Terminology
The following definitions are utilized for terms used throughout this repository.
| Term | Definition |
|---|---|
| Action | GitHub-powered workflow that performs specific repository operations. Example: Package deployment, Unit testing Not to be confused with the action keyword used in the Uber Class, or keys potentially found in body and parameter payloads. |
| Base URL | The base address used for API requests. Examples: US1 or https://api.crowdstrike.com FalconPy supports the following CrowdStrike Base URLs:
|
| Body Payload Abstraction | Programmatic logic used to abstract body payload parameters into keywords for use within FalconPy library methods. More detail about body payload abstraction can be found in the Payload Handling documentation. |
| Bleeding Edge | A pre-release version of FalconPy available on the test package index. |
| Class | In object-oriented programming, a class is an extensible program-code-template for creating objects, providing initial values for state (member variables) and implementations of behavior (member functions or methods). (Definition provided by Wikipedia) |
| Endpoint | A URL target used to perform a specific API operation. |
| Endpoint Module | The sub-module within FalconPy that contains definitions for every endpoint within the CrowdStrike API. |
| FalconDebug | A helper-class within FalconPy that facilitates payload and module debugging. |
| FQL / FQL syntax |
Falcon Query Language - The syntax used to provide filters and sort specifications to API requests. More information about FQL can be found here. |
| HTTP Method | HTTP operation to perform against an endpoint. (GET, POST, PATCH, PUT, DELETE, UPDATE) The combination of Endpoint and HTTP Method define a specific API operation. |
| IDP | Shorthand abbreviation for Identity Protection. |
| IOA | Shorthand abbreviation for Indicator of Attack. |
| IOC | Shorthand abbreviation for Indicator of Compromise. |
| Instance |
Context: Instance of XYZ Service Class A single object, constructed or instantiated using a specific class definition. |
| Issue | A question, bug or enhancement request for the FalconPy library. User submitted issues that do not result in a bug finding or enhancement request are converted into discussions and posted to the q & a section of our discussion board. We want to hear from you! Please let us know of any issues you encounter. |
| Method | A function defined within a library class or module that executes a discrete sequence of steps. Typically this is in reference to a method that performs a specific API operation. Examples: query_detects, query_devices_by_filter |
| ML | Shorthand abbreviation for Machine Learning. |
| Operation | Performing a request against a specific endpoint within the CrowdStrike API using one of the allowed HTTP methods to accomplish a specific task. More detail regarding Operations can be found here. |
| Operation ID | Unique string used to identify an operation from among all available operations within all CrowdStrike API service collections. More detail regarding Operation IDs can be found here. |
| Operation ID syntax | FalconPy-specific term for using Operation IDs as the method names within Service Classes for calls that interact with the CrowdStrike API. |
| Package | Generic reference to the installation bundle for the FalconPy library. |
| Package Index | Generic reference to PyPI, the Python Package Index. |
| Parameter Abstraction | Programmatic logic used to abstract query string payload parameters into keywords for use within FalconPy library methods. More detail about parameter abstraction can be found in the Payload Handling documentation. |
| Payload | In computing and telecommunications, the payload is the part of transmitted data that is the actual intended message. Headers and metadata are sent only to enable payload delivery. (Definition provided by Wikipedia) More detail regarding payload types and how they are handled can be found here. |
| Payload Module | The sub-module within FalconPy that contains helpers for creating and managing body payloads used for API requests. |
| PEP 8 |
Python Enhancement Proposal #8 A commonly referenced Python enhancement proposal that is used as the programmatic style guide for code implemented within this library. More details about PEP 8 can be found here. |
| PEP 257 |
Python Enhancement Proposal #257 A commonly referenced Python enhancement proposal that governs the semantics and conventions associated with Python docstrings used within this library. More details about PEP 257 can be found here. |
| PR | Shorthand abbreviation for Pull Request. |
| Release | A formally distributed version of FalconPy, available on the production package index. |
| RTR | Shorthand abbreviation for Real Time Response. |
| Service Class | A FalconPy class that represents a single CrowdStrike API service collection, with methods defined for every operation within that service collection. More detail regarding basic Service Class usage can be found here. |
| Service Collection | Collection of API endpoints that comprise a specific CrowdStrike offering. Examples: Detects, Hosts, Real Time Response |
| Swagger | Swagger is a set of open-source tools built around the OpenAPI Specification that can help you design, build, document and consume REST APIs. More detail regarding Swagger / OpenAPI Specification can be found here. |
| Uber Class | A standalone FalconPy class that provides a singular harness to every operation within every service collection of the CrowdStrike API. More detail regarding basic Uber Class usage can be found here. |
| Unit test | A single test performed using the FalconPy library to confirm library functionality. One unit test may be compromised of multiple API operations. |
| Unit testing / Unit test series | A series of unit tests performed using the FalconPy library to confirm functionality. Typically performed after a push or merge to the repository. |
| ZTA | Shorthand abbreviation for Zero Trust Assessment. |
Is there a term referenced within this repository that you feel needs a definition? Let us know by posting to our discussion board!
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- CAO Hunting
- Certificate Based Exclusions
- Cloud AWS Registration
- Cloud Azure Registration
- Cloud OCI Registration
- Cloud Connect AWS (deprecated)
- Cloud Security Assets
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Image Compliance
- Container Images
- Container Packages
- Container Vulnerabilities
- Content Update Policies
- Correlation Rules
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner (deprecated)
- Delivery Settings
- Deployments
- Detects
- Device Content
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- FaaS Execution
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- Intelligence Feeds
- Intelligence Indicator Graph
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- NGSIEM
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Serverless Vulnerabilities
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
