Version 1.4.1 - New Image Assessment Policies service collection, new operations and arguments #1110

jshcodes · 2024-01-30T01:00:55Z

FalconPy v1.4.1

This update adds a new service collection (Image Assessment Policies) with 11 new operations, adds 22 new operations to 4 existing service collections, provides multiple minor updates to the endpoint module and operation arguments, and resolves three bugs.

Enhancement
Bug fixes
Updated unit tests

Unit test coverage

Name                                                                   Stmts   Miss  Cover
------------------------------------------------------------------------------------------
src/falconpy/__init__.py                                                  92      0   100%
src/falconpy/_api_request/__init__.py                                      7      0   100%
src/falconpy/_api_request/_request.py                                    109      0   100%
src/falconpy/_api_request/_request_behavior.py                            55      0   100%
src/falconpy/_api_request/_request_connection.py                           8      0   100%
src/falconpy/_api_request/_request_meta.py                                26      0   100%
src/falconpy/_api_request/_request_payloads.py                             8      0   100%
src/falconpy/_api_request/_request_validator.py                            6      0   100%
src/falconpy/_auth_object/__init__.py                                      6      0   100%
src/falconpy/_auth_object/_base_falcon_auth.py                            13      0   100%
src/falconpy/_auth_object/_bearer_token.py                                63      0   100%
src/falconpy/_auth_object/_falcon_interface.py                           247      0   100%
src/falconpy/_auth_object/_interface_config.py                            40      0   100%
src/falconpy/_auth_object/_uber_interface.py                              42      0   100%
src/falconpy/_constant/__init__.py                                        11      0   100%
src/falconpy/_endpoint/__init__.py                                       172      0   100%
src/falconpy/_endpoint/_alerts.py                                          1      0   100%
src/falconpy/_endpoint/_cloud_connect_aws.py                               1      0   100%
src/falconpy/_endpoint/_cloud_snapshots.py                                 1      0   100%
src/falconpy/_endpoint/_configuration_assessment.py                        1      0   100%
src/falconpy/_endpoint/_configuration_assessment_evaluation_logic.py       1      0   100%
src/falconpy/_endpoint/_container_alerts.py                                1      0   100%
src/falconpy/_endpoint/_container_detections.py                            1      0   100%
src/falconpy/_endpoint/_container_images.py                                1      0   100%
src/falconpy/_endpoint/_container_packages.py                              1      0   100%
src/falconpy/_endpoint/_container_vulnerabilities.py                       1      0   100%
src/falconpy/_endpoint/_cspm_registration.py                               1      0   100%
src/falconpy/_endpoint/_custom_ioa.py                                      1      0   100%
src/falconpy/_endpoint/_custom_storage.py                                  1      0   100%
src/falconpy/_endpoint/_d4c_registration.py                                1      0   100%
src/falconpy/_endpoint/_detects.py                                         1      0   100%
src/falconpy/_endpoint/_device_control_policies.py                         1      0   100%
src/falconpy/_endpoint/_discover.py                                        1      0   100%
src/falconpy/_endpoint/_drift_indicators.py                                1      0   100%
src/falconpy/_endpoint/_event_streams.py                                   1      0   100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py                       1      0   100%
src/falconpy/_endpoint/_falcon_container.py                                1      0   100%
src/falconpy/_endpoint/_falconx_sandbox.py                                 1      0   100%
src/falconpy/_endpoint/_fdr.py                                             1      0   100%
src/falconpy/_endpoint/_filevantage.py                                     1      0   100%
src/falconpy/_endpoint/_firewall_management.py                             1      0   100%
src/falconpy/_endpoint/_firewall_policies.py                               1      0   100%
src/falconpy/_endpoint/_foundry_logscale.py                                1      0   100%
src/falconpy/_endpoint/_host_group.py                                      1      0   100%
src/falconpy/_endpoint/_hosts.py                                           1      0   100%
src/falconpy/_endpoint/_identity_protection.py                             1      0   100%
src/falconpy/_endpoint/_image_assessment_policies.py                       1      0   100%
src/falconpy/_endpoint/_incidents.py                                       1      0   100%
src/falconpy/_endpoint/_installation_tokens.py                             1      0   100%
src/falconpy/_endpoint/_intel.py                                           1      0   100%
src/falconpy/_endpoint/_ioa_exclusions.py                                  1      0   100%
src/falconpy/_endpoint/_ioc.py                                             1      0   100%
src/falconpy/_endpoint/_iocs.py                                            1      0   100%
src/falconpy/_endpoint/_kubernetes_protection.py                           1      0   100%
src/falconpy/_endpoint/_malquery.py                                        1      0   100%
src/falconpy/_endpoint/_message_center.py                                  1      0   100%
src/falconpy/_endpoint/_ml_exclusions.py                                   1      0   100%
src/falconpy/_endpoint/_mobile_enrollment.py                               1      0   100%
src/falconpy/_endpoint/_mssp.py                                            1      0   100%
src/falconpy/_endpoint/_oauth2.py                                          1      0   100%
src/falconpy/_endpoint/_ods.py                                             1      0   100%
src/falconpy/_endpoint/_overwatch_dashboard.py                             1      0   100%
src/falconpy/_endpoint/_prevention_policies.py                             1      0   100%
src/falconpy/_endpoint/_quarantine.py                                      1      0   100%
src/falconpy/_endpoint/_quick_scan.py                                      1      0   100%
src/falconpy/_endpoint/_real_time_response.py                              1      0   100%
src/falconpy/_endpoint/_real_time_response_admin.py                        1      0   100%
src/falconpy/_endpoint/_real_time_response_audit.py                        1      0   100%
src/falconpy/_endpoint/_recon.py                                           1      0   100%
src/falconpy/_endpoint/_report_executions.py                               1      0   100%
src/falconpy/_endpoint/_response_policies.py                               1      0   100%
src/falconpy/_endpoint/_sample_uploads.py                                  1      0   100%
src/falconpy/_endpoint/_scheduled_reports.py                               1      0   100%
src/falconpy/_endpoint/_sensor_download.py                                 1      0   100%
src/falconpy/_endpoint/_sensor_update_policies.py                          1      0   100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py                    1      0   100%
src/falconpy/_endpoint/_spotlight_evaluation_logic.py                      1      0   100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py                       1      0   100%
src/falconpy/_endpoint/_tailored_intelligence.py                           1      0   100%
src/falconpy/_endpoint/_unidentified_containers.py                         1      0   100%
src/falconpy/_endpoint/_user_management.py                                 1      0   100%
src/falconpy/_endpoint/_workflows.py                                       1      0   100%
src/falconpy/_endpoint/_zero_trust_assessment.py                           1      0   100%
src/falconpy/_endpoint/deprecated/__init__.py                             35      0   100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py                           1      0   100%
src/falconpy/_endpoint/deprecated/_d4c_registration.py                     1      0   100%
src/falconpy/_endpoint/deprecated/_discover.py                             1      0   100%
src/falconpy/_endpoint/deprecated/_fdr.py                                  1      0   100%
src/falconpy/_endpoint/deprecated/_firewall_management.py                  1      0   100%
src/falconpy/_endpoint/deprecated/_hosts.py                                1      0   100%
src/falconpy/_endpoint/deprecated/_identity_protection.py                  1      0   100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py                  1      0   100%
src/falconpy/_endpoint/deprecated/_ioc.py                                  1      0   100%
src/falconpy/_endpoint/deprecated/_iocs.py                                 1      0   100%
src/falconpy/_endpoint/deprecated/_mapping.py                              2      0   100%
src/falconpy/_endpoint/deprecated/_ods.py                                  1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response.py                   1      0   100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py             1      0   100%
src/falconpy/_endpoint/deprecated/_report_executions.py                    1      0   100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py                    1      0   100%
src/falconpy/_endpoint/deprecated/_zero_trust_assessment.py                1      0   100%
src/falconpy/_enum/__init__.py                                             4      0   100%
src/falconpy/_enum/_base_url.py                                            7      0   100%
src/falconpy/_enum/_container_base_url.py                                  6      0   100%
src/falconpy/_enum/_token_fail_reason.py                                   4      0   100%
src/falconpy/_error/__init__.py                                            3      0   100%
src/falconpy/_error/_exceptions.py                                        68      0   100%
src/falconpy/_error/_warnings.py                                          73      0   100%
src/falconpy/_log/__init__.py                                              2      0   100%
src/falconpy/_log/_facility.py                                            34      0   100%
src/falconpy/_payload/__init__.py                                         30      0   100%
src/falconpy/_payload/_alerts.py                                          11      0   100%
src/falconpy/_payload/_cloud_connect_aws.py                               23      0   100%
src/falconpy/_payload/_cloud_snapshots.py                                 36      0   100%
src/falconpy/_payload/_container.py                                       66      0   100%
src/falconpy/_payload/_cspm_registration.py                               53      0   100%
src/falconpy/_payload/_d4c_registration.py                                38      0   100%
src/falconpy/_payload/_detects.py                                         15      0   100%
src/falconpy/_payload/_device_control_policy.py                           33      0   100%
src/falconpy/_payload/_falconx.py                                         25      0   100%
src/falconpy/_payload/_filevantage.py                                     34      0   100%
src/falconpy/_payload/_firewall.py                                       122      0   100%
src/falconpy/_payload/_foundry.py                                         16      0   100%
src/falconpy/_payload/_generic.py                                         66      0   100%
src/falconpy/_payload/_host_group.py                                      31      0   100%
src/falconpy/_payload/_incidents.py                                       15      0   100%
src/falconpy/_payload/_ioa.py                                             35      0   100%
src/falconpy/_payload/_ioc.py                                             52      0   100%
src/falconpy/_payload/_malquery.py                                        56      0   100%
src/falconpy/_payload/_message_center.py                                  22      0   100%
src/falconpy/_payload/_mssp.py                                            15      0   100%
src/falconpy/_payload/_ods.py                                             13      0   100%
src/falconpy/_payload/_prevention_policy.py                               19      0   100%
src/falconpy/_payload/_real_time_response.py                              27      0   100%
src/falconpy/_payload/_recon.py                                           84      0   100%
src/falconpy/_payload/_reports.py                                         19      0   100%
src/falconpy/_payload/_response_policy.py                                 19      0   100%
src/falconpy/_payload/_sample_uploads.py                                   9      0   100%
src/falconpy/_payload/_sensor_update_policy.py                            30      0   100%
src/falconpy/_payload/_workflows.py                                       35      0   100%
src/falconpy/_result/__base_resource.py                                   28      0   100%
src/falconpy/_result/__init__.py                                           9      0   100%
src/falconpy/_result/_base_dictionary.py                                  31      0   100%
src/falconpy/_result/_errors.py                                            2      0   100%
src/falconpy/_result/_expanded_result.py                                   7      0   100%
src/falconpy/_result/_headers.py                                          25      0   100%
src/falconpy/_result/_meta.py                                             30      0   100%
src/falconpy/_result/_resources.py                                        14      0   100%
src/falconpy/_result/_response_component.py                               24      0   100%
src/falconpy/_result/_result.py                                          220      0   100%
src/falconpy/_service_class/__init__.py                                    3      0   100%
src/falconpy/_service_class/_base_service_class.py                       118      0   100%
src/falconpy/_service_class/_service_class.py                             92      0   100%
src/falconpy/_util/__init__.py                                             5      0   100%
src/falconpy/_util/_auth.py                                               18      0   100%
src/falconpy/_util/_functions.py                                         388      0   100%
src/falconpy/_util/_service.py                                             3      0   100%
src/falconpy/_util/_uber.py                                               49      0   100%
src/falconpy/_version.py                                                  33      0   100%
src/falconpy/alerts.py                                                    62      0   100%
src/falconpy/api_complete/__init__.py                                      3      0   100%
src/falconpy/api_complete/_advanced.py                                    57      0   100%
src/falconpy/api_complete/_legacy.py                                     202      0   100%
src/falconpy/cloud_connect_aws.py                                         48      0   100%
src/falconpy/cloud_snapshots.py                                           21      0   100%
src/falconpy/configuration_assessment.py                                  13      0   100%
src/falconpy/configuration_assessment_evaluation_logic.py                  9      0   100%
src/falconpy/container_alerts.py                                          17      0   100%
src/falconpy/container_detections.py                                      29      0   100%
src/falconpy/container_images.py                                          45      0   100%
src/falconpy/container_packages.py                                        25      0   100%
src/falconpy/container_vulnerabilities.py                                 45      0   100%
src/falconpy/cspm_registration.py                                        188      0   100%
src/falconpy/custom_ioa.py                                                86      0   100%
src/falconpy/custom_storage.py                                            68      0   100%
src/falconpy/d4c_registration.py                                         114      0   100%
src/falconpy/detects.py                                                   32      0   100%
src/falconpy/device_control_policies.py                                   78      0   100%
src/falconpy/discover.py                                                  35      0   100%
src/falconpy/drift_indicators.py                                          25      0   100%
src/falconpy/event_streams.py                                             20      0   100%
src/falconpy/falcon_complete_dashboard.py                                105      0   100%
src/falconpy/falcon_container.py                                          57      0   100%
src/falconpy/falconx_sandbox.py                                           86      0   100%
src/falconpy/fdr.py                                                       23      0   100%
src/falconpy/filevantage.py                                              127      0   100%
src/falconpy/firewall_management.py                                      139      0   100%
src/falconpy/firewall_policies.py                                         71      0   100%
src/falconpy/foundry_logscale.py                                          45      0   100%
src/falconpy/host_group.py                                                61      0   100%
src/falconpy/hosts.py                                                    113      0   100%
src/falconpy/identity_protection.py                                       34      0   100%
src/falconpy/image_assessment_policies.py                                 63      0   100%
src/falconpy/incidents.py                                                 41      0   100%
src/falconpy/installation_tokens.py                                       43      0   100%
src/falconpy/intel.py                                                     93      0   100%
src/falconpy/ioa_exclusions.py                                            33      0   100%
src/falconpy/ioc.py                                                       94      0   100%
src/falconpy/iocs.py                                                      40      0   100%
src/falconpy/kubernetes_protection.py                                    254      0   100%
src/falconpy/malquery.py                                                  50      0   100%
src/falconpy/message_center.py                                            81      0   100%
src/falconpy/ml_exclusions.py                                             35      0   100%
src/falconpy/mobile_enrollment.py                                         18      0   100%
src/falconpy/mssp.py                                                     174      0   100%
src/falconpy/oauth2.py                                                    30      0   100%
src/falconpy/ods.py                                                       73      0   100%
src/falconpy/overwatch_dashboard.py                                       31      0   100%
src/falconpy/prevention_policy.py                                         62      0   100%
src/falconpy/quarantine.py                                                46      0   100%
src/falconpy/quick_scan.py                                                27      0   100%
src/falconpy/real_time_response.py                                       127      0   100%
src/falconpy/real_time_response_admin.py                                  83      0   100%
src/falconpy/real_time_response_audit.py                                  10      0   100%
src/falconpy/recon.py                                                    128      0   100%
src/falconpy/report_executions.py                                         24      0   100%
src/falconpy/response_policies.py                                         61      0   100%
src/falconpy/sample_uploads.py                                            75      0   100%
src/falconpy/scheduled_reports.py                                         20      0   100%
src/falconpy/sensor_download.py                                           33      0   100%
src/falconpy/sensor_update_policy.py                                     110      0   100%
src/falconpy/sensor_visibility_exclusions.py                              33      0   100%
src/falconpy/spotlight_evaluation_logic.py                                23      0   100%
src/falconpy/spotlight_vulnerabilities.py                                 31      0   100%
src/falconpy/tailored_intelligence.py                                     41      0   100%
src/falconpy/unidentified_containers.py                                   17      0   100%
src/falconpy/user_management.py                                          139      0   100%
src/falconpy/workflows.py                                                 80      0   100%
src/falconpy/zero_trust_assessment.py                                     23      0   100%
------------------------------------------------------------------------------------------
TOTAL                                                                   7803      0   100%

Bandit analysis

[main]	INFO	running on Python 3.9.17

Run started:2024-01-29 23:43:20.264956

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 65210
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):

Added features and functionality

Added: include_hidden argument added to the PostAggregatesAlertsV2, PostEntitiesAlertsV2, PatchEntitiesAlertsV3 and GetQueriesAlertsV2 operations.
- _endpoint/_alerts.py
Added: ReadContainerAlertsCountBySeverity operation added to the Container Alerts service collection.
- _endpoint/_container_alerts.py
- container_alerts.py
Unit testing expanded to complete code coverage.
- tests/test_container_alerts.py
Added: cspm_lite argument added to the GetCSPMAwsAccount and GetCSPMAzureAccount operations within the CSPM Registration service collection.
- _endpoint/_cspm_registration.py
- cspm_registration.py
Added: azure_management_group argument added to the GetCSPMAzureUserScriptsAttachment operation within the CSPM Registration service collection.
- _endpoint/_cspm_registration.py
- cspm_registration.py
Added: 9 new operations added to the CSPM Registration service collection.
- GetCSPMAzureManagementGroup
- CreateCSPMAzureManagementGroup
- GetCSPMCGPAccount
- CreateCSPMGCPAccount
- DeleteCSPMGCPAccount
- UpdateCSPMGCPAccount
- ConnectCSPMGCPAccount
- GetCSPMGCPServiceAccountsExt
- GetCSPMGCPUserScriptsAttachment
- _endpoint/_cspm_registration.py
- _payload/_cspm_registration.py
- cspm_registration.py
Unit testing expanded to complete code coverage.
- tests/test_cspm_registration.py
Added: azure_management_group argument added to the GetDiscoverCloudAzureUserScriptsAttachment operation within the D4C Registration service collection.
- _endpoint/_d4c_registration.py
- d4c_registration.py
Added: 4 new operations added to the D4C Registration service collection.
- DeleteD4CGCPAccount
- ConnectD4CGCPAccount
- GetD4CGCPServiceAccountsExt
- GetD4CGCPUserScriptsAttachment
- _endpoint/_d4c_registration.py
- _payload/_d4c_registration.py
- d4c_registration.py
Unit testing expanded to complete code coverage.
- tests/test_d4c_registration.py
Added: execution_cid argument added to the WorkflowExecute operation within the Workflows service collection.
- _endpoint/_workflows.py
- workflows.py
Added: New service collection Image Assessment Policies containing 11 new operations.
- ReadPolicies
- CreatePolicies
- UpdatePolicies
- DeletePolicy
- ReadPolicyExclusions
- UpdatePolicyExclusions
- ReadPolicyGroups
- CreatePolicyGroups
- UpdatePolicyGroups
- DeletePolicyGroup
- UpdatePolicyPrecedence
- _endpoint/__init__.py
- _endpoint/_image_assessment_policies.py
3 new payload handlers are added.
- _payload/__init__.py
- _payload/_container.py
- __init__.py
- image_assessment_policies.py
Unit testing expanded to complete code coverage.
- tests/test_image_assessment_policies.py
Added: 8 new operations added to the Workflows service collection.
- WorkflowDefinitionsCombined
- WorkflowExecutionsCombined
- WorkflowDefinitionsExport
- WorkflowDefinitionsImport
- WorkflowDefinitionsUpdate
- WorkflowDefinitionsCreate
- WorkflowGetHumanInputV1
- WorkflowUpdateHumanInputV1
- _endpoint/_workflows.py
- workflows.py
2 new payload handlers are added.
- _payload/__init__.py
- _payload/_workflows.py
Unit testing expanded to complete code coverage.
- tests/test_workflows.py

Issue resolved

Fixed: member_cid argument is not being passed to the authentication event when leveraging Environment Authentication. Closes [ BUG ] member_cid argument is not being included when authenticating as a parent using Environment Authentication #1105.
- _auth_object/_falcon_interface.py
Fixed: rule_ids is not included in body payloads when the list is empty for the update_rule_groups operation within the Firewall Management Service Class. Closes [ BUG ] Removing the only firewall rule left within a rule group keeps asking for rule id array #1107.
- _payload/_firewall.py
Fixed: Added missing actions to _allowed_actions validator within PerformActionV2 method of the Hosts service collection. Closes [ BUG ] Host management - perform_action method missing two actions support #1108.
- hosts.py
- Thanks go out to @i-shubham01 for identifying and resolving this issue! 🙇

Other

Updated: Enums added to GetCSPMAwsAccount and GetCSPMAwsConsoleSetupURLs operations within the CSPM Registration endpoint module.
- _endpoint/_cspm_registration.py
Updated: Several paremeter descriptions within the Custom IOA endpoint module updated.
- _endpoint/_custom_ioa.py
- _endpoint/deprecated/_custom_ioa.py
Updated: Enum updated within the GetD4CAwsAccount operation of the D4C Registration endpoint module.
- _endpoint/_d4c_registration.py
Updated: Paremeter description for the Submit operation within the Falcon Intelligence Sandbox endpoint module updated.
- _endpoint/_falconx_sandbox.py
Updated: Multiple paremeter descriptions within the Kubernetes Protection endpoint module updated.
- _endpoint/_kubernetes_protection_.py
Updated: Enum updated within the QueryActivityByCaseID operation of the Message Center endpoint module.
- _endpoint/_message_center.py

#1105.

… module.

Remove whitespace

jshcodes and others added 15 commits January 29, 2024 06:51

Pass member_cid when provided during environment authentication. Closes

4524336

#1105.

Allow empty rule_ids list. Closes #1107.

bd6f9f4

Add include_hidden parameter to query string payloads within endpoint…

618cc1f

… module.

Add ReadContainerAlertsCountBySeverity operation.

7422091

Update parameter descriptions.

9ebfd5e

Update parameter description.

7e5668a

Update parameter descriptions.

7501957

Update enum.

2469988

Add new parameters and operations. Update enum.

7ccc865

Add new arguments, enums and operations.

ce8cb1d

Add ImageAssessmentPolicies service collection

e2c9542

Add new arguments and operations

1739a11

Bump version -> 1.4.1

8a77a36

Added two missing action into host action.

ef43a73

Update hosts.py

40ebc61

Remove whitespace

jshcodes requested a review from crowdstrikedcs as a code owner January 30, 2024 01:00

jshcodes self-assigned this Jan 30, 2024

jshcodes added 3 commits January 29, 2024 20:07

Expand unit testing to complete code coverage

5b5ae72

Update wordlist.txt

9a18bfe

Update CHANGELOG.md

a8fd61a

jshcodes force-pushed the dev branch 4 times, most recently from 9df164b to 7d9262b Compare January 30, 2024 03:07

Skip unsupported SSL unit test on usgov1

3a049bb

jshcodes force-pushed the dev branch from 7d9262b to 3a049bb Compare January 30, 2024 03:14

jshcodes added package Pull requests that update the core package pipeline CI/CD related labels Jan 30, 2024

jshcodes requested a review from jlangdev January 30, 2024 04:36

jlangdev approved these changes Jan 31, 2024

View reviewed changes

jshcodes merged commit 44a9ac5 into main Jan 31, 2024
31 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Version 1.4.1 - New Image Assessment Policies service collection, new operations and arguments #1110

Version 1.4.1 - New Image Assessment Policies service collection, new operations and arguments #1110

jshcodes commented Jan 30, 2024

Version 1.4.1 - New Image Assessment Policies service collection, new operations and arguments #1110

Version 1.4.1 - New Image Assessment Policies service collection, new operations and arguments #1110

Conversation

jshcodes commented Jan 30, 2024

FalconPy v1.4.1

Unit test coverage

Bandit analysis

Added features and functionality

Issue resolved

Other