.py 7 0 100%
src/falconpy/falconx_sandbox.py 67 0 100%
src/falconpy/filevantage.py 13 0 100%
src/falconpy/firewall_management.py 81 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 58 0 100%
src/falconpy/hosts.py 65 0 100%
src/falconpy/identity_protection.py 12 0 100%
src/falconpy/incidents.py 37 0 100%
src/falconpy/installation_tokens.py 37 0 100%
src/falconpy/intel.py 63 0 100%
src/falconpy/ioa_exclusions.py 32 0 100%
src/falconpy/ioc.py 49 0 100%
src/falconpy/iocs.py 39 0 100%
src/falconpy/kubernetes_protection.py 49 0 100%
src/falconpy/malquery.py 49 0 100%
src/falconpy/message_center.py 74 0 100%
src/falconpy/ml_exclusions.py 34 0 100%
src/falconpy/mssp.py 130 0 100%
src/falconpy/oauth2.py 74 0 100%
src/falconpy/overwatch_dashboard.py 30 0 100%
src/falconpy/prevention_policy.py 59 0 100%
src/falconpy/quarantine.py 45 0 100%
src/falconpy/quick_scan.py 26 0 100%
src/falconpy/real_time_response.py 114 0 100%
src/falconpy/real_time_response_admin.py 64 0 100%
src/falconpy/recon.py 97 0 100%
src/falconpy/report_executions.py 23 0 100%
src/falconpy/response_policies.py 58 0 100%
src/falconpy/sample_uploads.py 24 0 100%
src/falconpy/scheduled_reports.py 19 0 100%
src/falconpy/sensor_download.py 32 0 100%
src/falconpy/sensor_update_policy.py 107 0 100%
src/falconpy/sensor_visibility_exclusions.py 32 0 100%
src/falconpy/spotlight_vulnerabilities.py 30 0 100%
src/falconpy/user_management.py 69 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 3676 0 100%Bandit analysis
[main] INFO running on Python 3.9.9
Run started:2022-02-18 21:58:44.924816
Test results:
No issues identified.
Code scanned:
Total lines of code: 34136
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
-
Added: Token renewal window customization. Developers may now customize the length of time between token expiration and token renewal. (Max: 20 minutes)
from falconpy import APIHarness from falconpy import OAuth2 uber = APIHarness(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=300) service = OAuth2(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=60)
_service_class.pyapi_complete.pyoauth2.pytests/test_authentications.py- Thank you to @tsullivan06 for this contribution!
-
Added: Error handling for when calling
query_vulnerabilities_combined(combinedQueryVulnerabilities) without specifying afilterargument. (Must be present as a keyword or as part of theparametersdictionary.)spotlight_vulnerabilities.pytests/test_spotlight_vulnerabilities.py- Thank you to @tsullivan06 for this contribution!
-
Added: Export of
ServiceClassgeneric base class as part of__all__within__init__.py. This change will allow developers to inherit from the Service Class base class without importing a protected module (which generates a warning in some editors).from falconpy import ServiceClass
__init__.py- Thank you to @morcef for this contribution!
Issues resolved
- Fixed: Authentication issue when provided a base_url containing a trailing backslash.
_util.pytests/test_authorizations.py- Thanks to @mwb8 for identifying and reporting this issue!