Skip to content

Security: CrowdStrike/falconpy

SECURITY.md

CrowdStrike Falcon

CrowdStrike Subreddit

GitHub top language GitHub issues GitHub closed issues

Security Policy

This document outlines security policy and procedures for the CrowdStrike falconpy project.

Supported Python versions

FalconPy functionality is unit tested to run under the following versions of Python. Unit testing is performed with every pull request or commit to main.

Version Supported
3.12.x Yes
3.11.x Yes
3.10.x Yes
3.9.x Yes
3.8.x Yes
3.7.x Yes
3.6.x Partial
<= 3.5 No
<= 2.x.x No

Supported Operating Systems

Unit testing for FalconPy is performed using Apple macOS, Microsoft Windows and Ubuntu Linux.

Operating System Most Recent Result
macOS Unit testing (MacOS)
Ubuntu Unit testing (Ubuntu)
Unit testing (US2)
Unit testing (EU1)
Unit testing (USGOV1)
Windows Unit testing (Windows)

FalconPy has been used and should have no issues running on the following additional operating systems.

Amazon Linux CentOS Fedora RedHat Arch

Debian Kali Pop! OS SUSE openSUSE

Supported CrowdStrike regions

FalconPy is unit tested for functionality across all CrowdStrike regions.

Region Most Recent Result
US-1 Unit testing (MacOS)
Unit testing (Ubuntu)
Unit testing (Windows)
US-2 Unit testing (US2)
EU-1 Unit testing (EU1)
US-GOV-1 Unit testing (USGOV1)

Supported FalconPy versions

When discovered, we release security vulnerability patches for the most recent release at an accelerated cadence.

Reporting a potential security vulnerability

We have multiple avenues to receive security-related vulnerability reports.

Please report suspected security vulnerabilities by:

Disclosure and mitigation process

Upon receiving a security bug report, the issue will be assigned to one of the project maintainers. This person will coordinate the related fix and release process, involving the following steps:

  • Communicate with you to confirm we have received the report and provide you with a status update.
    • You should receive this message within 48 - 72 business hours.
  • Confirmation of the issue and a determination of affected versions.
  • An audit of the codebase to find any potentially similar problems.
  • Preparation of patches for all releases still under maintenance.
    • These patches will be submitted as a separate pull request and contain a version update.
    • This pull request will be flagged as a security fix.
    • Once merged, and after post-merge unit testing has been completed, the patch will be immediately published to both PyPI repositories.

Comments

If you have suggestions on how this process could be improved, please let us know by starting a new discussion.




WE STOP BREACHES

There aren’t any published security advisories