Container Vulnerabilities
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Aggregate count of vulnerabilities grouped by actively exploited | ||||
|
Aggregate count of vulnerabilities grouped by csp_rating | ||||
|
Aggregate count of vulnerabilities grouped by cvss score | ||||
|
Aggregate count of vulnerabilities grouped by severity | ||||
|
Aggregate count of vulnerabilities | ||||
|
Retrieve top x vulnerabilities with the most impacted images | ||||
|
Retrieve top x vulnerabilities with the most recent publication date | ||||
|
Retrieve vulnerability details related to an image | ||||
|
Retrieve vulnerability and package related info for this customer | ||||
|
Retrieve vulnerability and aggregate data filtered by the provided FQL | ||||
Aggregate count of vulnerabilities grouped by actively exploited
read_vulnerability_counts_by_active_exploited
| Method | Route |
|---|---|
 |
/container-security/aggregates/vulnerabilities/count-by-actively-exploited/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
 |
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerability_counts_by_active_exploited(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilityCountByActivelyExploited(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilityCountByActivelyExploited",
filter="string",
limit=integer,
offset=integer
)
print(response)Aggregate count of vulnerabilities grouped by csp_rating
read_vulnerability_counts_by_cps_rating
| Method | Route |
|---|---|
|
/container-security/aggregates/vulnerabilities/count-by-cps-rating/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerability_counts_by_cps_rating(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilityCountByCPSRating(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilityCountByCPSRating",
filter="string",
limit=integer,
offset=integer
)
print(response)Aggregate count of vulnerabilities grouped by cvss score
read_vulnerability_counts_by_cvss_score
| Method | Route |
|---|---|
|
/container-security/aggregates/vulnerabilities/count-by-cvss-score/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerability_counts_by_cvss_score(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilityCountByCVSSScore(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilityCountByCVSSScore",
filter="string",
limit=integer,
offset=integer
)
print(response)Aggregate count of vulnerabilities grouped by severity
read_vulnerability_counts_by_severity
| Method | Route |
|---|---|
|
/container-security/aggregates/vulnerabilities/count-by-severity/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerability_counts_by_severity(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilityCountBySeverity(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilityCountBySeverity",
filter="string",
limit=integer,
offset=integer
)
print(response)Aggregate count of vulnerabilities
read_vulnerability_count
| Method | Route |
|---|---|
|
/container-security/aggregates/vulnerabilities/count/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerability_count(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilityCount(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilityCount",
filter="string",
limit=integer,
offset=integer
)
print(response)Retrieve top x vulnerabilities with the most impacted images
read_vulnerabilities_by_count
| Method | Route |
|---|---|
|
/container-security/combined/vulnerabilities/by-image-count/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: cid,cve_id,registry,repository,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerabilities_by_count(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilitiesByImageCount(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilitiesByImageCount",
filter="string",
limit=integer,
offset=integer
)
print(response)Retrieve top x vulnerabilities with the most recent publication date
read_vulnerabilities_by_pub_date
| Method | Route |
|---|---|
|
/container-security/combined/vulnerabilities/by-published-date/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: cid,cve_id,registry,repository,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_vulnerabilities_by_pub_date(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadVulnerabilitiesPublicationDate(filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadVulnerabilitiesPublicationDate",
filter="string",
limit=integer,
offset=integer
)
print(response)Retrieve vulnerability details related to an image
read_combined_vulnerability_detail
| Method | Route |
|---|---|
|
/container-security/combined/vulnerabilities/details/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| id |
|
|
query | string | Image UUID |
| filter |
|
|
query | string | Filter the vulnerabilities using a query in Falcon Query Language (FQL). Supported vulnerability filters: cid,cps_rating,cve_id,cvss_score,exploited_status,exploited_status_name,is_zero_day,remediation_available,severity |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_combined_vulnerability_detail(id="string",
filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadCombinedVulnerabilitiesDetails(id="string",
filter="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadCombinedVulnerabilitiesDetails",
id="string",
filter="string",
limit=integer,
offset=integer
)
print(response)Retrieve vulnerability and package related info for this customer
read_combined_vulnerabilities_info
| Method | Route |
|---|---|
|
/container-security/combined/vulnerabilities/info/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| cve_id |
|
|
query | string | Vulnerability CVE ID |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_combined_vulnerabilities_info(cve_id="string",
limit=integer,
offset=integer
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadCombinedVulnerabilitiesInfo(cve_id="string",
limit=integer,
offset=integer
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadCombinedVulnerabilitiesInfo",
cve_id="string",
limit=integer,
offset=integer
)
print(response)Retrieve vulnerability and aggregate data filtered by the provided FQL
read_combined_vulnerabilities
| Method | Route |
|---|---|
|
/container-security/combined/vulnerabilities/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | Filter vulnerabilities using a query in Falcon Query Language (FQL). Supported filters: base_os,cid,container_id,container_running_status,containers_impacted_range,cps_rating,cve_id,cvss_score,description,exploited_status,exploited_status_name,fix_status,image_digest,image_id,images_impacted_range,package_name_version,registry,repository,severity,tag |
| limit |
|
|
query | integer | The upper-bound on the number of records to retrieve. |
| offset |
|
|
query | integer | The offset from where to begin. |
| sort |
|
|
query | string | The fields to sort the records on. Supported columns: [cps_current_rating cve_id cvss_score description images_impacted packages_impacted severity] |
from falconpy.container_vulnerabilities import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.read_combined_vulnerabilities(filter="string",
limit=integer,
offset=integer,
sort="string"
)
print(response)from falconpy import ContainerVulnerabilities
falcon = ContainerVulnerabilities(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ReadCombinedVulnerabilities(filter="string",
limit=integer,
offset=integer,
sort="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ReadCombinedVulnerabilities",
filter="string",
limit=integer,
offset=integer,
sort="string"
)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- CAO Hunting
- Certificate Based Exclusions
- Cloud AWS Registration
- Cloud Azure Registration
- Cloud OCI Registration
- Cloud Connect AWS (deprecated)
- Cloud Security Assets
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Image Compliance
- Container Images
- Container Packages
- Container Vulnerabilities
- Content Update Policies
- Correlation Rules
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner (deprecated)
- Delivery Settings
- Deployments
- Detects
- Device Content
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- FaaS Execution
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- Intelligence Feeds
- Intelligence Indicator Graph
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- NGSIEM
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Serverless Vulnerabilities
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
