Full Credential Property Support in BaseAPI

Changelog

Bug Fixes

• Add support for full credential property loading through BaseAPI constructor

Process Details, Process Tree/Summary strings, and Bug fixes

Changelog

New Features

• Add __str__ functions for Process.Tree and Process.Summary
• Add get_details for Process
• Add set_max_rows to DeviceQuery

Bug Fixes

• Modify base class for EnrichedEventQuery to Query from cbc_sdk.base to support entire feature set for searching
• Document fixes for changelog and Workload
• Fix _spawn_new_workers to correctly find active devices for Carbon Black Cloud

Workloads and More!

Changelog

New Features

• VMware Carbon Black Cloud Workload support for managing workloads:
  • Vulnerability Assessment
  • Sensor Lifecycle Management
  • VM Workloads Search
• Add tutorial for Reputation Override

Bug Fixes

• Fix to initialization of ReputationOverride objects

Ease of use for approvals and blocks, Device Control Alerts, Bug Fixes and more!

Changelog

New Features

• Add easy way to add single approvals and blocks
• Add Device Control Alerts
• Add deployment_type support to the Device model

Bug Fixes

• Fix error when updating iocs in a Report model
• Set max_retries to None to use Connection init logic for retries

Device Control, Reputation Overrides, and more!

Changelog

New Features

• Reputation Overrides for Endpoint Standard with Enterprise EDR support coming soon
• Device Control for Endpoint Standard
• Live Query Templates/Scheduled Runs and Template History
• Add set_time_range for Alert query

Bug Fixes

• Refactored code base to reduce query inheritance complexity
• Limit Live Query results to 10k cap to prevent 400 Bad Request
• Add missing criteria for Live Query RunHistory to search on template ids
• Add missing args.orgkey to get_cb_cloud_object to prevent exception from being thrown
• Refactor add and update criteria to use CriteriaBuilderSupportMixin

Small Documentation Fixes

Changelog

Bug Fixes

• Fix readme links
• Few ReadTheDocs fixes

Official Release v1.0.0

Change log

New Features

• Enriched Event searches for Endpoint Standard
• Aggregation search added for Enriched Event Query
• Add support for fetching additional details for an Enriched Event
• Facet query support for Enriched Events, Processes, and Process Events
• Addition of Python Futures to support asynchronous calls for customers who want to leverage that feature , while continuing to also provide the simplified experience which hides the multiple calls required.
• Added translation support for MISP threat intel to cbc_sdk threat intel example

Updates

• Improved information and extra calls for Audit and Remediation (Live Query)
• Great test coverage – create extensions and submit PRs with confidence
• Process and Process Event searches updated to latest APIs and moved to platform package
• Flake8 formatting applied to all areas of the code
• Converted old docstrings to use google format docstrings
• Migrated STIX/TAXII Threat Intel module from cbapi to cbc_sdk examples

Bug Fixes

• Fixed off by one error for process event pagination
• Added support for default profile using CBCloudAPI()
• Retry limit to Process Event search to prevent infinite loop

Alpha v1

v1.0.0a

Alpha v1 Release (#52)