Releases: CrowdStrike/falconpy
Releases · CrowdStrike/falconpy
Version 0.4.7
FalconPy v0.4.7
This release contains a new pattern for Service Classes that allows query string parameter payload values to be passed directly via the function call as arguments.
Example
import json
from falconpy.ml_exclusions import ML_Exclusions as FalconML
falcon = FalconML(creds={"client_id": client_ID, "client_secret": client_secret})
print(json.dumps(falcon.queryMLExclusionsV1(limit=10, offset=20, sort="value.asc"), indent=4))This release also contains the following Service Classes:
- D4C Registration API
- Installation Tokens API
- IOA Exclusions API
- Falcon Complete Dashboard API
- MalQuery API
- ML Exclusions API
- Overwatch Dashboard API
- Sensor Visibility Exclusions API
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 143 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 159 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2879 0 100%Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-24 18:39:48.789455
Test results:
No issues identified.
Code scanned:
Total lines of code: 18556
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
New Service Class pattern - Query String parameters can now be passed as function arguments.
This functionality is currently only available in the following new Service Classes while
regression testing is underway.
- Added: D4C Registration API Service Class (
d4c_registration.py)- GetCSPMAzureAccount
- CreateCSPMAzureAccount
- UpdateCSPMAzureAccountClientID
- GetCSPMAzureUserScriptsAttachment
- GetCSPMAzureUserScripts
- GetCSPMCGPAccount
- GetCSPMGCPAccount (redirects to GetCSPMCGPAccount)
- CreateCSPMGCPAccount
- GetCSPMGCPUserScriptsAttachment
- GetCSPMGCPUserScripts
- Added unit tests (
test_d4c_registration.py)
- Added: Installation Tokens API Service Class (
installation_tokens.py)- audit_events_read
- customer_settings_read
- tokens_read
- tokens_create
- tokens_delete
- tokens_update
- audit_events_query
- tokens_query
- Added unit tests (
test_installation_tokens.py)
- Added: IOA Exclusions API Service Class (
ioa_exclusions.py)- getIOAExclusionsV1
- createIOAExclusionsV1
- deleteIOAExclusionsV1
- updateIOAExclusionsV1
- queryIOAExclusionsV1
- Added unit tests (
test_ioa_exclusions.py)
- Added: Falcon Co...
Version 0.4.6
FalconPy v0.4.6
This pull request provides updated functionality to the FalconPy base package.
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 129 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/mssp.py 159 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2368 0 100%Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-19 10:30:07.881913
Test results:
No issues identified.
Code scanned:
Total lines of code: 17277
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
-
Added: Missing method to Spotlight_Vulnerabilities Service Class (
spotlight_vulnerabilities.py)- getRemediations
- Added unit test to existing test series (
test_spotlight_vulnerabilities.py)
-
Added: MSSP (Falcon Flight Control) Service Class
- getChildren
- getCIDGroupMembersBy
- addCIDGroupMembers
- deleteCIDGroupMembers
- getCIDGroupById
- createCIDGroups
- deleteCIDGroups
- updateCIDGroups
- getRolesByID
- addRole
- deleteRoles
- getUserGroupMembersByID
- addUserGroupMembers
- deleteUserGroupMembers
- getUserGroupsByID
- createUserGroup
- deleteUserGroups
- updateUserGroups
- queryChildren
- queryCIDGroupMembers
- queryCIDGroups
- queryRoles
- queryUserGroupMembers
- queryUserGroups
- Added unit tests (
test_mssp.py)
-
Added: Zero Trust Assessment Service Class
- getAssessmentV1
- Added unit tests (
test_zero_trust_assessment.py)
Issues resolved
- Fixed KeyError when providing invalid credentials to a Service Class using Credential
or Object authentication, Closes #134
Other
- Moved _endpoint constant library to a private submodule (No impact to existing usage)
- Added payload parameter information to _endpoint constants
- Adds service collection ID to endpoint lists
- This prepares the package for new functionality planned for future releases
- Added:
force_defaultfunction - decorator function that forces default values for function arguments (_util.py)- Added: Helper function
get_default - Refactored Uber class to leverage this new functionality
- Unit tests refactored to cover new code paths (
test_uber_api_complete.py)
- Unit tests refactored to cover new code paths (
- Depending upon feedback, this updated pattern will be implemented within Service Classes to reduce overall function complexity
- Added: Helper function
- Linting
Developers: These patterns are being tested within the Uber Class for migration over to Service Classes in future versions
- Reduced Uber class method complexity
- Added: Helper function
calc_url_from_args(_util.py) - Added: Helper function
_create_header_payload(api_complete.py, Requires class internal variables)
- Added: Helper function
- Migrated Uber class variables to snake_case format
- Removed unnecessarily complex lambdas
- New class method:
valid_cred_format, replaces previous lambda class attribute - New class method:
token_expired, replaces previous lambda class attribute
-...
- New class method:
- Reduced Uber class method complexity
Version 0.4.5
FalconPy 0.4.5
This release provides two additional service classes:
- Custom IOA
- Quick Scan
And updates the Uber class to access three additional API service collections:
- Falcon Complete Dashboards
- Falcon Overwatch Dashboards
- Falcon Flight Control
- Enhancement
- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 84 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 89 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 2007 0 100%Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-12 06:34:01.963124
Test results:
No issues identified.
Code scanned:
Total lines of code: 7389
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
-
Added: Custom Indicators of Attack (IOA) API Service Class (
custom_ioa.py)- get_patterns
- get_platformsMixin0
- get_rule_groupsMixin0
- create_rule_groupMixin0
- delete_rule_groupsMixin0
- update_rule_groupMixin0
- get_rule_types
- get_rules_get
- get_rulesMixin0
- create_rule
- delete_rules
- update_rules
- validate
- query_patterns
- query_platformsMixin0
- query_rule_groups_fulle
- query_rule_groupsMixin0
- query_rule_types
- query_rulesMixin0
- Added unit tests (
test_custom_ioa.py)
-
Added: Falcon X Quick Scan API Service Class (
quick_scan.py)- GetScansAggregate
- GetScans
- ScanSamples
- QuerySubmissionsMixin0
- Added unit tests (
test_quick_scan.py)
-
Added: Uber class endpoints (
_endpoints.py)- Falcon Complete Dashboard API
- Falcon Overwatch Dashboard API
- Falcon Flight Control API
Issues resolved
- Fixed unidiomatic type check in
_util.py(parse_id_list) - Fixed potentially problematic default payload lists and dictionaries (Service Classes and Uber Class)
Other
- Added CHANGELOG.md
- Documentation updates to reflect new service class and upcoming API additions
- Minor comment updates
- Adjusted GitHub actions to test operating systems as separate workflows
- Minor GitHub workflow adjustments
- Unit test updates
- Cloud Connect AWS
- CSPM Registration
- Sensor Download
Version 0.4.4
FalconPy v0.4.4
This release contains the version 0.4.4 update for the FalconPy package.
- Enhancement
- Bug fixes
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 82 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 69 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 70 0 100%
src/falconpy/host_group.py 63 0 100%
src/falconpy/hosts.py 58 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 69 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sample_uploads.py 25 0 100%
src/falconpy/sensor_download.py 38 0 100%
src/falconpy/sensor_update_policy.py 105 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1674 0 100%Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.9.2
Run started:2021-04-04 23:55:51.713411
Test results:
No issues identified.
Code scanned:
Total lines of code: 6516
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added: Sensor Download API Service Class
- GetCombinedSensorInstallersByQuery
- DownloadSensorInstallerById
- GetSensorInstallersEntities
- GetSensorInstallersCCIDByQuery
- GetSensorInstallersByQuery
Unit tests have been developed to cover this new Service Class
Props and thanks go out to @CalebSchwartz for all of his hard work on the Sensor Download Service Class! 🦸
Issues resolved
- Fixed: action_name parameter default bug. Resolved by setting a default value and overriding this value if action_name is present in the parameters dictionary, Closes #114.
Other
- Documentation updated to reflect the new Sensor Download Service Class
Version 0.4.3
FalconPy v0.4.3
Planned production package release: 03.30.21
- Enhancement
Major Feature update- Bug fixes
Breaking Change- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 56 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sample_uploads.py 25 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1622 0 100%Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.9.2
Run started:2021-03-26 21:13:00.083912
Test results:
No issues identified.
Code scanned:
Total lines of code: 6415
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
- Added: Sample_Uploads service class (sample_uploads.py)
- UploadSampleV3
- GetSampleV3
- DeleteSampleV3
Added: Sample_Uploads unit tests (test_sample_uploads.py)
- Added: FalconDebug - Interactive Python3 debugger that provides a pre-defined API token.
Issues resolved
- Fixed: Issue with Uber class command method using the action_name variable instead of file_name variable for actions passing the file_name parameter.
- Fixed: Issue with setup.py passing GitHub emoji text to the package description.
- Fixed: Issue with Uber class unit testing not deleting uploaded files from Sample_Uploads API. (test_uber_api_complete.py)
Version 0.4.2
FalconPy v0.4.2
- Enhancement
Major Feature update- Bug fixes
Breaking Change- Updated unit tests
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 79 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 56 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1597 0 100%Added features and functionality
-
Added missing method: hosts.py - Added UpdateDeviceTags method to Hosts service class. (Thank you rewgord!) 😄
Unit test added to test_hosts.py to test device tagging functionality.
-
New endpoints added to the Uber class: _endpoint.py
Deprecation Warning: Legacy API operation IDs that made use of the Python reserved characters "." and "-" have been deprecated. New operation IDs have been generated for each that now aligns to the method names defined in the equivalent service class.
-
API Operation summaries added to the Uber class: _endpoint.py - This provides for upcoming functionality that will be announced in future updates.
Issues resolved
- Added method validation to Uber class calls to the requests library. (HTTP 418 is sent when an invalid method is specified.)
Other
- Cleaned up event_streams.py class file to match new patterns.
- Updated return type decorators for service_request and perform_request. (_util.py)
- Updated return type decorators for GetArtifacts, GetReports and GetSampleV2. (falconx_sandbox.py)
- Abstracted all remaining common error output code paths to a stand-alone generic method. (_util.py)
Version 0.4.1
FalconPy v0.4.1
- Enhancement
Major Feature update- Bug fixes
- Breaking Change (See below)
- Updated unit tests
Name Stmts Miss Cover
---------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 31 0 100%
src/falconpy/_util.py 80 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 77 0 100%
src/falconpy/cloud_connect_aws.py 66 0 100%
src/falconpy/cspm_registration.py 114 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 67 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falconx_sandbox.py 78 0 100%
src/falconpy/firewall_management.py 130 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 37 0 100%
src/falconpy/incidents.py 39 0 100%
src/falconpy/intel.py 89 0 100%
src/falconpy/iocs.py 58 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/prevention_policy.py 67 0 100%
src/falconpy/real_time_response.py 135 0 100%
src/falconpy/real_time_response_admin.py 82 0 100%
src/falconpy/sensor_update_policy.py 103 0 100%
src/falconpy/spotlight_vulnerabilities.py 15 0 100%
src/falconpy/user_management.py 75 0 100%
---------------------------------------------------------------
TOTAL 1578 0 100%Added features and functionality
- New service class: cspm_registration.py - Provides the CSPM_Registration service class for handling Horizon registration in Azure and AWS.
New basic unit tests for the CSPM_Registration service class have been included within this pull request.
- Added methods: falconx_sandbox.py - Support for the following operations have been added to the FalconX_Sandbox service class.
- QuerySampleV1
- DeleteSampleV2
- GetSampleV2
- DeleteReport
- GetReports
Unit tests have been updated to reflect these additional methods
Issues resolved
-
Bug fix: Resolved malformed validator in detects.py - UpdateDetectsByIdsV2
-
Bug fix: Added action_name parameter to operations that require the parameter. (#53)
This issue impacted 6 service classes in total:- device_control_policies.py - Device_Control_Policies - performDeviceControlPoliciesAction
- firewall_policies.py - Firewall_Policies - performFirewallPoliciesAction
- host_group.py - Host_Group - performGroupAction
- hosts.py - Host - PerformActionV2
- prevention_policy.py - Prevention_Policy - performPreventionPoliciesAction
- sensor_update_policy.py - Sensor_Update_Policy - performSensorUpdatePoliciesAction
This issue also impacted the Uber class, resulting in updates to the command method within the APIHarness class.
Unit tests have been updated to reflect these changes
Potential Breaking Change: The action_name parameter does not currently accept unspecified values. This will be resolved in the 0.4.4 version of the package.
Other
- Minor updates to _endpoints.py to reflect operation ID corrections for the CSPM registration API.
- Abstracted common error output code paths to a stand-alone method within _util.py.
Version 0.4.0
FalconPy v0.4.0
- Major Feature update
- Bug fixes
-
Breaking Change - Updated unit tests
Added features and functionality
- Added additional HTTP status codes
- Added parameter input validation handling
- Additional validations are planned for all service classes. Currently only enabled in
cloud_connect_aws.py.
- Additional validations are planned for all service classes. Currently only enabled in
- Added body payload input validation handling
- Additional validations are planned for all service classes. Currently only enabled in
cloud_connect_aws.py.
- Additional validations are planned for all service classes. Currently only enabled in
- Added allowed HTTP method restrictions
- Added ID list handling to API operations that require ID lists
-
Developers may now pass in a list of IDs or a comma-delimited string.
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) id_list = ['ID1', 'ID2', 'ID3'] print(json.dumps(falcon.GetAWSAccounts(ids=id_list), indent=4))
or
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) id_list_string = "ID1,ID2,ID3" print(json.dumps(falcon.GetAWSAccounts(ids=id_list_string), indent=4))
-
- Added status code response checks to authentication events
- Instantiate Service classes without having to manage tokens
- Pass in credentials (Now referred to as "credential authentication")
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS falcon = FalconAWS.Cloud_Connect_AWS(creds={'client_id': client_id, 'client_secret': client_secret}) print(json.dumps(falcon.QueryAWSAccounts(), indent=4))
- Pass in the entire auth object (Now referred to as "object authentication")
import json from falconpy import oauth2 as FalconAuth from falconpy import cloud_connect_aws as FalconAWS auth = FalconAuth.OAuth2(creds={'client_id': client_id, 'client_secret': client_secret}) falcon = FalconAWS.Cloud_Connect_AWS(auth_object=auth) print(json.dumps(falcon.QueryAWSAccounts(), indent=4))
Please note: Passing a token into Service classes is still fully supported. This is now referred to as "legacy authentication".
- Pass in credentials (Now referred to as "credential authentication")
- Added automatic token refresh functionality to Service Class calls
- Developers must make use of either credential or object authentication in order to leverage this functionality.
Issues resolved
- Added dynamic package metadata updates (Issue #14)
- Generalized version control
- New constant file:
_version.py
- New constant file:
- Generalized version control
- Added user-agent string to HTTP headers. (Issue #57)
- Resolved a bug with token deauthentication (Uber and Service classes)
- Resolved a bug in Firewall_Management.update_rule_group
Other
- Abstracted calls to the requests library from all classes, reducing code segment size
- New library:
_util.py - New class:
_service_class.py - New class:
_result.py - All Service Classes refactored
- New library:
- Abstracted endpoint list from the Uber class to a standalone source file
- New constant file:
_endpoint.py
- New constant file:
- Linting / code cleanup
- Added function input parameter datatype specifications (where possible)
- Added function output datatype decorators
- In order to reduce confusion, references to the
jsonrequests attribute are now always referred to as "body". References to thedatarequests attribute are still referred to as "data".
- 100% unit test coverage
- Internal documentation updates