FalconPy v1.6.1
This update implements new operations and service collections. Multiple bug fixes are also included.
- Enhancement
- Bug fixes
- Updated unit tests
- Code sample
Unit test coverage
Name Stmts Miss Cover
-------------------------------------------------------------------------------------------
src/falconpy/__init__.py 132 0 100%
src/falconpy/_api_request/__init__.py 7 0 100%
src/falconpy/_api_request/_request.py 112 0 100%
src/falconpy/_api_request/_request_behavior.py 64 0 100%
src/falconpy/_api_request/_request_connection.py 8 0 100%
src/falconpy/_api_request/_request_meta.py 26 0 100%
src/falconpy/_api_request/_request_payloads.py 8 0 100%
src/falconpy/_api_request/_request_validator.py 6 0 100%
src/falconpy/_auth_object/__init__.py 6 0 100%
src/falconpy/_auth_object/_base_falcon_auth.py 13 0 100%
src/falconpy/_auth_object/_bearer_token.py 63 0 100%
src/falconpy/_auth_object/_falcon_interface.py 279 0 100%
src/falconpy/_auth_object/_interface_config.py 41 0 100%
src/falconpy/_auth_object/_uber_interface.py 51 0 100%
src/falconpy/_constant/__init__.py 12 0 100%
src/falconpy/_endpoint/__init__.py 306 0 100%
src/falconpy/_endpoint/_admission_control_policies.py 1 0 100%
src/falconpy/_endpoint/_alerts.py 1 0 100%
src/falconpy/_endpoint/_api_integrations.py 1 0 100%
src/falconpy/_endpoint/_aspm.py 1 0 100%
src/falconpy/_endpoint/_cao_hunting.py 1 0 100%
src/falconpy/_endpoint/_case_management.py 1 0 100%
src/falconpy/_endpoint/_certificate_based_exclusions.py 1 0 100%
src/falconpy/_endpoint/_cloud_aws_registration.py 1 0 100%
src/falconpy/_endpoint/_cloud_azure_registration.py 1 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cloud_google_cloud_registration.py 1 0 100%
src/falconpy/_endpoint/_cloud_oci_registration.py 1 0 100%
src/falconpy/_endpoint/_cloud_policies.py 1 0 100%
src/falconpy/_endpoint/_cloud_security.py 1 0 100%
src/falconpy/_endpoint/_cloud_security_assets.py 1 0 100%
src/falconpy/_endpoint/_cloud_security_compliance.py 1 0 100%
src/falconpy/_endpoint/_cloud_security_detections.py 1 0 100%
src/falconpy/_endpoint/_cloud_snapshots.py 1 0 100%
src/falconpy/_endpoint/_configuration_assessment.py 1 0 100%
src/falconpy/_endpoint/_configuration_assessment_evaluation_logic.py 1 0 100%
src/falconpy/_endpoint/_container_alerts.py 1 0 100%
src/falconpy/_endpoint/_container_detections.py 1 0 100%
src/falconpy/_endpoint/_container_image_compliance.py 1 0 100%
src/falconpy/_endpoint/_container_images.py 1 0 100%
src/falconpy/_endpoint/_container_packages.py 1 0 100%
src/falconpy/_endpoint/_container_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_content_update_policies.py 1 0 100%
src/falconpy/_endpoint/_correlation_rules.py 1 0 100%
src/falconpy/_endpoint/_correlation_rules_admin.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_custom_storage.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_data_protection_configuration.py 1 0 100%
src/falconpy/_endpoint/_delivery_settings.py 1 0 100%
src/falconpy/_endpoint/_deployments.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_content.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_discover.py 1 0 100%
src/falconpy/_endpoint/_downloads.py 1 0 100%
src/falconpy/_endpoint/_drift_indicators.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_exposure_management.py 1 0 100%
src/falconpy/_endpoint/_faas_execution.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_fdr.py 1 0 100%
src/falconpy/_endpoint/_filevantage.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_foundry_logscale.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_host_migration.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_image_assessment_policies.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_intelligence_feeds.py 1 0 100%
src/falconpy/_endpoint/_intelligence_indicator_graph.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_it_automation.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_container_compliance.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_message_center.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mobile_enrollment.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_ngsiem.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_ods.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_quick_scan_pro.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_audit.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_saas_security.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_usage.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_serverless_exports.py 1 0 100%
src/falconpy/_endpoint/_serverless_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_spotlight_evaluation_logic.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerability_metadata.py 1 0 100%
src/falconpy/_endpoint/_tailored_intelligence.py 1 0 100%
src/falconpy/_endpoint/_threatgraph.py 1 0 100%
src/falconpy/_endpoint/_unidentified_containers.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_workflows.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 93 0 100%
src/falconpy/_endpoint/deprecated/_admission_control_policies.py 1 0 100%
src/falconpy/_endpoint/deprecated/_alerts.py 1 0 100%
src/falconpy/_endpoint/deprecated/_aspm.py 1 0 100%
src/falconpy/_endpoint/deprecated/_case_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_certificate_based_exclusions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_aws_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_azure_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_google_cloud_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_oci_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_security.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_security_assets.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_security_compliance.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cloud_security_detections.py 1 0 100%
src/falconpy/_endpoint/deprecated/_correlation_rules.py 1 0 100%
src/falconpy/_endpoint/deprecated/_correlation_rules_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_data_protection_configuration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_detects.py 1 0 100%
src/falconpy/_endpoint/deprecated/_device_content.py 1 0 100%
src/falconpy/_endpoint/deprecated/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/deprecated/_discover.py 1 0 100%
src/falconpy/_endpoint/deprecated/_downloads.py 1 0 100%
src/falconpy/_endpoint/deprecated/_exposure_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_fdr.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_hosts.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_mapping.py 2 0 100%
src/falconpy/_endpoint/deprecated/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_mssp.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ngsiem.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ods.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/deprecated/_user_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_workflows.py 1 0 100%
src/falconpy/_endpoint/deprecated/_zero_trust_assessment.py 1 0 100%
src/falconpy/_enum/__init__.py 7 0 100%
src/falconpy/_enum/_base_url.py 8 0 100%
src/falconpy/_enum/_container_base_url.py 7 0 100%
src/falconpy/_enum/_ingest_base_url.py 6 0 100%
src/falconpy/_enum/_ingest_format.py 6 0 100%
src/falconpy/_enum/_timeunit.py 5 0 100%
src/falconpy/_enum/_token_fail_reason.py 4 0 100%
src/falconpy/_error/__init__.py 3 0 100%
src/falconpy/_error/_exceptions.py 77 0 100%
src/falconpy/_error/_warnings.py 76 0 100%
src/falconpy/_helper/__init__.py 17 0 100%
src/falconpy/_helper/_find_operation.py 38 0 100%
src/falconpy/_helper/_indicator.py 36 0 100%
src/falconpy/_helper/_text_colors.py 16 0 100%
src/falconpy/_log/__init__.py 2 0 100%
src/falconpy/_log/_facility.py 41 0 100%
src/falconpy/_ngsiem/__init__.py 3 0 100%
src/falconpy/_ngsiem/_hec.py 301 0 100%
src/falconpy/_ngsiem/_ingest_config.py 72 0 100%
src/falconpy/_ngsiem/_ingest_payload.py 127 0 100%
src/falconpy/_ngsiem/_session_manager.py 49 0 100%
src/falconpy/_payload/__init__.py 53 0 100%
src/falconpy/_payload/_admission_control_policies.py 11 0 100%
src/falconpy/_payload/_alerts.py 19 0 100%
src/falconpy/_payload/_api_integrations.py 25 0 100%
src/falconpy/_payload/_aspm.py 126 0 100%
src/falconpy/_payload/_case_management.py 106 0 100%
src/falconpy/_payload/_certificate_based_exclusions.py 24 0 100%
src/falconpy/_payload/_cloud_aws_registration.py 13 0 100%
src/falconpy/_payload/_cloud_azure_registration.py 29 0 100%
src/falconpy/_payload/_cloud_google_cloud_registration.py 11 0 100%
src/falconpy/_payload/_cloud_oci_registration.py 35 0 100%
src/falconpy/_payload/_cloud_policies.py 72 0 100%
src/falconpy/_payload/_cloud_security.py 8 0 100%
src/falconpy/_payload/_cloud_snapshots.py 22 0 100%
src/falconpy/_payload/_container.py 90 0 100%
src/falconpy/_payload/_content_update_policy.py 23 0 100%
src/falconpy/_payload/_correlation_rules.py 33 0 100%
src/falconpy/_payload/_correlation_rules_admin.py 8 0 100%
src/falconpy/_payload/_cspm_registration.py 71 0 100%
src/falconpy/_payload/_d4c_registration.py 38 0 100%
src/falconpy/_payload/_data_protection_configuration.py 97 0 100%
src/falconpy/_payload/_delivery_settings.py 10 0 100%
src/falconpy/_payload/_device_control_policy.py 64 0 100%
src/falconpy/_payload/_exposure_management.py 31 0 100%
src/falconpy/_payload/_falconx.py 25 0 100%
src/falconpy/_payload/_filevantage.py 46 0 100%
src/falconpy/_payload/_firewall.py 122 0 100%
src/falconpy/_payload/_foundry.py 16 0 100%
src/falconpy/_payload/_generic.py 71 0 100%
src/falconpy/_payload/_host_group.py 31 0 100%
src/falconpy/_payload/_identity_protection.py 11 0 100%
src/falconpy/_payload/_incidents.py 15 0 100%
src/falconpy/_payload/_intelligence_indicator_graph.py 0 0 100%
src/falconpy/_payload/_ioa_exclusions.py 54 0 100%
src/falconpy/_payload/_ioc.py 52 0 100%
src/falconpy/_payload/_it_automation.py 91 0 100%
src/falconpy/_payload/_malquery.py 56 0 100%
src/falconpy/_payload/_message_center.py 22 0 100%
src/falconpy/_payload/_ml_exclusions.py 28 0 100%
src/falconpy/_payload/_mobile_enrollment.py 12 0 100%
src/falconpy/_payload/_mssp.py 15 0 100%
src/falconpy/_payload/_ngsiem.py 63 0 100%
src/falconpy/_payload/_ods.py 13 0 100%
src/falconpy/_payload/_prevention_policy.py 19 0 100%
src/falconpy/_payload/_real_time_response.py 27 0 100%
src/falconpy/_payload/_recon.py 84 0 100%
src/falconpy/_payload/_reports.py 19 0 100%
src/falconpy/_payload/_response_policy.py 19 0 100%
src/falconpy/_payload/_sample_uploads.py 9 0 100%
src/falconpy/_payload/_sensor_update_policy.py 38 0 100%
src/falconpy/_payload/_serverless_exports.py 7 0 100%
src/falconpy/_payload/_workflows.py 43 0 100%
src/falconpy/_result/__base_resource.py 28 0 100%
src/falconpy/_result/__init__.py 9 0 100%
src/falconpy/_result/_base_dictionary.py 31 0 100%
src/falconpy/_result/_errors.py 2 0 100%
src/falconpy/_result/_expanded_result.py 7 0 100%
src/falconpy/_result/_headers.py 24 0 100%
src/falconpy/_result/_meta.py 30 0 100%
src/falconpy/_result/_resources.py 14 0 100%
src/falconpy/_result/_response_component.py 24 0 100%
src/falconpy/_result/_result.py 220 0 100%
src/falconpy/_service_class/__init__.py 3 0 100%
src/falconpy/_service_class/_base_service_class.py 119 0 100%
src/falconpy/_service_class/_service_class.py 117 0 100%
src/falconpy/_util/__init__.py 5 0 100%
src/falconpy/_util/_auth.py 47 0 100%
src/falconpy/_util/_functions.py 454 0 100%
src/falconpy/_util/_service.py 3 0 100%
src/falconpy/_util/_uber.py 53 0 100%
src/falconpy/_version.py 38 0 100%
src/falconpy/admission_control_policies.py 107 0 100%
src/falconpy/alerts.py 69 0 100%
src/falconpy/api_complete/__init__.py 3 0 100%
src/falconpy/api_complete/_advanced.py 62 0 100%
src/falconpy/api_complete/_legacy.py 202 0 100%
src/falconpy/api_integrations.py 23 0 100%
src/falconpy/aspm.py 332 0 100%
src/falconpy/cao_hunting.py 39 0 100%
src/falconpy/case_management.py 288 0 100%
src/falconpy/certificate_based_exclusions.py 35 0 100%
src/falconpy/cloud_aws_registration.py 48 0 100%
src/falconpy/cloud_azure_registration.py 54 0 100%
src/falconpy/cloud_google_cloud_registration.py 41 0 100%
src/falconpy/cloud_oci_registration.py 45 0 100%
src/falconpy/cloud_policies.py 149 0 100%
src/falconpy/cloud_security.py 39 0 100%
src/falconpy/cloud_security_assets.py 22 0 100%
src/falconpy/cloud_security_compliance.py 14 0 100%
src/falconpy/cloud_security_detections.py 18 0 100%
src/falconpy/cloud_snapshots.py 41 0 100%
src/falconpy/configuration_assessment.py 14 0 100%
src/falconpy/configuration_assessment_evaluation_logic.py 10 0 100%
src/falconpy/container_alerts.py 18 0 100%
src/falconpy/container_detections.py 34 0 100%
src/falconpy/container_image_compliance.py 51 0 100%
src/falconpy/container_images.py 60 0 100%
src/falconpy/container_packages.py 34 0 100%
src/falconpy/container_vulnerabilities.py 47 0 100%
src/falconpy/content_update_policies.py 59 0 100%
src/falconpy/correlation_rules.py 93 0 100%
src/falconpy/correlation_rules_admin.py 13 0 100%
src/falconpy/cspm_registration.py 221 0 100%
src/falconpy/custom_ioa.py 92 0 100%
src/falconpy/custom_storage.py 194 0 100%
src/falconpy/d4c_registration.py 121 0 100%
src/falconpy/data_protection_configuration.py 231 0 100%
src/falconpy/delivery_settings.py 16 0 100%
src/falconpy/deployments.py 38 0 100%
src/falconpy/device_content.py 14 0 100%
src/falconpy/device_control_policies.py 110 0 100%
src/falconpy/discover.py 48 0 100%
src/falconpy/downloads.py 22 0 100%
src/falconpy/drift_indicators.py 26 0 100%
src/falconpy/event_streams.py 21 0 100%
src/falconpy/exposure_management.py 64 0 100%
src/falconpy/faas_execution.py 10 0 100%
src/falconpy/falcon_complete_dashboard.py 107 0 100%
src/falconpy/falcon_container.py 102 0 100%
src/falconpy/falconx_sandbox.py 98 0 100%
src/falconpy/fdr.py 25 0 100%
src/falconpy/filevantage.py 160 0 100%
src/falconpy/firewall_management.py 140 0 100%
src/falconpy/firewall_policies.py 72 0 100%
src/falconpy/foundry_logscale.py 105 0 100%
src/falconpy/host_group.py 62 0 100%
src/falconpy/host_migration.py 89 0 100%
src/falconpy/hosts.py 122 0 100%
src/falconpy/identity_protection.py 52 0 100%
src/falconpy/image_assessment_policies.py 64 0 100%
src/falconpy/incidents.py 42 0 100%
src/falconpy/installation_tokens.py 44 0 100%
src/falconpy/intel.py 116 0 100%
src/falconpy/intelligence_feeds.py 18 0 100%
src/falconpy/intelligence_indicator_graph.py 24 0 100%
src/falconpy/ioa_exclusions.py 84 0 100%
src/falconpy/ioc.py 95 0 100%
src/falconpy/iocs.py 41 0 100%
src/falconpy/it_automation.py 212 0 100%
src/falconpy/kubernetes_container_compliance.py 47 0 100%
src/falconpy/kubernetes_protection.py 281 0 100%
src/falconpy/malquery.py 52 0 100%
src/falconpy/message_center.py 79 0 100%
src/falconpy/ml_exclusions.py 97 0 100%
src/falconpy/mobile_enrollment.py 20 0 100%
src/falconpy/mssp.py 175 0 100%
src/falconpy/ngsiem.py 370 0 100%
src/falconpy/oauth2.py 32 0 100%
src/falconpy/ods.py 75 0 100%
src/falconpy/prevention_policy.py 63 0 100%
src/falconpy/quarantine.py 47 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/quick_scan_pro.py 50 0 100%
src/falconpy/real_time_response.py 129 0 100%
src/falconpy/real_time_response_admin.py 106 0 100%
src/falconpy/real_time_response_audit.py 11 0 100%
src/falconpy/recon.py 130 0 100%
src/falconpy/report_executions.py 25 0 100%
src/falconpy/response_policies.py 62 0 100%
src/falconpy/saas_security.py 101 0 100%
src/falconpy/sample_uploads.py 94 0 100%
src/falconpy/scheduled_reports.py 21 0 100%
src/falconpy/sensor_download.py 73 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_usage.py 14 0 100%
src/falconpy/sensor_visibility_exclusions.py 32 0 100%
src/falconpy/serverless_exports.py 25 0 100%
src/falconpy/serverless_vulnerabilities.py 10 0 100%
src/falconpy/spotlight_evaluation_logic.py 28 0 100%
src/falconpy/spotlight_vulnerabilities.py 32 0 100%
src/falconpy/spotlight_vulnerability_metadata.py 10 0 100%
src/falconpy/tailored_intelligence.py 42 0 100%
src/falconpy/threatgraph.py 30 0 100%
src/falconpy/unidentified_containers.py 18 0 100%
src/falconpy/user_management.py 166 0 100%
src/falconpy/workflows.py 134 0 100%
src/falconpy/zero_trust_assessment.py 24 0 100%
-------------------------------------------------------------------------------------------
TOTAL 13552 0 100%Bandit analysis
[main] INFO running on Python 3.13.3
Run started:2026-03-18 22:53:20.160367
Test results:
No issues identified.
Code scanned:
Total lines of code: 125704
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 0
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 0
High: 0
Files skipped (0):Added features and functionality
-
Added: New Admission Control Policies service collection with 15 operations.
- admission_control_get_policies
- admission_control_create_policy
- admission_control_update_policy
- admission_control_delete_policies
- admission_control_add_host_groups
- admission_control_remove_host_groups
- admission_control_update_policy_precedence
- admission_control_add_rule_group_custom_rule
- admission_control_remove_rule_group_custom_rule
- admission_control_set_rule_group_precedence
- admission_control_replace_rule_group_selectors
- admission_control_create_rule_groups
- admission_control_update_rule_groups
- admission_control_delete_rule_groups
- admission_control_query_policies
_endpoint/__init__.py_endpoint/_admission_control_policies.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_admission_control_policies.py_payload/__init__.py_payload/_admission_control_policies.py__init__.pyadmission_control_policies.py
Unit testing expanded to complete code coverage.
tests/test_admission_control_policies.py
-
Added: Added two new operations to the Workflows service collection.
- WorkflowExecuteSingleNodeV1
- v1_child_executions_query
_endpoint/__init__.py_endpoint/_workflows.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_workflows.pyworkflows.py
Unit testing expanded to complete code coverage.
tests/test_workflows.py
-
Added: Added
offsetandlimitparameters to the WorkflowTriggersCombined operation within the Workflows service collection._endpoint/_workflows.pyworkflows.py
-
Added: Added
triggered_custom_ioaas an allowed value for theedge_typeargument in the combined_edges_get operation within the Threat Graph service collection._endpoint/_threatgraph.pythreatgraph.py
-
Added: Added
custom_ioaandcustom_ioasas allowed values for thevertex_typeargument in the combined_summary_get, entities_vertices_get, and entities_vertices_getv2 operations within the Threat Graph service collection._endpoint/_threatgraph.pythreatgraph.py
-
Added: Added four new operations to the Sensor Download service collection.
- GetCombinedSensorInstallersByQueryV3
- DownloadSensorInstallerByIdV3
- GetSensorInstallersEntitiesV3
- GetSensorInstallersByQueryV3
_endpoint/_sensor_download.pysensor_download.py
Unit testing expanded to complete code coverage.
tests/test_sensor_download.py
-
Added: Added
passwordandX-File-Passwordparameters to the UploadFileQuickScanPro operation within the Quick Scan Pro service collection._endpoint/_quick_scan_pro.pyquick_scan_pro.py
Unit testing expanded to complete code coverage.
tests/test_quick_scan_pro.py
-
Added: Added nine new operations to the ML Exclusions service collection.
- exclusions_aggregates_v2
- exclusions_get_all_v2
- exclusions_perform_action_v2
- exclusions_get_reports_v2
- exclusions_get_v2
- exclusions_create_v2
- exclusions_update_v2
- exclusions_delete_v2
- exclusions_search_v2
_endpoint/__init__.py_endpoint/_ml_exclusions.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_ml_exclusions.py_payload/__init__.py_payload/_ml_exclusions.pyml_exclusions.py
Unit testing expanded to complete code coverage.
tests/test_ml_exclusions.py
-
Added: Added
group_idsandgroup_namesas allowed values for thefilterandsortarguments in the ITAutomationCombinedScheduledTasks and ITAutomationSearchScheduledTasks operations within the IT Automation service collection._endpoint/_it_automation.pyit_automation.py
-
Added: Added nine new operations to the IOA Exclusions service collection.
- ss_ioa_exclusions_aggregates_v2
- ss_ioa_exclusions_get_reports_v2
- ss_ioa_exclusions_get_v2
- ss_ioa_exclusions_create_v2
- ss_ioa_exclusions_update_v2
- ss_ioa_exclusions_delete_v2
- ss_ioa_exclusions_matched_rule_v2
- ss_ioa_exclusions_new_rules_v2
- ss_ioa_exclusions_search_v2
_endpoint/__init__.py_endpoint/_ioa_exclusions.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_ioa_exclusions.py_payload/__init__.py_payload/_ioa.pyioa_exclusions.py
Unit testing expanded to complete code coverage.
tests/test_ioa_exclusions.py
-
Updated: Added deprecation notices to all operations within the Incidents service collection (API will be removed in March 2026).
_endpoint/_incidents.pyincidents.py
-
Added: Added three new operations to the Correlation Rules service collection.
- entities_templates_rules_post_v1
- entities_templates_get_v1Mixin0
- queries_templates_get_v1Mixin0
_endpoint/_correlation_rules.py_endpoint/deprecated/_correlation_rules.py_payload/__init__.py_payload/_correlation_rules.pycorrelation_rules.py
Unit testing expanded to complete code coverage.
tests/test_correlation_rules.py
-
Added: Added
categoryas an allowed filter field in the query_applications operation within the Discover service collection._endpoint/_discover.py_endpoint/deprecated/_discover.py
-
Added: Added
tags_stringas an allowed filter field in the cloud_compliance_framework_posture_summaries and cloud_compliance_rule_posture_summaries operations within the Cloud Security Compliance service collection._endpoint/_cloud_security_compliance.py_endpoint/deprecated/_cloud_security_compliance.pycloud_security_compliance.py
-
Added: Added
gcrnparameter to the combined_application_findings operation within the Cloud Security Assets service collection (deprecating thecrnparameter)._endpoint/_cloud_security_assets.py_endpoint/deprecated/_cloud_security_assets.py
-
Added: Added
cloud_risks.rule,cloud_risks.severity, andcloud_risks.statusas allowed filter fields in the cloud_security_assets_queries operation within the Cloud Security Assets service collection._endpoint/_cloud_security_assets.py_endpoint/deprecated/_cloud_security_assets.pycloud_security_assets.py
Unit testing expanded to complete code coverage.
tests/test_cloud_security_assets.py
-
Added: Added
cloud_risks.open_risk_count,publiclyExposedToTheInternet,publiclyExposedAccessRange, andpubliclyExposedExposureMethodas allowed sort fields in the cloud_security_assets_queries operation within the Cloud Security Assets service collection._endpoint/_cloud_security_assets.py_endpoint/deprecated/_cloud_security_assets.py
-
Added: Added
organization_idsparameter to the cloud_registration_aws_get_accounts operation within the Cloud AWS Registration service collection._endpoint/_cloud_aws_registration.py_endpoint/deprecated/_cloud_aws_registration.pycloud_aws_registration.py
Unit testing expanded to complete code coverage.
tests/test_cloud_aws_registration.py
-
Added: Added five new operations to the Cloud Policies service collection.
- GetSuppressionRules
- CreateSuppressionRule
- UpdateSuppressionRule
- DeleteSuppressionRules
- QuerySuppressionRules
_endpoint/_cloud_policies.py_payload/__init__.py_payload/_cloud_policies.pycloud_policies.py
Unit testing expanded to complete code coverage.
tests/test_cloud_policies.py
-
Added: Added
rule_category,rule_cloneable,rule_compliance_benchmark_uuid,rule_resource_type_name, andrule_risk_factoras allowed filter and sort fields in the QueryRules operation within the Cloud Policies service collection._endpoint/_cloud_policies.pycloud_policies.py
-
Updated: Updated the CreateRule operation description within the Cloud Policies service collection to document rule severity mapping and Runtime IOM Custom Rule requirements.
_endpoint/_cloud_policies.pycloud_policies.py
-
Added: Added eight new operations to the ASPM service collection.
- PostGroupV2
- DeleteGroup
- UpdateDefaultGroup
- GetGroupV2
- UpdateGroup
- GetGroupHierarchy
- GetGroupsV2
- GetUsersV2
_endpoint/_aspm.py_payload/__init__.py_payload/_aspm.pyaspm.py
Unit testing expanded to complete code coverage.
tests/test_aspm.py
-
Deprecated: Overwatch Dashboard service collection.
__init__.py_endpoint/__init__.py_endpoint/_overwatch_dashboard.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_overwatch_dashboard.pyoverwatch_dashboard.pytests/test_overwatch_dashboard.py
-
Added: Added 6 new operations to the Case Management service collection.
- queries_access_tags_get_v1
- entities_access_tags_get_v1
- aggregates_access_tags_post_v1
- entities_retrieve_rtr_recent_file_post_v1
- entities_get_rtr_file_metadata_post_v1
- entities_retrieve_rtr_file_post_v1
_endpoint/_case_management.py_endpoint/deprecated/_case_management.py_payload/__init__.py_payload/_case_management.pycase_management.py
Unit testing expanded to complete code coverage.
tests/test_case_management.py
-
Added: Added new cloud_registration_gcp_get_entities operation to the Cloud Google Cloud Registration service collection.
_endpoint/_cloud_google_cloud_registration.py_endpoint/deprecated/_cloud_google_cloud_registration.pycloud_google_cloud_registration.py
Unit testing expanded to complete code coverage.
tests/test_cloud_google_cloud_registration.py
-
Added: Added new cspm_evaluations_combined_iom_by_rule operation to the Cloud Security Detections service collection.
_endpoint/_cloud_security_detections.py_endpoint/deprecated/_cloud_security_detections.pycloud_security_detections.py
Unit testing expanded to complete code coverage.
tests/test_cloud_security_detections.py
-
Added: Added 11 new operations for the Data Protection Configuration service collection.
- entities_policy_precedence_post_v1
- entities_local_application_get
- entities_local_application_create
- entities_local_application_patch
- entities_local_application_delete
- entities_local_application_group_get
- entities_local_application_group_create
- entities_local_application_group_patch
- entities_local_application_group_delete
- queries_local_application_get
- queries_local_application_group_get
_endpoint/_data_protection_configuration.py_endpoint/deprecated/_data_protection_configuration.py_payload/__init__.py_payload/_data_protection_configuration.pydata_protection_configuration.py
Unit testing expanded to complete code coverage.
tests/test_data_protection_configuration.py
-
Added: Added
properties.content_patterns_operatoras a supported filter field in the queries_classification_get_v2 operation within the Data Protection Configuration service collection._endpoint/_data_protection_configuration.pydata_protection_configuration.py
-
Removed: Removed deprecated AggregateDetections and QueryDetectionIdsByFilter operations from the Falcon Complete Dashboard service collection.
_endpoint/_falcon_complete_dashboard.py_endpoint/deprecated/_falcon_complete_dashboard.pyfalcon_complete_dashboard.py
-
Updated: Renamed GetAWSAccounts to GetAWSAccountsMixin0 and DeleteAWSAccounts to DeleteAWSAccountsMixin0 in the Kubernetes Protection service collection. Old names are retained for backward compatibility.
_endpoint/_kubernetes_protection.py_endpoint/deprecated/_kubernetes_protection.pykubernetes_protection.py
-
Added: Added
cloud_account_id,cloud_name,cloud_region,cluster_id,cluster_name, andnamespaceas supported filter fields in the ReadClusterEnrichment, ReadContainerEnrichment, ReadDeploymentEnrichment, ReadNodeEnrichment, and ReadPodEnrichment operations within the Kubernetes Protection service collection._endpoint/_kubernetes_protection.pykubernetes_protection.py
-
Added: Added
include_countsas a query parameter to the ReadClusterCombinedV2 operation within the Kubernetes Protection service collection._endpoint/_kubernetes_protection.pykubernetes_protection.py
-
Added: Added
cloud_account_id,cloud_name,cloud_region,cluster_id,cluster_name,image_name, andnamespaceas supported filter fields in the ReadRunningContainerImages operation within the Kubernetes Protection service collection._endpoint/_kubernetes_protection.pykubernetes_protection.py
-
Updated: Updated
limitrange from 1-500 to 0-1000, correctedoffsettype from String to Integer, and documented supported values forstatusin the GetAWSAccountsMixin0 operation within the Kubernetes Protection service collection.kubernetes_protection.py
-
Added: Added eighteen new operations to the NGSIEM service collection.
- UpdateLookupFileEntries
- ExternalListDataConnections
- ExternalListDataConnectors
- ExternalGetDataConnectionStatus
- ExternalUpdateDataConnectionStatus
- ExternalGetDataConnectionToken
- ExternalRegenerateDataConnectionToken
- ExternalGetDataConnectionByID
- ExternalCreateDataConnection
- ExternalUpdateDataConnection
- ExternalDeleteDataConnection
- ExternalListConnectorConfigs
- ExternalCreateConnectorConfig
- ExternalPatchConnectorConfig
- ExternalDeleteConnectorConfigs
- UpdateParserAutoUpdatePolicy
- InstallParser
- BulkInstallParsers
- UpdateParserFromTemplate
_endpoint/_ngsiem.py_endpoint/deprecated/_ngsiem.py_payload/__init__.py_payload/_ngsiem.pyngsiem.py
Unit testing expanded to complete code coverage.
tests/test_ngsiem.py
-
Added: Added
update_availableandparser_typeas fields to the ListParsers operation within the NGSIEM service collection._endpoint/_ngsiem.pyngsiem.py
-
Added: New Serverless Exports service collection with 4 operations.
- QueryExportJobsMixin0
- LaunchExportJobMixin0
- ReadExportJobsMixin0
- DownloadExportFileMixin0
_endpoint/_serverless_exports.py_payload/_serverless_exports.pyserverless_exports.py
Unit testing expanded to complete code coverage.
tests/test_serverless_exports.py
-
Added: Added one new operation to the Spotlight Evaluation Logic service collection.
- combinedSupportedEvaluationExt
_endpoint/_spotlight_evaluation_logic.pyspotlight_evaluation_logic.py
Unit testing expanded to complete code coverage.
tests/test_spotlight_evaluation_logic.py
-
Added: Added
cve_reachableas an allowed filter field in the get_vulnerabilities operation within the Serverless Vulnerabilities service collection._endpoint/_serverless_vulnerabilities.py_endpoint/deprecated/_serverless_vulnerabilities.pyserverless_vulnerabilities.py
-
Added: Added
cloud_account_id,cloud_name,cloud_region, andcluster_idas allowed filter fields in the read_count_by_date_range, read_count, and search_and_read operations within the Unidentified Containers service collection._endpoint/_unidentified_containers.py_endpoint/deprecated/_unidentified_containers.pyunidentified_containers.py
-
Added: Added
cid_name,created_at,last_login_at,status, andtemporarily_assigned_cidsas allowed sort values for the query_users operation within the User Management service collection._endpoint/_user_management.py_endpoint/deprecated/_user_management.pyuser_management.py
-
Added: Added 11 new sort fields including
device_policies.application-abuse-prevention,device_policies.data-protection-cloud,device_policies.identity-endpoint,pointer_size, andsafe_modeto the combined_hidden_devices_by_filter and query_devices_by_filter_combined operations within the Hosts service collection._endpoint/_hosts.py_endpoint/deprecated/_hosts.pyhosts.py
-
Added: Added
index_digestas an allowed filter field in the AggregateImageCountByBaseOS, AggregateImageCountByState, AggregateImageCount, CombinedImageIssuesSummary, GetCombinedImages, CombinedImageDetail, and ReadCombinedImagesExport operations within the Container Images service collection._endpoint/_container_images.pycontainer_images.py
-
Added: Added
ai_related,ai_vulnerability_count, andai_vulnerabilitiesas allowed filter and sort fields in the AggregateImageCount, CombinedImageIssuesSummary, and ReadCombinedImagesExport operations within the Container Images service collection.container_images.py
-
Added: Added
ai_relatedandindex_digestas allowed filter fields in the ReadVulnerabilityCountByActivelyExploited, ReadVulnerabilityCountByCPSRating, ReadVulnerabilityCountByCVSSScore, ReadVulnerabilityCountBySeverity, ReadVulnerabilityCount, and ReadCombinedVulnerabilities operations within the Container Vulnerabilities service collection._endpoint/_container_vulnerabilities.pycontainer_vulnerabilities.py
-
Added: Added
notification_group_id,credentials_url,credentials_domain,credentials_ip,domain,credential_status,bot.operating_system.hardware_id, andbot.bot_idas allowed filter fields in the QueryNotificationsExposedDataRecordsV1 operation within the Recon service collection.recon.py
-
Added: Added new incrementUninstallToken operation to the Sensor Update Policy service collection.
_endpoint/_sensor_update_policy.py_payload/__init__.py_payload/_sensor_update_policy.pysensor_update_policy.py
-
Added: Added
add-rule-groupandremove-rule-groupas allowed action values in the performSensorUpdatePoliciesAction operation within the Sensor Update Policy service collection.sensor_update_policy.py
-
Added: Added
risk_providerparameter to the getCombinedVulnerabilitiesMetadata operation within the Spotlight Vulnerability Metadata service collection._endpoint/_spotlight_vulnerability_metadata.py_endpoint/deprecated/_spotlight_vulnerability_metadata.pyspotlight_vulnerability_metadata.py
-
Deprecated: Deprecated four operations within the Alerts service collection: PostAggregatesAlertsV1, PostEntitiesAlertsV1, PatchEntitiesAlertsV2, and GetQueriesAlertsV1.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_alerts.py
-
Deprecated: Deprecated one operation within the CSPM Registration service collection: GetConfigurationDetections.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_cspm_registration.py
-
Deprecated: Deprecated four operations within the Detects service collection: GetAggregateDetects, UpdateDetectsByIdsV2, GetDetectSummaries, and QueryDetects.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_detects.py
-
Deprecated: Deprecated five operations within the Device Control Policies service collection: getDefaultDeviceControlPolicies, updateDefaultDeviceControlPolicies, getDeviceControlPolicies, updateDeviceControlPolicies, and createDeviceControlPolicies.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_device_control_policies.py
-
Deprecated: Deprecated three operations within the Downloads service collection: FetchFilesDownloadInfo, DownloadFile, and EnumerateFile.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_downloads.py
-
Deprecated: Deprecated five operations within the MSSP service collection: getCIDGroupMembersBy, deleteCIDGroupMembers, getCIDGroupById, getUserGroupMembersByID, and getUserGroupsByID.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_mssp.py
-
Deprecated: Deprecated one operation within the Sample Uploads service collection: ArchiveUploadV1.
_endpoint/__init__.py_endpoint/deprecated/__init__.py_endpoint/deprecated/_sample_uploads.py
Issues resolved
-
Fixed: Corrected HTTP Method from PATCH to POST for the CreateActionsV1 operation docstring within the Recon service collection.
recon.py
-
Fixed: Swagger URLs within the Cloud Azure Registration service collection.
cloud_azure_registration.py
-
Fixed: Swagger URLs within the Cloud OCI Registration service collection.
cloud_oci_registration.py
-
Fixed: Added missing
idparameter to entities_policy_patch_v2 and entities_classification_patch_v2 operations within the Data Protection Configuration service collection._endpoint/_data_protection_configuration.pydata_protection_configuration.py
-
Fixed: Fixed
expires_timestamptruthiness check in the Installation Tokens payload builder that preventedNonefrom being serialized as JSONnull. Closes #1431._payload/_generic.py
-
Fixed: Fixed route URL formatting for Falcon Container operations that use named
{uuid}path placeholders. Positional.format()was replaced with keyword.format(uuid=...)to correctly substitute the UUID in routes like/image-assessment/entities/reports/v2/{uuid}._util/_functions.py
-
Fixed: Added validation to the
base_urlsetter inInterfaceConfigurationto preventNone, empty strings, or non-string values from overwriting the base URL._auth_object/_interface_config.py
-
Fixed: Fixed three incorrect aliases in the Case Management service collection. The
aggregates_notification_groups_post_v1andaggregates_notification_groups_post_v2aliases were incorrectly pointing to the entities GET methods instead of the aggregation POST methods, andentities_notification_groups_get_v2was pointing to the v1 method instead of v2.case_management.py
-
Fixed: Resolves GetSearchStatusV1 pagination support. Closes #1383.
- Thanks go out to @jayy-77 for identifying and submitting this fix! 🙇
-
Fixed: Parameter mismatch / alias support in the StopSearchV1 parameter handling. Closes #1398.
- Thanks go out to @jayy-77 for identifying and submitting this fix! 🙇