-
Notifications
You must be signed in to change notification settings - Fork 81
Get FalconContainerVulnerability
bk-cs edited this page Sep 3, 2024
·
10 revisions
Search for Falcon Cloud Security container image vulnerabilities
Requires 'Falcon Container Image: Read'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Id | String | CVE identifier | X | X | |||
| Filter | String | Falcon Query Language expression to limit results | |||||
| Sort | String | Property and direction to sort results |
cps_current_rating.asccps_current_rating.desccve_id.asccve_id.desccvss_score.asccvss_score.descdescription.ascdescription.descimages_impacted.ascimages_impacted.descpackages_impacted.ascpackages_impacted.descseverity.ascseverity.desc
|
||||
| Limit | Int32 | Maximum number of results per request | |||||
| Offset | Int32 | Position to begin retrieving results | |||||
| All | Switch | Repeat requests until all available results are retrieved | |||||
| Total | Switch | Display total result count instead of results |
Get-FalconContainerVulnerability [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]Get-FalconContainerVulnerability -Id <String> [-WhatIf] [-Confirm] [<CommonParameters>]GET /container-security/combined/vulnerabilities/info/v1
GET /container-security/combined/vulnerabilities/v1
ReadCombinedVulnerabilities
ReadCombinedVulnerabilitiesInfo
$Package = @(
@{
Vendor = 'Debian MySQL Maintainers <pkg-mysql-maint@lists.alioth.debian.org>'
Product = 'mariadb-server-core-10.1'
MajorVersion = '10.1.26-0+deb9u1'
SoftwareArchitecture = 'amd64'
PackageProvider = 'DPKG'
PackageSource = 'mariadb-10.1 10.126-0+deb9u1'
Status = 'install ok installed'
LayerHash = '80f9a8427b1826f014f873dc471b6a89916ff79550bcd1c94aadd78c3f5bbdc7'
LayerIndex = 1
}
)
Get-FalconContainerVulnerability -OsVersion 'Debian GNU 9' -Package $Package2024-09-03: PSFalcon v2.2.7

- Using PSFalcon
-
Commands by Permission
- Actors (Falcon Intelligence)
- Alerts
- API integrations
- App Logs
- Assets
- CAO Hunting
- Case Templates
- Cases
- Channel File Control Settings
- Cloud Security API Assets
- Configuration Assessment
- Content Update Policies
- Correlation Rules
- CSPM registration
- Custom IOA rules
- Device Content
- Device control policies
- Event streams
- Falcon Complete Dashboards
- Falcon Container Image
- Falcon Data Replicator
- Falcon FileVantage
- Falcon FileVantage Content
- Firewall management
- Flight Control
- Host groups
- Host Migration
- Hosts
- Identity Protection Entities
- Identity Protection GraphQL
- Identity Protection Policy Rules
- Incidents
- Indicators (Falcon Intelligence)
- Installation tokens
- Installation token settings
- IOA Exclusions
- IOC Manager APIs
- IOCs
- IT Automation - Policies
- IT Automation - Task Executions
- IT Automation - Tasks
- IT Automation - User Groups
- Kubernetes Protection
- Machine Learning exclusions
- MalQuery
- Malware Families (Falcon Intelligence)
- Message Center
- Mobile Enrollment
- Monitoring rules (Falcon Intelligence Recon)
- NGSIEM
- NGSIEM Dashboards
- NGSIEM Lookup Files
- NGSIEM Parsers
- NGSIEM Saved Queries
- On demand scans (ODS)
- OverWatch Dashboard
- Prevention Policies
- Quarantined Files
- QuickScan Pro
- Real time response
- Real time response (admin)
- Reports (Falcon Intelligence)
- Response policies
- Rules (Falcon Intelligence)
- Sample uploads
- Sandbox (Falcon Intelligence)
- Scheduled Reports
- Sensor Download
- Sensor update policies
- Sensor Usage
- Sensor Visibility Exclusions
- Snapshot
- Snapshot Scanner Image Download
- Tailored Intelligence
- Threatgraph
- User management
- Vulnerabilities
- Vulnerabilities (Falcon Intelligence)
- Workflow
- Zero Trust Assessment
- Other Commands
- Examples
-
CrowdStrike SDKs
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust