FalconPy v1.2.4
This update provides 23 new API operations and adds a new Service Class, TailoredIntelligence (includes an additional 5 operations).
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 70 0 100%
src/falconpy/_base_url.py 7 0 100%
src/falconpy/_container_base_url.py 6 0 100%
src/falconpy/_endpoint/__init__.py 127 0 100%
src/falconpy/_endpoint/_alerts.py 1 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_discover.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_filevantage.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_message_center.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mobile_enrollment.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_evaluation_logic.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_tailored_intelligence.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 24 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_discover.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_hosts.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_payload/__init__.py 24 0 100%
src/falconpy/_payload/_alerts.py 11 0 100%
src/falconpy/_payload/_cloud_connect_aws.py 22 0 100%
src/falconpy/_payload/_container.py 7 0 100%
src/falconpy/_payload/_cspm_registration.py 40 0 100%
src/falconpy/_payload/_d4c_registration.py 22 0 100%
src/falconpy/_payload/_detects.py 13 0 100%
src/falconpy/_payload/_device_control_policy.py 13 0 100%
src/falconpy/_payload/_falconx.py 25 0 100%
src/falconpy/_payload/_firewall.py 114 0 100%
src/falconpy/_payload/_generic.py 65 0 100%
src/falconpy/_payload/_host_group.py 30 0 100%
src/falconpy/_payload/_incidents.py 15 0 100%
src/falconpy/_payload/_ioa.py 29 0 100%
src/falconpy/_payload/_ioc.py 50 0 100%
src/falconpy/_payload/_malquery.py 56 0 100%
src/falconpy/_payload/_message_center.py 22 0 100%
src/falconpy/_payload/_mssp.py 15 0 100%
src/falconpy/_payload/_prevention_policy.py 19 0 100%
src/falconpy/_payload/_real_time_response.py 27 0 100%
src/falconpy/_payload/_recon.py 72 0 100%
src/falconpy/_payload/_reports.py 18 0 100%
src/falconpy/_payload/_response_policy.py 19 0 100%
src/falconpy/_payload/_sensor_update_policy.py 24 0 100%
src/falconpy/_result.py 17 0 100%
src/falconpy/_service_class.py 72 0 100%
src/falconpy/_token_fail_reason.py 4 0 100%
src/falconpy/_uber_default_preference.py 3 0 100%
src/falconpy/_util.py 226 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/alerts.py 31 0 100%
src/falconpy/api_complete.py 154 0 100%
src/falconpy/cloud_connect_aws.py 47 0 100%
src/falconpy/cspm_registration.py 122 0 100%
src/falconpy/custom_ioa.py 85 0 100%
src/falconpy/d4c_registration.py 79 0 100%
src/falconpy/detects.py 31 0 100%
src/falconpy/device_control_policies.py 68 0 100%
src/falconpy/discover.py 22 0 100%
src/falconpy/event_streams.py 19 0 100%
src/falconpy/falcon_complete_dashboard.py 76 0 100%
src/falconpy/falcon_container.py 27 0 100%
src/falconpy/falconx_sandbox.py 67 0 100%
src/falconpy/filevantage.py 13 0 100%
src/falconpy/firewall_management.py 100 0 100%
src/falconpy/firewall_policies.py 70 0 100%
src/falconpy/host_group.py 60 0 100%
src/falconpy/hosts.py 91 0 100%
src/falconpy/identity_protection.py 13 0 100%
src/falconpy/incidents.py 40 0 100%
src/falconpy/installation_tokens.py 37 0 100%
src/falconpy/intel.py 63 0 100%
src/falconpy/ioa_exclusions.py 32 0 100%
src/falconpy/ioc.py 81 0 100%
src/falconpy/iocs.py 39 0 100%
src/falconpy/kubernetes_protection.py 49 0 100%
src/falconpy/malquery.py 49 0 100%
src/falconpy/message_center.py 74 0 100%
src/falconpy/ml_exclusions.py 34 0 100%
src/falconpy/mobile_enrollment.py 17 0 100%
src/falconpy/mssp.py 130 0 100%
src/falconpy/oauth2.py 69 0 100%
src/falconpy/overwatch_dashboard.py 30 0 100%
src/falconpy/prevention_policy.py 61 0 100%
src/falconpy/quarantine.py 45 0 100%
src/falconpy/quick_scan.py 26 0 100%
src/falconpy/real_time_response.py 126 0 100%
src/falconpy/real_time_response_admin.py 74 0 100%
src/falconpy/recon.py 97 0 100%
src/falconpy/report_executions.py 23 0 100%
src/falconpy/response_policies.py 60 0 100%
src/falconpy/sample_uploads.py 24 0 100%
src/falconpy/scheduled_reports.py 19 0 100%
src/falconpy/sensor_download.py 32 0 100%
src/falconpy/sensor_update_policy.py 109 0 100%
src/falconpy/sensor_visibility_exclusions.py 32 0 100%
src/falconpy/spotlight_evaluation_logic.py 22 0 100%
src/falconpy/spotlight_vulnerabilities.py 30 0 100%
src/falconpy/tailored_intelligence.py 40 0 100%
src/falconpy/user_management.py 137 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 4268 0 100%Bandit analysis
[main] INFO running on Python 3.9.9
Run started:2022-11-20 21:03:15.089723
Test results:
No issues identified.
Code scanned:
Total lines of code: 39424
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 0
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 0
High: 0
Files skipped (0):Added features and functionality
- Added: New TailoredIntelligence Service Class.
__init__.pytailored_intelligence.py_endpoint/__init__.py_endpoint/_tailored_intelligence.pytests/test_tailored_intelligence.py
Unit testing expanded to complete code coverage.
- Added:
GetD4CAwsAccount,CreateD4CAwsAccount,DeleteD4CAwsAccount,GetD4CAwsConsoleSetupURLs,GetD4CAWSAccountScriptsAttachment, andGetHorizonD4CScriptsoperations to the D4CRegistration Service Class.d4c_registration.py_endpoint/_d4c_registration.py_payload/__init__.py_payload/_d4c_registration.py
Adds one new payload handler.
tests/test_d4c_registration.py
Unit testing expanded to complete code coverage.
- Added:
update_policy_container_v1,create_rule_group_validation,update_rule_group_validation, andvalidate_filepath_patternoperations to the FirewallManagement Service Class.firewall_management.py_endpoint/_firewall_management.py
The legacy operation
update_policy_containernow points to the updated endpoint/fwmgr/entities/policies/v2._payload/__init__.py_payload/_firewall.py
Adds two new payload handlers.
tests/test_firewall_management.py
Unit testing expanded to complete code coverage.
- Added:
indicator_aggregate_v1,action_get_v1,GetIndicatorsReport,action_query_v1,ioc_type_query_v1,platform_query_v1, andseverity_query_v1operations to the IOC Service Class.ioc.py_endpoint/_ioc.py_payload/__init__.py_payload/_ioc.py
Adds one new payload handler.
tests/test_ioc.py
Unit testing expanded to complete code coverage.
- Added: from_parent parameter to the
indicator_delete_v1operation within the IOC Service Class.ioc.py_endpoint/_ioc.py
- Added: timeout and timeout_duration parameters to the
RTR_InitSessionoperation within the RealTimeResponse Service Class.real_time_response.py_endpoint/_real_time_response.py
- Added: host_timeout_duration parameter to the
BatchAdminCmdoperation within the RealTimeResponseAdmin Service Class.real_time_response_admin.py_endpoint/_real_time_response_admin.py
- Added: Maximum and minimum limits for the limit parameter used by the
QueryNotificationsV1operation within the Recon Service Class._endpoint/_recon.py
- Added: New
ReadImageVulnerabilitiesoperation to the FalconContainer Service Class.falcon_container.py_endpoint/_falcon_container.py_payload/__init__.py_payload/_container.py
Adds one new payload handler.
tests/test_falcon_container.py
Unit testing expanded to complete code coverage.
Other
- Updated: Updated the description, changed datatype from
stringtointand added maximum / minimum limits for the offset parameter used by theQueryActionsV1operation within the Recon Service Class._endpoint/_recon.py
- Removed:
X-CS-USERNAMEparameter from all operations within the IOC Service Class._endpoint/_ioc.py
- Updated: query_rule_groups_full and query_rule_groupsMixin0 operations - Removed
descriptionas an available field from enum. Updated operation description._endpoint/_custom_ioa.py
- Updated: Changed collectionFormat value from
csvtomultifor multiple operations within the_endpointmodule._endpoint/_ioa_exclusions.py(getIOAExclusionsV1, deleteIOAExclusionsV1)_endpoint/_ml_exclusions.py(getMLExclusionsV1, deleteMLExclusionsV1)_endpoint/_sensor_visibility_exclusions.py(getSensorVisibilityExclusionsV1, deleteSensorVisibilityExclusionsV1)
- Updated: Removed maxLength and minLength values for multiple operations within the
_endpointmodule._endpoint/_device_control_policies.py(getDeviceControlPolicies, deleteDeviceControlPolicies)_endpoint/_firewall_policies.py(getFirewallPolicies, deleteFirewallPolicies)_endpoint/_host_group.py(getHostGroups, deleteHostGroups)_endpoint/_prevention_policies.py(getPreventionPolicies, deletePreventionPolicies)_endpoint/_response_policies.py(getRTResponsePolicies, deleteRTResponsePolicies)_endpoint/_sensor_update_policies.py(getSensorUpdatePolicies, deleteSensorUpdatePolicies, getSensorUpdatePoliciesV2)
- Updated: GovCloud headers are now returned when providing GovCloud credentials to a commercial cloud region. Deprecated fallback handler within
autodiscover_regionmethod._util.py
This code will be retained for now. As of this version, GovCloud region autodiscovery is not supported.
- Updated: Pinned
setuptoolsversion to 65.5.1 (SNYK-PYTHON-SETUPTOOLS-3113904).requirements-dev.txt