-
Notifications
You must be signed in to change notification settings - Fork 116
Container Packages
Joshua Hiller edited this page Jan 17, 2024
·
3 revisions
Operation ID | Description | ||||
---|---|---|---|---|---|
|
Retrieve packages count affected by zero day vulnerabilities | ||||
|
Retrieve top x app packages with the most fixable vulnerabilities | ||||
|
Retrieve top x packages with the most vulnerabilities | ||||
|
Retrieve packages identified by the provided filter criteria for the purpose of export | ||||
|
Retrieve packages identified by the provided filter criteria |
Retrieve packages count affected by zero day vulnerabilities
read_zero_day_counts
Method | Route |
---|---|
/container-security/aggregates/packages/count-by-zero-day/v1 |
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid |
from falconpy.container_packages import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_zero_day_counts(filter="string")
print(response)
from falconpy import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPackagesCountByZeroDay(filter="string")
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPackagesCountByZeroDay", filter="string")
print(response)
Retrieve top x app packages with the most fixable vulnerabilities
read_fixable_vuln_count
Method | Route |
---|---|
/container-security/combined/packages/app-by-fixable-vulnerability-count/v1 |
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count |
limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_packages import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_fixable_vuln_count(filter="string",
limit=integer,
offset=integer
)
print(response)
from falconpy import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPackagesByFixableVulnCount(filter="string",
limit=integer,
offset=integer
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPackagesByFixableVulnCount",
filter="string",
limit=integer,
offset=integer
)
print(response)
Retrieve top x packages with the most vulnerabilities
read_vuln_count
Method | Route |
---|---|
/container-security/combined/packages/by-vulnerability-count/v1 |
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count |
limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_packages import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vuln_count(filter="string",
limit=integer,
offset=integer
)
print(response)
from falconpy import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPackagesByVulnCount(filter="string",
limit=integer,
offset=integer
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPackagesByVulnCount",
filter="string",
limit=integer,
offset=integer
)
print(response)
Retrieve packages identified by the provided filter criteria for the purpose of export
read_combined_export
Method | Route |
---|---|
/container-security/combined/packages/export/v1 |
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count |
only_zero_day_affected |
|
|
query | boolean | (true/false) load zero day affected packages, default is false |
limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
offset |
|
|
query | integer | The offset from where to begin. |
sort |
|
|
query | string | The fields to sort the records on. Supported columns: [license package_name_version type] |
from falconpy.container_packages import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_combined_export(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
from falconpy import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPackagesCombinedExport(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPackagesCombinedExport",
filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
Retrieve packages identified by the provided filter criteria
read_combined
Method | Route |
---|---|
/container-security/combined/packages/v1 |
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count |
only_zero_day_affected |
|
|
query | boolean | (true/false) load zero day affected packages, default is false |
limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
offset |
|
|
query | integer | The offset from where to begin. |
sort |
|
|
query | string | The fields to sort the records on. Supported columns: [license package_name_version type] |
from falconpy.container_packages import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_combined(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
from falconpy import ContainerPackages
falcon = ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadPackagesCombined(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadPackagesCombined",
filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- Cloud Connect AWS (deprecated)
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Images
- Container Packages
- Container Vulnerabilities
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- Detects
- Device Control Policies
- Discover
- Drift Indicators
- Event Streams
- Exposure Management
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Visibility Exclusions
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust