Version 1.0.4
FalconPy v1.0.4
This update provides new functionality for managing the token renewal window. (The time buffer allotted between token expiration and the time FalconPy automatically renews this token.) The maximum amount of time this window can be set to is 20 minutes, which will refresh your token every 10 minutes. This also moves the default for this value from 20 seconds to 120 seconds (the minimum).
The SpotlightVulnerabilities Service Class received a minor update, providing a check for the filter
keyword when using the query_vulnerabilities_combined
(combinedQueryVulnerabilities) method.
A fix for when trailing backslashes are provided as part of a base_url
value is included as well.
- Enhancement
- Bug fixes
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 63 0 100%
src/falconpy/_base_url.py 7 0 100%
src/falconpy/_endpoint/__init__.py 117 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_discover.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_filevantage.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_message_center.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 22 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_discover.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_payload/__init__.py 24 0 100%
src/falconpy/_payload/_cloud_connect_aws.py 22 0 100%
src/falconpy/_payload/_cspm_registration.py 40 0 100%
src/falconpy/_payload/_d4c_registration.py 10 0 100%
src/falconpy/_payload/_detects.py 13 0 100%
src/falconpy/_payload/_device_control_policy.py 13 0 100%
src/falconpy/_payload/_falconx.py 25 0 100%
src/falconpy/_payload/_firewall.py 65 0 100%
src/falconpy/_payload/_generic.py 65 0 100%
src/falconpy/_payload/_host_group.py 30 0 100%
src/falconpy/_payload/_ioa.py 29 0 100%
src/falconpy/_payload/_ioc.py 36 0 100%
src/falconpy/_payload/_malquery.py 56 0 100%
src/falconpy/_payload/_message_center.py 22 0 100%
src/falconpy/_payload/_mssp.py 15 0 100%
src/falconpy/_payload/_prevention_policy.py 19 0 100%
src/falconpy/_payload/_real_time_response.py 27 0 100%
src/falconpy/_payload/_recon.py 72 0 100%
src/falconpy/_payload/_reports.py 18 0 100%
src/falconpy/_payload/_response_policy.py 19 0 100%
src/falconpy/_payload/_sensor_update_policy.py 24 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 74 0 100%
src/falconpy/_util.py 186 0 100%
src/falconpy/_version.py 10 0 100%
src/falconpy/api_complete.py 113 0 100%
src/falconpy/cloud_connect_aws.py 47 0 100%
src/falconpy/cspm_registration.py 118 0 100%
src/falconpy/custom_ioa.py 85 0 100%
src/falconpy/d4c_registration.py 47 0 100%
src/falconpy/detects.py 28 0 100%
src/falconpy/device_control_policies.py 66 0 100%
src/falconpy/discover.py 10 0 100%
src/falconpy/event_streams.py 19 0 100%
src/falconpy/falcon_complete_dashboard.py 76 0 100%
src/falconpy/falcon_container.py 7 0 100%
src/falconpy/falconx_sandbox.py 67 0 100%
src/falconpy/filevantage.py 13 0 100%
src/falconpy/firewall_management.py 81 0 100%
src/falconpy/firewall_policies.py 68 0 100%
src/falconpy/host_group.py 58 0 100%
src/falconpy/hosts.py 65 0 100%
src/falconpy/identity_protection.py 12 0 100%
src/falconpy/incidents.py 37 0 100%
src/falconpy/installation_tokens.py 37 0 100%
src/falconpy/intel.py 63 0 100%
src/falconpy/ioa_exclusions.py 32 0 100%
src/falconpy/ioc.py 49 0 100%
src/falconpy/iocs.py 39 0 100%
src/falconpy/kubernetes_protection.py 49 0 100%
src/falconpy/malquery.py 49 0 100%
src/falconpy/message_center.py 74 0 100%
src/falconpy/ml_exclusions.py 34 0 100%
src/falconpy/mssp.py 130 0 100%
src/falconpy/oauth2.py 74 0 100%
src/falconpy/overwatch_dashboard.py 30 0 100%
src/falconpy/prevention_policy.py 59 0 100%
src/falconpy/quarantine.py 45 0 100%
src/falconpy/quick_scan.py 26 0 100%
src/falconpy/real_time_response.py 114 0 100%
src/falconpy/real_time_response_admin.py 64 0 100%
src/falconpy/recon.py 97 0 100%
src/falconpy/report_executions.py 23 0 100%
src/falconpy/response_policies.py 58 0 100%
src/falconpy/sample_uploads.py 24 0 100%
src/falconpy/scheduled_reports.py 19 0 100%
src/falconpy/sensor_download.py 32 0 100%
src/falconpy/sensor_update_policy.py 107 0 100%
src/falconpy/sensor_visibility_exclusions.py 32 0 100%
src/falconpy/spotlight_vulnerabilities.py 30 0 100%
src/falconpy/user_management.py 69 0 100%
src/falconpy/zero_trust_assessment.py 12 0 100%
------------------------------------------------------------------------------------
TOTAL 3676 0 100%
Bandit analysis
[main] INFO running on Python 3.9.9
Run started:2022-02-18 21:58:44.924816
Test results:
No issues identified.
Code scanned:
Total lines of code: 34136
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
Added features and functionality
-
Added: Token renewal window customization. Developers may now customize the length of time between token expiration and token renewal. (Max: 20 minutes)
from falconpy import APIHarness from falconpy import OAuth2 uber = APIHarness(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=300) service = OAuth2(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=60)
_service_class.py
api_complete.py
oauth2.py
tests/test_authentications.py
- Thank you to @tsullivan06 for this contribution!
-
Added: Error handling for when calling
query_vulnerabilities_combined
(combinedQueryVulnerabilities) without specifying afilter
argument. (Must be present as a keyword or as part of theparameters
dictionary.)spotlight_vulnerabilities.py
tests/test_spotlight_vulnerabilities.py
- Thank you to @tsullivan06 for this contribution!
-
Added: Export of
ServiceClass
generic base class as part of__all__
within__init__.py
. This change will allow developers to inherit from the Service Class base class without importing a protected module (which generates a warning in some editors).from falconpy import ServiceClass
__init__.py
- Thank you to @morcef for this contribution!
Issues resolved
- Fixed: Authentication issue when provided a base_url containing a trailing backslash.
_util.py
tests/test_authorizations.py
- Thanks to @mwb8 for identifying and reporting this issue!