Crowdstrike-falconpy

Added features and functionality
+ Added: 1 new operation added (`highVolumeQueryChanges`) from the _FileVantage_ service collection.
- `_endpoint/_filevantage.py`
- `filevantage.py`
> Unit testing expanded to complete code coverage.
- `tests/test_filevantage.py`
+ Added: Warn when providing API arguments that are unnecessarily URLEncoded. Closes 850.
- `_error/__init__.py`
- `_error/_warnings.py`
- `_util/_functions.py`
- `_util/_uber.py`
- `__init__.py`
- Thanks go out to aboese for suggesting this enhancement. 🙇
+ Added: `add_comment` keyword added to the _PerformIncidentAction_ operation within the _**Incidents**_ Service Class. Closes 1003.
- `_payload/_incidents.py`
- `incidents.py`
> Unit testing expanded to complete code coverage.
- `tests/test_incidents.py`
- Thanks go out to morcef for suggesting this enhancement. 🙇
+ Added: `add-rule-group` and `remove-rule-group` options added to _performFirewallPoliciesAction_ operation in the __Firewall Policies__ service collection.
- `_endpoint/_firewall_policies.py`
- `firewall_policies.py`
+ Added: Sort by `alert_ids` option added to _QueryBehaviors_ operation in the __Incidents_ service collection.
- `_endpoint/_incidents.py`
+ Added: _AggregateAlerts_ and _QueryAlertIdsByFilter_ operations added to the __Falcon Complete Dashboard__ service collection.
- `_endpoint/_falcon_complete_dashboard.py`
- `falcon_complete_dashboard.py`
> Unit testing expanded to complete code coverage.
- `tests/test_falcon_complete_dashboard.py`
+ Added: _GetCombinedImages_ operation added to the __Falcon Container__ service collection.
- `_endpoint/_falcon_container.py`
- `falcon_container.py`
> Unit testing expanded to complete code coverage.
- `test_falcon_container.py`
+ Added: `ids` keyword argument added to _GetIntelReportPDF_ and _QueryMitreAttacks_ operations. `if_none_match` and `if_modified_since` keyword arguments added to _GetLatestIntelRuleFile_ operation. __Intel__ service collection.
- `_endpoint/_intel.py`
- `intel.py`
> Unit testing expanded to complete code coverage.
- `test_intel.py`
+ Added: Override functionality - All service classes are now able to call manually specified operation endpoints via the `override` method. This method mirrors functionality provided by the `override` keyword within the Uber Class.
- `_service_class.py`
+ Added: 23 new operations added to the __FileVantage__ service collection.
* updatePolicyHostGroups
* updatePolicyPrecedence
* updatePolicyRuleGroups
* getPolicies
* createPolicies
* deletePolicies
* updatePolicies
* getScheduledExclusions
* createScheduledExclusions
* deleteScheduledExclusions
* updateScheduledExclusions
* updateRuleGroupPrecedence
* getRules
* createRules
* deleteRules
* updateRules
* getRuleGroups
* createRuleGroups
* deleteRuleGroups
* updateRuleGroups
* highVolumeQueryChanges
* queryRuleGroups
* queryScheduledExclusions
* queryPolicies
- `_endpoint/_filevantage.py`
- `filevantage.py`
> 4 new payload handlers were implemented.
- `_payload/__init__.py`
- `_payload/_filevantage.py`
> Unit testing expanded to complete code coverage.
- `tests/test_filevantage.py`
+ Added: A new service collection, __Cloud Snapshots__ was implemented with three new operations (_GetCredentialsMixin0_, _CreateInventory_, and _RegisterCspmSnapshotAccount_).
- `_endpoint/__init__.py`
- `_endpoint/_cloud_snapshots.py`
- `__init__.py`
- `cloud_snapshots.py`
> Two new payload handlers were implemented.
- `_payload/__init__.py`
- `_payload/_cloud_snapshots.py`
> Unit testing expanded to complete code coverage.
- `tests/test_cloud_snapshot.py`
+ Added: 3 new operations added to the __Identity Protection__ service collection (_GetSensorAggregates_, _GetSensorDetails_, and _QuerySensorsByFilter_).
- `_endpoint/_identity_protection.py`
- `identity_protection.py`
> Unit testing expanded to complete code coverage.
- `tests/test_identity_protection.py`

Issues resolved
+ Fixed: API errors generated by the Uber Class do not stop execution when in pythonic mode.
- `api_complete.py`
+ Fixed: Result object failure on JSON formatted list response from _report_executions_download_get_ operation within the __Report Executions__ service collection. Closes 1033.
- `_result/result.py`

Other
+ Deprecated: _deleteCIDGroupMembersV1_ is now deprecated. Calls to _deleteCIDGroupMembers_ are now redirected to _deleteCIDGroupMembersV2_. __MSSP__ service collection.
- `_endpoint/_mssp.py`
- `mssp.py`
> Unit testing expanded to complete code coverage.
- `test_mssp.py`

---

> Developer Enhancements Release 🎉
Added features and functionality
+ Added: **Developer Extensibility features** - Enhanced existing programmatic architecture with new objects and submodules to address technical debt and provide developers with the necessary structures to easily extend core library functionality.
+ **_APIHarness_** - Derivative and an interface class commonly referred to as the _Uber Class_, APIHarness has been refactored to inherit common functionality provided by the **_FalconInterface_** class, remove technical debt, add typing, and expand available operations and extensibility features.
+ `api_complete.py`
+ **_APIRequest_** - Simple interface class comprised of multiple data classes that is leveraged for managing the components of a request sent to the CrowdStrike API. This is a new object.
+ `_api_request/__init__.py`
+ `_api_request/_request.py`
+ `_api_request/_request_behavior.py`
+ `_api_request/_request_connection.py`
+ `_api_request/_request_meta.py`
+ `_api_request/_request_payloads.py`
+ `_api_request/_request_validator.py`
+ **_Constant submodule_** - Stores global constants used throughout the library. This is a new module implemented to store new and pre-existing constants.
+ `_constant/__init__.py`
+ **_Enum submodule_** - Stores enumerators available within the library. This is a new module implemented to store pre-existing enumerators.
+ `_enum/__init__.py`
+ `_enum/_base_url.py`
+ `_enum/_container_base_url.py`
+ `_enum/_token_fail_reason.py`
+ **_Error submodule_** - Provides python native errors and warnings. This is a new module.
+ `_error/__init__.py`
+ `_error/_exceptions.py`
+ `_error/_warnings.py`
+ **_FalconInterface_** - Interface class that handles authentication and state management, also referred to as the authentication object or the `auth_object`. Refactored to address technical debt and add new functionality.
+ `_auth_object/__init__.py`
+ `_auth_object/_base_falcon_auth.py`
+ `_auth_object/_bearer_token.py`
+ `_auth_object/_falcon_interface.py`
+ `_auth_object/_interface_config.py`
+ `_auth_object/_uber_interface.py`
+ **_Log submodule_** - Provides debug logging functionality. This is a new module.
+ `_log/__init__.py`
+ `_log/_facility.py`
+ **_Result_** - Complex interface class that is leveraged to parse and return results received from the CrowdStrike API. This class has been refactored to address technical debt and provide new developer functionality and extensibility. Default behavior for requests received from the CrowdStrike API remains unchanged (results are returned as a Python dictionary). Expanded functionality provides developers the ability to handle received responses as python structures, allowing for easy iteration and processing without having to handle a dictionary.
+ `_result/__init__.py`
+ `_result/_base_resource.py`
+ `_result/_base_dictionary.py`
+ `_result/_errors.py`
+ `_result/_expanded_result.py`
+ `_result/_headers.py`
+ `_result/_meta.py`
+ `_result/_resources.py`
+ `_result/_response_component.py`
+ `_result/_result.py`
+ **_ServiceClass_** - Interface class leveraged by Service Classes to provide common functionality. This class has also been refactored to expand on functionality provided by the **_FalconInterface_** class, remove technical debt, add typing and expand extensibility features.
+ `_service_class/_init__.py`
+ `_service_class/_base_service_class.py`
+ `_service_class/_service_class.py`
+ **_Util submodule_** - Functions and utilities library containing both private and public methods. This is a new module implemented to store new and pre-existing functions.
+ `_util/__init__.py`
+ `_util/_auth.py`
+ `_util/_functions.py`
+ `_util/_uber.py`
+ Added: **Debug logging** - Native debug logging can now be activated per class upon construction. Logs are sanitized by default.
python
import logging
from falconpy import Hosts

logging.basicConfig(level=logging.DEBUG)
hosts = Hosts(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, debug=True)
result = hosts.query_devices_by_filter_scroll()

Log sanitization can also be disabled when instantiating the class.
python
hosts = Hosts(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, debug=True, sanitize_log=False)

Local unit testing has been expanded to take advantage of this functionality. To activate, set the environment variable `FALCONPY_UNIT_TEST_DEBUG` to __`DEBUG`__.
+ `_log/__init__.py`
+ `_log/_facility.py`
+ Added: **Environment Authentication** - New authentication mechanism that retrieves CrowdStrike API credentials that are pre-defined as variables within the runtime environment. These environment variables must be named `FALCON_CLIENT_ID` and `FALCON_CLIENT_SECRET` and both must be present in order for this mechanism to be used. Environment Authentication is the last mechanism attempted, meaning all other authentication mechanisms will take precedence.
python
from falconpy import Hosts

hosts = Hosts()
result = hosts.query_devices_by_filter_scroll()

+ `_auth_object/_falcon_interface.py`
+ Added: **Pythonic response handling** - Allows for the handling of responses received from the CrowdStrike API as pythonic structures as opposed to dictionaries.
python
from falconpy import Hosts

hosts = Hosts(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, pythonic=True)
host_list = hosts.query_devices_by_filter_scroll()
for device in host_list:
print(device)

+ `_result/__init__.py`
+ `_result/_base_resource.py`
+ `_result/_base_dictionary.py`
+ `_result/_errors.py`
+ `_result/_expanded_result.py`
+ `_result/_headers.py`
+ `_result/_meta.py`
+ `_result/_resources.py`
+ `_result/_response_component.py`
+ `_result/_result.py`
+ Added: **Pythonic errors and warnings** - Leverages native Python exceptions to implement error and warning handling.
python
from falconpy import Hosts, APIError

hosts = Hosts(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, pythonic=True)
try:
device_detail = hosts.get_device_details("not-a-real-id")
except APIError as not_found:
print(not_found)

+ `_error/__init__.py`
+ `_error/_exceptions.py`
+ `_error/_warnings.py`
+ Added: **Typing** - Type hints have been added throughout the library. This is an ongoing initiative.

Issues resolved
+ Fixed: Unusual responses from operations within the Falcon Container service collection.
+ `_result/_result.py`
+ `_util/_functions.py`
+ Fixed: Uber Class functionality using operations within the OAuth2 service collection. Closes 835.
+ `api_complete.py`
+ `_auth_object/_falcon_interface.py`
+ `_auth_object/_uber_interface.py`
+ Fixed: Inbound strings provided to the `creds` and `proxy` keywords are not automatically converted to dictionaries. Closes 909.
+ `_auth_object/_falcon_interface.py`
+ Fixed: Fixed missing facet keyword in follow request for vulnerabilities - Grab CVEs for CID sample. Closes 1004.
+ `samples/spotlight/spotlight_grab_cves_for_cid.py`
+ Fixed: IDs are not being migrated to the body payload when calling the `PostEntitiesAlertsV1` operation. Closes 1016.
+ `_constant/__init__.py`
+ Thanks to tsullivan06 for identifying this issue! 🙇

Other
+ Expanded: Unit testing expanded to complete code coverage.
+ Updated: Added column prune keyword to Grab CVEs by CID sample. Closes 1005.
+ `samples/spotlight/spotlight_grab_cves_for_cid.py`
+ __PLEASE NOTE__: Python 3.6 support will be discontinued in __January 2024__.

---

Added features and functionality
+ Added: New keywords were added to 1 operations within the __Alerts__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `PostAggregatesAlertsV1` operation.
- `_payload/_generic.py`
- `alerts.py`
+ Added: New keywords were added to 6 operations within the __CompleteDashboard__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateBlockList` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateDetections` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateDeviceCountCollection` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateEscalations` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateFCIncidents` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateRemediations` operation.
- `falcon_complete_dashboard.py`
+ Added: 3 new operations added to the __CSPMRegistration__ Service Class, `GetConfigurationDetectionEntities`, `GetConfigurationDetectionIDsV2`, and `GetCSPMPoliciesDetails`.
- `_endpoint/_cspm_registration.py`
- `_payload/_cspm_registration.py`
- `cspm_registration.py`
> Unit testing expanded to complete code coverage.
- `tests/test_cspm_registration.py`
+ Added: New keywords were added to 11 operations within the __CSPMRegistration__ Service Class.
* _iam_role_arns_ and _migrated_ were added to the `GetCSPMAwsAccount` operation.
* _account_type_, _behavior_assessment_enabled_, _iam_role_arn_, _is_master_, _sensor_management_enabled_ and _use_existing_cloudtrail_ were added to the `CreateCSPMAwsAccount` operation.
* _behavior_assessment_enabled_, _iam_role_arn_, _remediation_region_, _remediation_tou_accepted_ and _sensor_management_enabled_ were added to the `UpdateCSPMAwsAccount` operation.
* _ids_, _use_existing_cloudtrail_, and _region_ were added to the `GetCSPMAwsConsoleSetupURLs` operation.
* _ids_ was added to the `GetCSPMAwsAccountScriptsAttachment` operation.
* _tenant_ids_ was added to the `GetCSPMAzureAccount` operation.
* _account_type_, _client_id_, _default_subscription_, _tenant_id_ and _years_valid_ were added to the `CreateCSPMAzureAccount` operation.
* _retain_tenant_ and _tenant_ids_ were added to the `DeleteCSPMAzureAccount` operation.
* _years_valid_ was added to the `AzureDownloadCertificate` operation.
* _account_type_, _subscription_ids_, and _template_ were added to the `GetCSPMAzureUserScriptsAttachment` operation.
* _resource_id_ and _resource_uuid_ were added to the `GetBehaviorDetections` operation.
- `_endpoint/_cspm_registration.py`
- `cspm_registration.py`
+ Added: 1 new operation added to the __D4CRegistration__ Service Class, `GetDiscoverCloudAzureTenantIDs`.
- `_endpoint/_d4c_registration.py`
- `d4c_registration.py`
> Unit testing expanded to complete code coverage.
- `tests/test_d4c_registration.py`
+ Added: New keywords were added to 11 operations within the __D4CRegistration__ Service Class.
* _iam_role_arn_ was added to the `CreateD4CAwsAccount` operation.
* _limit_, _offset_, _status_ and _tenant_ids_ were added to the `GetCSPMAzureAccount` operation.
* _account_type_, _client_id_, _default_subscription_ and _years_valid_ were added to the `CreateCSPMAzureAccount` operation.
* _object_id_ and _tenant_id_ were added to the `UpdateCSPMAzureAccountClientID` operation.
* _subscription_ids_, _tenant_id_ and _template_ were added to the `GetCSPMAzureUserScriptsAttachment` operation.
* _limit_, _offset_, _parent_type_, _sort_ and _status_ were added to the `GetCSPMCGPAccount` operation.
* _years_valid_ was added to the `DiscoverCloudAzureDownloadCertificate` operation.
* _parent_type_ was added to the `GetCSPMGCPUserScripts` operation.
* _parent_type_ was added to the `CreateD4CGCPAccount` operation.
- `_endpoint/_d4c_registration.py`
- `_payload/_d4c_registration.py`
- `d4c_registration.py`
+ Added: New keywords were added to 2 operations within the __Detects__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `GetAggregateDetects` operation.
* _new_behaviors_processed_ was added to the `UpdateDetectsByIdsV2` operation.
- `_payload/_detects.py`
- `detects.py`
+ Added: _add-rule-group_ and _remove-rule-group_ added as possible values for the __*action_name*__ keyword within the `performDeviceControlPoliciesAction` operation in the __DeviceControlPolicies__ Service Class.
- `_endpoint/_device_control_policy.py`
- `device_control_policy.py`
+ Added: 3 new operations added to the __FalconXSandbox__ Service Class, `GetMemoryDumpExtractedStrings`, `GetMemoryDumpHexDump`, and `GetMemoryDump`.
- `_endpoint/_falconx_sandbox.py`
- `falconx_sandbox.py`
> Unit testing expanded to complete code coverage.
- `tests/test_falconx_sandbox.py`
+ Added: New __FDR__ Service Class with 5 new operations, `fdrschema_combined_event_get`, `fdrschema_entities_event_get`, `fdrschema_entities_field_get`, `fdrschema_queries_event_get`, and `fdrschema_queries_field_get`.
- `_endpoint/_fdr.py`
- `_endpoint/__init__.py`
- `_endpoint/deprecated/_fdr.py`
- `_endpoint/deprecated/__init__.py`
- `fdr.py`
> Unit testing expanded to complete code coverage.
- `tests/test_fdr.py`
+ Added: New keyword was added to 1 operation within the __FalconContainer__ Service Class.
* _applicationPackages_ was added to the `ReadImageVulnerabilities` operation.
- `_payload/_container.py`
- `falcon_container.py`
+ Added: New keywords were added to 9 operations within the __FirewallManagement__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_events` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_policy_rules` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_rule_groups` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_rules` operation.
* _created_by_ and _created_on_ were added to the `upsert_network_locations` operation.
* _created_by_ and _created_on_ were added to the `update_network_locations` operation.
* _local_logging_ was added to the `update_policy_container_v1` operation.
* _platform_ was added to the `create_rule_group` operation.
> _platform_ids_ was removed from the `create_rule_group` operation
* _fqdn_ and `fqdn_enabled` were added to the `create_rule_group_validation` operation.
- `_payload/_firewall.py`
- `firewall_management.py`
+ Added: New keyword was added to 1 operation within the __FlightControl__ Service Class.
* _filter_ was added to the `queryChildren` operation.
- `_endpoint/_mssp.py`
- `mssp.py`
+ Added: New keyword was added to 1 operation within the __Hosts__ Service Class.
* _disable_hostname_check_ was added to the `entities_perform_action` operation.
- `_endpoint/_hosts.py`
- `hosts.py`
+ Added: New keywords were added to 1 operation within the __Incidents__ Service Class.
* _overwrite_detects_ and _update_detects_ were added to the `PerformIncidentAction` operation.
- `_endpoint/_incidents.py`
- `incidents.py`
+ Added: New keywords were added to 3 operations within the __IOC__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `indicator_aggregate_v1` operation.
* _from_parent_ was added to the `GetIndicatorsReport` operation.
* _from_parent_ was added to the `indicator_search_v1` operation.
* _from_parent_ was added to the `indicator_update_v1` operation.
- `_endpoint/_ioc.py`
- `_payload/_ioc.py`
- `ioc.py`
+ Added: New keywords were added to 3 operations within the __KubernetesProtection__ Service Class.
* _is_horizon_acct_ was added to the `GetAWSAccountsMixin0` operation.
* _is_self_managed_cluster_ was added to the `GetHelmValuesYaml` operation.
* _status_ was added to the `GetClusters` operation.
- `_endpoint/_kubernetes_protection.py`
- `kubernetes_protection.py`
+ Added: 1 new operation added to the __ODS__ Service Class, `aggregate_query_scan_host_metadata`.
- `_endpoint/_ods.py`
- `_endpoint/deprecated/_ods.py`
- `ods.py`
> Unit testing expanded to complete code coverage.
- `tests/test_ods.py`
+ Added: New keywords were added to 3 operations within the __ODS__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_scans` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `aggregate_scheduled_scans` operation.
* _scan_inclusions_ was added to the `schedule_scan` operation.
- `_payload/_ods.py`
- `ods.py`
+ Added: New keyword was added to 1 operation within the __OAuth2__ Service Class.
* _client_id_ was added to the `revoke` operation.
- `_endpoint/_oauth2.py`
- `oauth2.py`
+ Added: New keywords were added to 2 operations within the __OverwatchDashboard__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregatesEventsCollections` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregatesEvents` operation.
- `overwatch_dashboard.py`
+ Added: New keyword was added to 1 operation within the __Quarantine__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `GetAggregateFiles` operation.
- `quarantine.py`
+ Added: New keyword was added to 1 operation within the __RealTimeResponse__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `RTR_AggregateSessions` operation.
- `real_time_response.py`
+ Added: New keywords were added to 7 operations within the __Recon__ Service Class.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateNotificationsExposedDataRecordsV1` operation.
* _exclude_, _from_, _include_ and _max_doc_count_ were added to the `AggregateNotificationsV1` operation.
* _content_format_ and _trigger_matchless_ were added to the `CreateActionsV1` operation.
* _content_format_ and _trigger_matchless_ were added to the `UpdateActionsV1` operation.
* _breach_monitoring_enabled_ and _substring_matching_enabled_ were added to the `CreateRulesV1` operation.
* _breach_monitoring_enabled_ and _substring_matching_enabled_ were added to the `UpdateRulesV1` operation.
* _notificationsDeletionRequested_ was added to the `DeleteRulesV1` operation.
- `_endpoint/_recon.py`
- `_payload/_recon.py`
- `recon.py`
+ Added: New keywords were added to 3 operations within the __SensorUpdatePolicy__ Service Class.
* _scheduler_, _show_early_adopter_builds_ and _variants_ were added to the `createSensorUpdatePoliciesV2` operation.
* _scheduler_, _show_early_adopter_builds_ and _variants_ were added to the `updateSensorUpdatePoliciesV2` operation.
* _stage_ was added to the `queryCombinedSensorUpdateBuilds` operation.
- `_endpoint/_sensor_update_policy.py`
- `sensor_update_policy.py`
+ Added: _add-rule-group_ and _remove-rule-group_ added as possible values for the __*action_name*__ keyword within the `performSensorUpdatePoliciesAction` operation in the __SensorUpdatePolicy__ Service Class.
- `_endpoint/_sensor_update_policies.py`
- `sensor_update_policies.py`
+ Added: New keyword was added to 1 operation within the __UserManagement__ Service Class.
* _action_ was added to the `queryiesRolesV1` operation.
- `_endpoint/_user_management.py`
- `user_management.py`
+ Added: 1 new operation added to the __ZeroTrustAssessment__ Service Class, `getCombinedAssessmentsQuery`.
- `_endpoint/_zero_trust_assessment.py`
- `zero_trust_assessment.py`
> Unit testing expanded to complete code coverage.
- `tests/test_zero_trust_assessment.py`

Other
+ Expanded: Additional parameters were added to the settings dictionary/keyword within the `createDeviceControlPolicies` and `updateDeviceControlPolicies` operations.
- `_payload/_device_control_policies.py`
- `device_control_policies.py`
+ Renamed: 1 keyword was renamed within the __FalconContainer__ Service Class.
* _credentials_ was renamed to _credential_ within the `CreateRegistryEntities` operation.
- `_payload/_container.py`
- `falcon_container.py`
+ Reduced: Limit maximum for `queryCombinedSensorUpdateKernels` operation within the __SensorUpdatePolicy__ Service Class was changed from __*5000*__ to __500__.
- `_endpoint/_sensor_update_policies.py`
+ Reduced: Limit maximum for `querySensorUpdateKernelsDistinct` operation within the __SensorUpdatePolicy__ Service Class was changed from __*5000*__ to __500__.
- `_endpoint/_sensor_update_policies.py`
+ Increased: Limit maximum for `QueryAWSAccounts` operation within the __CloudConnectAWS__ Service Class was changed from __*500*__ to __1000__.
- `_endpoint/_cloud_connect_aws.py`
+ Increased: Limit maximum for `QueryAWSAccountsForIDs` operation within the __CloudConnectAWS__ Service Class was changed from __*500*__ to __1000__.
- `_endpoint/_cloud_connect_aws.py`
+ Renamed: 8 operations renamed within the __D4CRegistration__ Service Class. Legacy operation IDs were deprecated, with aliases created to avoid introducing breaking changes.
* _GetCSPMAzureAccount_ is now `GetDiscoverCloudAzureAccount`.
* _CreateCSPMAzureAccount_ is now `CreateDiscoverCloudAzureAccount`.
* _UpdateCSPMAzureAccountClientID_ is now `UpdateDiscoverCloudAzureAccountClientID`.
* _GetCSPMAzureUserScriptsAttachment_ is now `GetDiscoverCloudAzureUserScriptsAttachment`.
* _GetCSPMAzureUserScripts_ is now `GetDiscoverCloudAzureUserScripts`.
* _GetCSPMCGPAccount_ is now `GetD4CCGPAccount`.
* _CreateCSPMGCPAccount_ is now `CreateD4CGCPAccount`.
* _GetCSPMGCPUserScripts_ is now `GetD4CGCPUserScripts`.
- `_endpoint/_d4c_registration.py`
- `_endpoint/__init__.py`
- `_endpoint/deprecated/_d4c_registration.py`
- `_endpoint/deprecated/__init__.py`
- `d4c_registration.py`
+ Renamed: 1 operation renamed within the __ZeroTrustAssessment__ Service Class. Legacy operation ID was deprecated, with an alias created to avoid introducing a breaking change.
* _getComplianceV1_ is now `getAuditV1`.
- `_endpoint/_zero_trust_assessment.py`
- `_endpoint/__init__.py`
- `_endpoint/deprecated/_zero_trust_assessment.py`
- `_endpoint/deprecated/__init__.py`
- `zero_trust_assessment.py`

---

Added features and functionality
+ Added: 1 new operation added to the __ZeroTrustAssessment__ Service Class, `getAssessmentsByScoreV1`.
- `_endpoint/_zero_trust_assessment.py`
- `zero_trust_assessment.py`
> Unit testing expanded to complete code coverage.
- `tests/test_zero_trust_assessment.py`

Issues resolved
+ Fixed: JSONDecoder error when running within an environment leveraging the `simplejson` 3rd party library versus the standard `json` library.
- `_util.py`
> Thanks to khyberspache for identifying and resolving this issue! 🙇

---

Added features and functionality
+ Updated: Added `image_id` and `digest` options to the `GetImageAssessmentReport` operation (__FalconContainer__ Service Class).
- `_endpoint/_falcon_container.py`
- `falcon_container.py`

+ Added: 5 new operations added to the __FalconContainer__ Service Class, `ReadRegistryEntitiesByUUID`, `CreateRegistryEntities`, `DeleteRegistryEntities`, `UpdateRegistryEntities`, `ReadRegistryEntities`.
- `_endpoint/_falcon_container.py`
- `falcon_container.py`
> Adds one new payload handler.
- `_payload/_container.py`
> Unit testing expanded to complete code coverage.
- `tests/test_falcon_container.py`

---

Added features and functionality
+ Added: 2 new operations (IoT) added to the __Discover__ Service Class, `get_iot_hosts` and `query_iot_hosts`.
- `_endpoint/_discover.py`
- `_endpoint/deprecated/_discover.py`
- `discover.py`
- `tests/test_discover.py`
+ Added: 1 new operation added to the __MessageCenter__ Service Class, `CreateCaseV2`.
- `_endpoint/_message_center.py`
- `_payload/_message_center.py`
- `message_center.py`
- `tests/test_message_center.py`

Issues resolved
+ Fixed: Docstring typo in the `GetAzureInstallScript` operation within the __KubernetesProtection__ Service Class. Closes 933.
- `kubernetes_protection.py`

---