Skip to content

Version 0.5.0

Compare
Choose a tag to compare
@jshcodes jshcodes released this 25 Jun 04:04
· 1366 commits to main since this release
91c802c

FalconPy v0.5.0

This version update implements the following new Service Classes:

  • IOC
  • Kubernetes Protection
  • Recon
  • Response Policies

Implements a minor pattern change and provides new sample source for CSPM registration policy export.

  • Enhancement
  • Major Feature update
  • Updated unit tests

Unit test coverage

Name                                                             Stmts   Miss  Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py                                            10      0   100%
src/falconpy/_endpoint/__init__.py                                  93      0   100%
src/falconpy/_endpoint/_cloud_connect_aws.py                         1      0   100%
src/falconpy/_endpoint/_cspm_registration.py                         1      0   100%
src/falconpy/_endpoint/_custom_ioa.py                                1      0   100%
src/falconpy/_endpoint/_d4c_registration.py                          1      0   100%
src/falconpy/_endpoint/_detects.py                                   1      0   100%
src/falconpy/_endpoint/_device_control_policies.py                   1      0   100%
src/falconpy/_endpoint/_event_streams.py                             1      0   100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py                 1      0   100%
src/falconpy/_endpoint/_falconx_sandbox.py                           1      0   100%
src/falconpy/_endpoint/_firewall_management.py                       1      0   100%
src/falconpy/_endpoint/_firewall_policies.py                         1      0   100%
src/falconpy/_endpoint/_host_group.py                                1      0   100%
src/falconpy/_endpoint/_hosts.py                                     1      0   100%
src/falconpy/_endpoint/_incidents.py                                 1      0   100%
src/falconpy/_endpoint/_installation_tokens.py                       1      0   100%
src/falconpy/_endpoint/_intel.py                                     1      0   100%
src/falconpy/_endpoint/_ioa_exclusions.py                            1      0   100%
src/falconpy/_endpoint/_ioc.py                                       1      0   100%
src/falconpy/_endpoint/_iocs.py                                      1      0   100%
src/falconpy/_endpoint/_kubernetes_protection.py                     1      0   100%
src/falconpy/_endpoint/_malquery.py                                  1      0   100%
src/falconpy/_endpoint/_ml_exclusions.py                             1      0   100%
src/falconpy/_endpoint/_mssp.py                                      1      0   100%
src/falconpy/_endpoint/_oauth2.py                                    1      0   100%
src/falconpy/_endpoint/_overwatch_dashboard.py                       1      0   100%
src/falconpy/_endpoint/_prevention_policies.py                       1      0   100%
src/falconpy/_endpoint/_quick_scan.py                                1      0   100%
src/falconpy/_endpoint/_real_time_response.py                        1      0   100%
src/falconpy/_endpoint/_real_time_response_admin.py                  1      0   100%
src/falconpy/_endpoint/_recon.py                                     1      0   100%
src/falconpy/_endpoint/_response_policies.py                         1      0   100%
src/falconpy/_endpoint/_sample_uploads.py                            1      0   100%
src/falconpy/_endpoint/_sensor_download.py                           1      0   100%
src/falconpy/_endpoint/_sensor_update_policies.py                    1      0   100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py              1      0   100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py                 1      0   100%
src/falconpy/_endpoint/_user_management.py                           1      0   100%
src/falconpy/_endpoint/_zero_trust_assessment.py                     1      0   100%
src/falconpy/_endpoint/deprecated/__init__.py                       14      0   100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py                     1      0   100%
src/falconpy/_endpoint/deprecated/_firewall_management.py            1      0   100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py            1      0   100%
src/falconpy/_endpoint/deprecated/_ioc.py                            1      0   100%
src/falconpy/_endpoint/deprecated/_iocs.py                           1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response.py             1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py       1      0   100%
src/falconpy/_result.py                                              8      0   100%
src/falconpy/_service_class.py                                      45      0   100%
src/falconpy/_util.py                                              142      0   100%
src/falconpy/_version.py                                             8      0   100%
src/falconpy/api_complete.py                                        89      0   100%
src/falconpy/cloud_connect_aws.py                                   74      0   100%
src/falconpy/cspm_registration.py                                  150      0   100%
src/falconpy/custom_ioa.py                                         142      0   100%
src/falconpy/d4c_registration.py                                    70      0   100%
src/falconpy/detects.py                                             34      0   100%
src/falconpy/device_control_policies.py                             77      0   100%
src/falconpy/event_streams.py                                       15      0   100%
src/falconpy/falcon_complete_dashboard.py                          109      0   100%
src/falconpy/falconx_sandbox.py                                     82      0   100%
src/falconpy/firewall_management.py                                148      0   100%
src/falconpy/firewall_policies.py                                   80      0   100%
src/falconpy/host_group.py                                          71      0   100%
src/falconpy/hosts.py                                               64      0   100%
src/falconpy/incidents.py                                           45      0   100%
src/falconpy/installation_tokens.py                                 66      0   100%
src/falconpy/intel.py                                              105      0   100%
src/falconpy/ioa_exclusions.py                                      42      0   100%
src/falconpy/ioc.py                                                 50      0   100%
src/falconpy/iocs.py                                                76      0   100%
src/falconpy/kubernetes_protection.py                               74      0   100%
src/falconpy/malquery.py                                            70      0   100%
src/falconpy/ml_exclusions.py                                       42      0   100%
src/falconpy/mssp.py                                               189      0   100%
src/falconpy/oauth2.py                                              34      0   100%
src/falconpy/overwatch_dashboard.py                                 42      0   100%
src/falconpy/prevention_policy.py                                   82      0   100%
src/falconpy/quick_scan.py                                          29      0   100%
src/falconpy/real_time_response.py                                 147      0   100%
src/falconpy/real_time_response_admin.py                            88      0   100%
src/falconpy/recon.py                                              149      0   100%
src/falconpy/response_policies.py                                   82      0   100%
src/falconpy/sample_uploads.py                                      31      0   100%
src/falconpy/sensor_download.py                                     42      0   100%
src/falconpy/sensor_update_policy.py                               117      0   100%
src/falconpy/sensor_visibility_exclusions.py                        42      0   100%
src/falconpy/spotlight_vulnerabilities.py                           21      0   100%
src/falconpy/user_management.py                                     75      0   100%
src/falconpy/zero_trust_assessment.py                                9      0   100%
------------------------------------------------------------------------------------
TOTAL                                                             3319      0   100%

Bandit analysis

[main]	INFO	running on Python 3.8.5
Run started:2021-06-23 06:10:13.614256

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 21243
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
	Total issues (by confidence):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
Files skipped (0):

Added features and functionality

  • Added: IOC API Service Class (ioc.py)
    • indicator_combined_v1
    • indicator_get_v1
    • indicator_create_v1
    • indicator_delete_v1
    • indicator_update_v1
    • indicator_search_v1
  • Added: Kubernetes Protection API Service Class (kubernetes_protection.py)
    • GetAWSAccountsMixin0
    • CreateAWSAccount
    • DeleteAWSAccountsMixin0
    • UpdateAWSAccount
    • GetLocations
    • GetHelmValuesYaml
    • RegenerateAPIKey
    • GetClusters
    • TriggerScan
  • Added: Recon API Service Class (recon.py)
    • AggregateNotificationsV1
    • PreviewRuleV1
    • GetActionsV1
    • CreateActionsV1
    • DeleteActionV1
    • UpdateActionV1
    • GetNotificationsDetailedTranslatedV1
    • GetNotificationsDetailedV1
    • GetNotificationsTranslatedV1
    • GetNotificationsV1
    • DeleteNotificationsV1
    • UpdateNotificationsV1
    • GetRulesV1
    • CreateRulesV1
    • DeleteRulesV1
    • UpdateRulesV1
    • QueryActionsV1
    • QueryActionsV1
    • QueryNotificationsV1
    • QueryRulesV1
  • Added: Response Policies API Service Class (response_policies.py)
    • queryCombinedRTResponsePolicyMembers
    • queryCombinedRTResponsePolicies
    • performRTResponsePoliciesAction
    • setRTResponsePoliciesPrecedence
    • getRTResponsePolicies
    • createRTResponsePolicies
    • deleteRTResponsePolicies
    • updateRTResponsePolicies
    • queryRTResponsePolicyMembers
    • queryRTResponsePolicies
  • Updated: CSPM Registration API Service Class (cspm_registration.py)
    • Refactored to utilized updated pattern for Service Classes
    • Added: PatchCSPMAwsAccount function
    • Added: UpdateCSPMAzureTenantDefaultSubscriptionID function
    • Added: GetIOAEvents function
    • Added: GetIOAUsers function
    • Updated: Unit tests
  • Updated: Discover for Cloud Registration API Service Class (d4c_registration.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: IOA Exclusions API Service Class (ioa_exclusions.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: IOCs API Service Class (iocs.py)
    • Refactored to utilized updated pattern for Service Classes
    • Updated: Deprecated multiple endpoints as part of the release of the new IOC Service Class (_endpoint/_iocs.py)
  • Updated: Falcon Complete Dashboard API Service Class (falcon_complete_dashboard.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: Falcon Flight Control API Service Class (mssp.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: Installation Tokens API Service Class (installation_tokens.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: Malquery API Service Class (malquery.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: ML Exclusions API Service Class (ml_exclusions.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: Overwatch Dashboard API Service Class (overwatch_dashboard.py)
    • Refactored to remove unnecessary private method call / import of the sys library
  • Updated: Prevention Policies API Service Class (prevention_policy.py)
    • Refactored to utilized updated pattern for Service Classes
    • Updated: Added add-rule-group and remove-rule-group actions to action_name parameter for performPreventionPoliciesAction function. (_endpoint/_prevention_policy.py)
  • Updated: Sensor Visibility Exclusions API Service Class (sensor_visibility_exclusions.py)
    • Refactored to remove unnecessary private method call / import of the sys library

Other

  • Added: CSPM Registration API sample - CSPM registration policy export (Thanks to @mccbryan3 🙇)