Skip to content

Version 0.6.3

Compare
Choose a tag to compare
@jshcodes jshcodes released this 31 Aug 04:01
· 1348 commits to main since this release
f2085d2

FalconPy v0.6.3

This update merges the functionality of the two IOC service classes. Provides two new service classes, and deprecates the CS_USERNAME parameter from the CustomIOA and FirewallManagement service classes.

  • Enhancement
  • Updated unit tests

Unit test coverage

Name                                                             Stmts   Miss  Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py                                            14      0   100%
src/falconpy/_endpoint/__init__.py                                 105      0   100%
src/falconpy/_endpoint/_cloud_connect_aws.py                         1      0   100%
src/falconpy/_endpoint/_cspm_registration.py                         1      0   100%
src/falconpy/_endpoint/_custom_ioa.py                                1      0   100%
src/falconpy/_endpoint/_d4c_registration.py                          1      0   100%
src/falconpy/_endpoint/_detects.py                                   1      0   100%
src/falconpy/_endpoint/_device_control_policies.py                   1      0   100%
src/falconpy/_endpoint/_event_streams.py                             1      0   100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py                 1      0   100%
src/falconpy/_endpoint/_falcon_container.py                          1      0   100%
src/falconpy/_endpoint/_falconx_sandbox.py                           1      0   100%
src/falconpy/_endpoint/_firewall_management.py                       1      0   100%
src/falconpy/_endpoint/_firewall_policies.py                         1      0   100%
src/falconpy/_endpoint/_host_group.py                                1      0   100%
src/falconpy/_endpoint/_hosts.py                                     1      0   100%
src/falconpy/_endpoint/_identity_protection.py                       1      0   100%
src/falconpy/_endpoint/_incidents.py                                 1      0   100%
src/falconpy/_endpoint/_installation_tokens.py                       1      0   100%
src/falconpy/_endpoint/_intel.py                                     1      0   100%
src/falconpy/_endpoint/_ioa_exclusions.py                            1      0   100%
src/falconpy/_endpoint/_ioc.py                                       1      0   100%
src/falconpy/_endpoint/_iocs.py                                      1      0   100%
src/falconpy/_endpoint/_kubernetes_protection.py                     1      0   100%
src/falconpy/_endpoint/_malquery.py                                  1      0   100%
src/falconpy/_endpoint/_ml_exclusions.py                             1      0   100%
src/falconpy/_endpoint/_mssp.py                                      1      0   100%
src/falconpy/_endpoint/_oauth2.py                                    1      0   100%
src/falconpy/_endpoint/_overwatch_dashboard.py                       1      0   100%
src/falconpy/_endpoint/_prevention_policies.py                       1      0   100%
src/falconpy/_endpoint/_quarantine.py                                1      1     0%
src/falconpy/_endpoint/_quick_scan.py                                1      0   100%
src/falconpy/_endpoint/_real_time_response.py                        1      0   100%
src/falconpy/_endpoint/_real_time_response_admin.py                  1      0   100%
src/falconpy/_endpoint/_recon.py                                     1      0   100%
src/falconpy/_endpoint/_report_executions.py                         1      0   100%
src/falconpy/_endpoint/_response_policies.py                         1      0   100%
src/falconpy/_endpoint/_sample_uploads.py                            1      0   100%
src/falconpy/_endpoint/_scheduled_reports.py                         1      0   100%
src/falconpy/_endpoint/_sensor_download.py                           1      0   100%
src/falconpy/_endpoint/_sensor_update_policies.py                    1      0   100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py              1      0   100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py                 1      0   100%
src/falconpy/_endpoint/_user_management.py                           1      0   100%
src/falconpy/_endpoint/_zero_trust_assessment.py                     1      0   100%
src/falconpy/_endpoint/deprecated/__init__.py                       20      0   100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py                     1      0   100%
src/falconpy/_endpoint/deprecated/_firewall_management.py            1      0   100%
src/falconpy/_endpoint/deprecated/_identity_protection.py            1      0   100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py            1      0   100%
src/falconpy/_endpoint/deprecated/_ioc.py                            1      0   100%
src/falconpy/_endpoint/deprecated/_iocs.py                           1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response.py             1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py       1      0   100%
src/falconpy/_endpoint/deprecated/_report_executions.py              1      0   100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py              1      0   100%
src/falconpy/_result.py                                              8      0   100%
src/falconpy/_service_class.py                                      62      0   100%
src/falconpy/_util.py                                              167      0   100%
src/falconpy/_version.py                                            10      0   100%
src/falconpy/api_complete.py                                        93      0   100%
src/falconpy/cloud_connect_aws.py                                   38      0   100%
src/falconpy/cspm_registration.py                                   76      0   100%
src/falconpy/custom_ioa.py                                          68      0   100%
src/falconpy/d4c_registration.py                                    36      0   100%
src/falconpy/detects.py                                             18      0   100%
src/falconpy/device_control_policies.py                             49      0   100%
src/falconpy/event_streams.py                                       13      0   100%
src/falconpy/falcon_complete_dashboard.py                           54      0   100%
src/falconpy/falcon_container.py                                     7      0   100%
src/falconpy/falconx_sandbox.py                                     56      0   100%
src/falconpy/firewall_management.py                                 60      0   100%
src/falconpy/firewall_policies.py                                   50      0   100%
src/falconpy/host_group.py                                          45      0   100%
src/falconpy/hosts.py                                               55      0   100%
src/falconpy/identity_protection.py                                  8      0   100%
src/falconpy/incidents.py                                           25      0   100%
src/falconpy/installation_tokens.py                                 27      0   100%
src/falconpy/intel.py                                               59      0   100%
src/falconpy/ioa_exclusions.py                                      23      0   100%
src/falconpy/ioc.py                                                 44      0   100%
src/falconpy/iocs.py                                                38      0   100%
src/falconpy/kubernetes_protection.py                               40      0   100%
src/falconpy/malquery.py                                            35      0   100%
src/falconpy/ml_exclusions.py                                       23      0   100%
src/falconpy/mssp.py                                                93      0   100%
src/falconpy/oauth2.py                                              46      0   100%
src/falconpy/overwatch_dashboard.py                                 23      0   100%
src/falconpy/prevention_policy.py                                   42      0   100%
src/falconpy/quarantine.py                                          24     24     0%
src/falconpy/quick_scan.py                                          19      0   100%
src/falconpy/real_time_response.py                                  82      0   100%
src/falconpy/real_time_response_admin.py                            50      0   100%
src/falconpy/recon.py                                               73      0   100%
src/falconpy/report_executions.py                                   16      0   100%
src/falconpy/response_policies.py                                   42      0   100%
src/falconpy/sample_uploads.py                                      20      0   100%
src/falconpy/scheduled_reports.py                                   12      0   100%
src/falconpy/sensor_download.py                                     39      0   100%
src/falconpy/sensor_update_policy.py                                70      0   100%
src/falconpy/sensor_visibility_exclusions.py                        23      0   100%
src/falconpy/spotlight_vulnerabilities.py                           21      0   100%
src/falconpy/user_management.py                                     49      0   100%
src/falconpy/zero_trust_assessment.py                               12      0   100%
------------------------------------------------------------------------------------
TOTAL                                                             2227     25    99%

Coverage miss with this merge due to lack of unit testing for quarantine service class. This will be remedied in a subsequent merge.

Bandit analysis

[main]	INFO	running on Python 3.9.6
Run started:2021-08-27 20:14:46.536026

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 22105
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
	Total issues (by confidence):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
Files skipped (0):

Added features and functionality

  • Added: New FalconContainer Service Class. falcon_container.py
  • Added: Two new methods (operations)) to the Hosts Service Class. hosts.py
    • query_device_login_history / QueryDeviceLoginHistory
    • query_network_address_history / QueryGetNetworkAddressHistoryV1
  • Added: New method (operation)) to the SpotlightVulnerabilities Service Class. spotlight_vulnerabilities.py
    • get_remediations_v2 - getRemediationsV2
  • Migrated: Ported still viable methods from legacy IOCS Service Class iocs.py to the new IOC Service Class. ioc.py
    • devices_count / DevicesCount
    • devices_ran_on / DevicesRanOn
    • processes_ran_on / ProcessesRanOn
    • entities_processes / entities_processes
  • Updated: Deprecated 5 methods within the legacy IOCS Service Class. iocs.py
    • get_ioc / GetIOC
    • create_ioc / CreateIOC
    • delete_ioc / DeleteIOC
    • update_ioc / UpdateIOC
    • query_iocs / QueryIOCs
  • Updated: Deprecated cs_username keyword from all methods within CustomIOA and FirewallManagement Service Classes. Closes #320. Closes #321. custom_ioa.py, firewall_management.py
  • Added: New Quarantine Service Class and endpoints. quarantine.py
  • Updated: Updated endpoint for getComplianceV1 operation within ZeroTrustAssessment Service Class. zero_trust_assessment.py