Skip to content

Version 1.0.4

Compare
Choose a tag to compare
@jshcodes jshcodes released this 21 Feb 05:46
· 1168 commits to main since this release

FalconPy v1.0.4

This update provides new functionality for managing the token renewal window. (The time buffer allotted between token expiration and the time FalconPy automatically renews this token.) The maximum amount of time this window can be set to is 20 minutes, which will refresh your token every 10 minutes. This also moves the default for this value from 20 seconds to 120 seconds (the minimum).

The SpotlightVulnerabilities Service Class received a minor update, providing a check for the filter keyword when using the query_vulnerabilities_combined (combinedQueryVulnerabilities) method.

A fix for when trailing backslashes are provided as part of a base_url value is included as well.

  • Enhancement
  • Bug fixes
  • Updated unit tests

Unit test coverage

Name                                                             Stmts   Miss  Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py                                            63      0   100%
src/falconpy/_base_url.py                                            7      0   100%
src/falconpy/_endpoint/__init__.py                                 117      0   100%
src/falconpy/_endpoint/_cloud_connect_aws.py                         1      0   100%
src/falconpy/_endpoint/_cspm_registration.py                         1      0   100%
src/falconpy/_endpoint/_custom_ioa.py                                1      0   100%
src/falconpy/_endpoint/_d4c_registration.py                          1      0   100%
src/falconpy/_endpoint/_detects.py                                   1      0   100%
src/falconpy/_endpoint/_device_control_policies.py                   1      0   100%
src/falconpy/_endpoint/_discover.py                                  1      0   100%
src/falconpy/_endpoint/_event_streams.py                             1      0   100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py                 1      0   100%
src/falconpy/_endpoint/_falcon_container.py                          1      0   100%
src/falconpy/_endpoint/_falconx_sandbox.py                           1      0   100%
src/falconpy/_endpoint/_filevantage.py                               1      0   100%
src/falconpy/_endpoint/_firewall_management.py                       1      0   100%
src/falconpy/_endpoint/_firewall_policies.py                         1      0   100%
src/falconpy/_endpoint/_host_group.py                                1      0   100%
src/falconpy/_endpoint/_hosts.py                                     1      0   100%
src/falconpy/_endpoint/_identity_protection.py                       1      0   100%
src/falconpy/_endpoint/_incidents.py                                 1      0   100%
src/falconpy/_endpoint/_installation_tokens.py                       1      0   100%
src/falconpy/_endpoint/_intel.py                                     1      0   100%
src/falconpy/_endpoint/_ioa_exclusions.py                            1      0   100%
src/falconpy/_endpoint/_ioc.py                                       1      0   100%
src/falconpy/_endpoint/_iocs.py                                      1      0   100%
src/falconpy/_endpoint/_kubernetes_protection.py                     1      0   100%
src/falconpy/_endpoint/_malquery.py                                  1      0   100%
src/falconpy/_endpoint/_message_center.py                            1      0   100%
src/falconpy/_endpoint/_ml_exclusions.py                             1      0   100%
src/falconpy/_endpoint/_mssp.py                                      1      0   100%
src/falconpy/_endpoint/_oauth2.py                                    1      0   100%
src/falconpy/_endpoint/_overwatch_dashboard.py                       1      0   100%
src/falconpy/_endpoint/_prevention_policies.py                       1      0   100%
src/falconpy/_endpoint/_quarantine.py                                1      0   100%
src/falconpy/_endpoint/_quick_scan.py                                1      0   100%
src/falconpy/_endpoint/_real_time_response.py                        1      0   100%
src/falconpy/_endpoint/_real_time_response_admin.py                  1      0   100%
src/falconpy/_endpoint/_recon.py                                     1      0   100%
src/falconpy/_endpoint/_report_executions.py                         1      0   100%
src/falconpy/_endpoint/_response_policies.py                         1      0   100%
src/falconpy/_endpoint/_sample_uploads.py                            1      0   100%
src/falconpy/_endpoint/_scheduled_reports.py                         1      0   100%
src/falconpy/_endpoint/_sensor_download.py                           1      0   100%
src/falconpy/_endpoint/_sensor_update_policies.py                    1      0   100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py              1      0   100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py                 1      0   100%
src/falconpy/_endpoint/_user_management.py                           1      0   100%
src/falconpy/_endpoint/_zero_trust_assessment.py                     1      0   100%
src/falconpy/_endpoint/deprecated/__init__.py                       22      0   100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py                     1      0   100%
src/falconpy/_endpoint/deprecated/_discover.py                       1      0   100%
src/falconpy/_endpoint/deprecated/_firewall_management.py            1      0   100%
src/falconpy/_endpoint/deprecated/_identity_protection.py            1      0   100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py            1      0   100%
src/falconpy/_endpoint/deprecated/_ioc.py                            1      0   100%
src/falconpy/_endpoint/deprecated/_iocs.py                           1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response.py             1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py       1      0   100%
src/falconpy/_endpoint/deprecated/_report_executions.py              1      0   100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py              1      0   100%
src/falconpy/_payload/__init__.py                                   24      0   100%
src/falconpy/_payload/_cloud_connect_aws.py                         22      0   100%
src/falconpy/_payload/_cspm_registration.py                         40      0   100%
src/falconpy/_payload/_d4c_registration.py                          10      0   100%
src/falconpy/_payload/_detects.py                                   13      0   100%
src/falconpy/_payload/_device_control_policy.py                     13      0   100%
src/falconpy/_payload/_falconx.py                                   25      0   100%
src/falconpy/_payload/_firewall.py                                  65      0   100%
src/falconpy/_payload/_generic.py                                   65      0   100%
src/falconpy/_payload/_host_group.py                                30      0   100%
src/falconpy/_payload/_ioa.py                                       29      0   100%
src/falconpy/_payload/_ioc.py                                       36      0   100%
src/falconpy/_payload/_malquery.py                                  56      0   100%
src/falconpy/_payload/_message_center.py                            22      0   100%
src/falconpy/_payload/_mssp.py                                      15      0   100%
src/falconpy/_payload/_prevention_policy.py                         19      0   100%
src/falconpy/_payload/_real_time_response.py                        27      0   100%
src/falconpy/_payload/_recon.py                                     72      0   100%
src/falconpy/_payload/_reports.py                                   18      0   100%
src/falconpy/_payload/_response_policy.py                           19      0   100%
src/falconpy/_payload/_sensor_update_policy.py                      24      0   100%
src/falconpy/_result.py                                              8      0   100%
src/falconpy/_service_class.py                                      74      0   100%
src/falconpy/_util.py                                              186      0   100%
src/falconpy/_version.py                                            10      0   100%
src/falconpy/api_complete.py                                       113      0   100%
src/falconpy/cloud_connect_aws.py                                   47      0   100%
src/falconpy/cspm_registration.py                                  118      0   100%
src/falconpy/custom_ioa.py                                          85      0   100%
src/falconpy/d4c_registration.py                                    47      0   100%
src/falconpy/detects.py                                             28      0   100%
src/falconpy/device_control_policies.py                             66      0   100%
src/falconpy/discover.py                                            10      0   100%
src/falconpy/event_streams.py                                       19      0   100%
src/falconpy/falcon_complete_dashboard.py                           76      0   100%
src/falconpy/falcon_container.py                                     7      0   100%
src/falconpy/falconx_sandbox.py                                     67      0   100%
src/falconpy/filevantage.py                                         13      0   100%
src/falconpy/firewall_management.py                                 81      0   100%
src/falconpy/firewall_policies.py                                   68      0   100%
src/falconpy/host_group.py                                          58      0   100%
src/falconpy/hosts.py                                               65      0   100%
src/falconpy/identity_protection.py                                 12      0   100%
src/falconpy/incidents.py                                           37      0   100%
src/falconpy/installation_tokens.py                                 37      0   100%
src/falconpy/intel.py                                               63      0   100%
src/falconpy/ioa_exclusions.py                                      32      0   100%
src/falconpy/ioc.py                                                 49      0   100%
src/falconpy/iocs.py                                                39      0   100%
src/falconpy/kubernetes_protection.py                               49      0   100%
src/falconpy/malquery.py                                            49      0   100%
src/falconpy/message_center.py                                      74      0   100%
src/falconpy/ml_exclusions.py                                       34      0   100%
src/falconpy/mssp.py                                               130      0   100%
src/falconpy/oauth2.py                                              74      0   100%
src/falconpy/overwatch_dashboard.py                                 30      0   100%
src/falconpy/prevention_policy.py                                   59      0   100%
src/falconpy/quarantine.py                                          45      0   100%
src/falconpy/quick_scan.py                                          26      0   100%
src/falconpy/real_time_response.py                                 114      0   100%
src/falconpy/real_time_response_admin.py                            64      0   100%
src/falconpy/recon.py                                               97      0   100%
src/falconpy/report_executions.py                                   23      0   100%
src/falconpy/response_policies.py                                   58      0   100%
src/falconpy/sample_uploads.py                                      24      0   100%
src/falconpy/scheduled_reports.py                                   19      0   100%
src/falconpy/sensor_download.py                                     32      0   100%
src/falconpy/sensor_update_policy.py                               107      0   100%
src/falconpy/sensor_visibility_exclusions.py                        32      0   100%
src/falconpy/spotlight_vulnerabilities.py                           30      0   100%
src/falconpy/user_management.py                                     69      0   100%
src/falconpy/zero_trust_assessment.py                               12      0   100%
------------------------------------------------------------------------------------
TOTAL                                                             3676      0   100%

Bandit analysis

[main]	INFO	running on Python 3.9.9
Run started:2022-02-18 21:58:44.924816

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 34136
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
	Total issues (by confidence):
		Undefined: 0.0
		Low: 0.0
		Medium: 0.0
		High: 0.0
Files skipped (0):

Added features and functionality

  • Added: Token renewal window customization. Developers may now customize the length of time between token expiration and token renewal. (Max: 20 minutes)

    from falconpy import APIHarness
    from falconpy import OAuth2
    
    uber = APIHarness(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=300)
    service = OAuth2(client_id="CLIENT_ID", client_secret="CLIENT_SECRET", renew_window=60)
    • _service_class.py
    • api_complete.py
    • oauth2.py
    • tests/test_authentications.py
    • Thank you to @tsullivan06 for this contribution!
  • Added: Error handling for when calling query_vulnerabilities_combined (combinedQueryVulnerabilities) without specifying a filter argument. (Must be present as a keyword or as part of the parameters dictionary.)

    • spotlight_vulnerabilities.py
    • tests/test_spotlight_vulnerabilities.py
    • Thank you to @tsullivan06 for this contribution!
  • Added: Export of ServiceClass generic base class as part of __all__ within __init__.py. This change will allow developers to inherit from the Service Class base class without importing a protected module (which generates a warning in some editors).

    from falconpy import ServiceClass
    • __init__.py
    • Thank you to @morcef for this contribution!

Issues resolved

  • Fixed: Authentication issue when provided a base_url containing a trailing backslash.
    • _util.py
    • tests/test_authorizations.py
    • Thanks to @mwb8 for identifying and reporting this issue!