prelude-sdk 2.6.40__tar.gz → 2.6.42__tar.gz

{prelude_sdk-2.6.40 → prelude_sdk-2.6.42}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: prelude-sdk
-Version: 2.6.40
+Version: 2.6.42
 Summary: For interacting with the Prelude API
 Home-page: https://github.com/preludeorg
 Author: Prelude Research

{prelude_sdk-2.6.40 → prelude_sdk-2.6.42}/prelude_sdk/controllers/build_controller.py

@@ -19,9 +19,11 @@ class BuildController(HttpController):
         return res.json()
 
     @verify_credentials
-    def create_test(self, name, unit, technique=None, test_id=None):
+    def create_test(self, name, unit, schedulable=None, technique=None, test_id=None):
         """Create or update a test"""
         body = dict(name=name, unit=unit)
+        if schedulable is not None:
+            body["schedulable"] = schedulable
         if technique:
             body["technique"] = technique
         if test_id:
@@ -34,10 +36,11 @@ class BuildController(HttpController):
     def update_test(
         self,
         test_id,
+        crowdstrike_expected_outcome: EDRResponse = None,
         name=None,
-        unit=None,
+        schedulable=None,
         technique=None,
-        crowdstrike_expected_outcome: EDRResponse = None,
+        unit=None,
     ):
         """Update a test"""
         body = dict()
@@ -45,10 +48,12 @@ class BuildController(HttpController):
             body["expected"] = dict(crowdstrike=crowdstrike_expected_outcome.value)
         if name:
             body["name"] = name
-        if unit:
-            body["unit"] = unit
+        if schedulable is not None:
+            body["schedulable"] = schedulable
         if technique is not None:
             body["technique"] = technique
+        if unit:
+            body["unit"] = unit
 
         res = self.post(f"{self.account.hq}/build/tests/{test_id}", json=body)
         return res.json()
@@ -70,8 +75,8 @@ class BuildController(HttpController):
     @verify_credentials
     def upload(self, test_id, filename, data, skip_compile=False):
         """Upload a test or attachment"""
-        if len(data) > 1000000:
-            raise ValueError(f"File size must be under 1MB ({filename})")
+        if len(data) > 3145728:
+            raise ValueError(f"File size must be under 3MB ({filename})")
 
         h = self.account.headers | {"Content-Type": "application/octet-stream"}
         query_params = ""
@@ -101,18 +106,27 @@ class BuildController(HttpController):
 
     @verify_credentials
     def create_threat(
-        self, name, published, threat_id=None, source_id=None, source=None, tests=None
+        self,
+        name,
+        published,
+        schedulable=None,
+        source=None,
+        source_id=None,
+        tests=None,
+        threat_id=None,
     ):
         """Create a threat"""
         body = dict(name=name, published=published)
-        if threat_id:
-            body["id"] = threat_id
-        if source_id:
-            body["source_id"] = source_id
+        if schedulable is not None:
+            body["schedulable"] = schedulable
         if source:
             body["source"] = source
+        if source_id:
+            body["source_id"] = source_id
         if tests:
             body["tests"] = tests
+        if threat_id:
+            body["id"] = threat_id
 
         res = self.post(f"{self.account.hq}/build/threats", json=body)
         return res.json()
@@ -122,21 +136,24 @@ class BuildController(HttpController):
         self,
         threat_id,
         name=None,
-        source_id=None,
-        source=None,
         published=None,
+        schedulable=None,
+        source=None,
+        source_id=None,
         tests=None,
     ):
         """Update a threat"""
         body = dict()
         if name:
             body["name"] = name
-        if source_id is not None:
-            body["source_id"] = source_id
-        if source is not None:
-            body["source"] = source
         if published is not None:
             body["published"] = published
+        if schedulable is not None:
+            body["schedulable"] = schedulable
+        if source is not None:
+            body["source"] = source
+        if source_id is not None:
+            body["source_id"] = source_id
         if tests is not None:
             body["tests"] = tests
 

{prelude_sdk-2.6.40 → prelude_sdk-2.6.42}/prelude_sdk/models/codes.py

@@ -190,6 +190,7 @@ class Control(Enum, metaclass=MissingItem):
     CISCO_MERAKI_IDENTITY = 30
     CROWDSTRIKE_VULN = 31
     DEFENDER_VULN = 32
+    NETSKOPE = 33
 
     @classmethod
     def _missing_(cls, value):
@@ -302,6 +303,8 @@ class Control(Enum, metaclass=MissingItem):
                 return "CrowdStrike Vulnerability Management"
             case Control.DEFENDER_VULN:
                 return "Microsoft Defender Vulnerability Management"
+            case Control.NETSKOPE:
+                return "Netskope"
             case _:
                 return "Unknown Control"
 
@@ -320,6 +323,7 @@ class ControlCategory(Enum, metaclass=MissingItem):
     SIEM = 9
     PRIVATE_REPO = 10
     HARDWARE = 11
+    SASE = 12
 
     @classmethod
     def _missing_(cls, value):
@@ -343,13 +347,8 @@ class ControlCategory(Enum, metaclass=MissingItem):
                 Control.SERVICENOW,
                 Control.TENABLE_DISCOVERY,
             ],
-            ControlCategory.EMAIL: [
-                Control.GMAIL,
-                Control.M365,
-            ],
-            ControlCategory.HARDWARE: [
-                Control.INTEL_INTUNE,
-            ],
+            ControlCategory.EMAIL: [Control.GMAIL, Control.M365],
+            ControlCategory.HARDWARE: [Control.INTEL_INTUNE],
             ControlCategory.IDENTITY: [
                 Control.CISCO_MERAKI_IDENTITY,
                 Control.ENTRA,
@@ -357,14 +356,9 @@ class ControlCategory(Enum, metaclass=MissingItem):
                 Control.OKTA,
             ],
             ControlCategory.NETWORK: [Control.CISCO_MERAKI],
-            ControlCategory.PRIVATE_REPO: [
-                Control.GITHUB,
-            ],
-            ControlCategory.SIEM: [
-                Control.S3,
-                Control.SPLUNK,
-                Control.VECTR,
-            ],
+            ControlCategory.PRIVATE_REPO: [Control.GITHUB],
+            ControlCategory.SASE: [Control.NETSKOPE],
+            ControlCategory.SIEM: [Control.S3, Control.SPLUNK, Control.VECTR],
             ControlCategory.VULN_MANAGER: [
                 Control.CROWDSTRIKE_VULN,
                 Control.DEFENDER_VULN,
@@ -404,6 +398,8 @@ class ControlCategory(Enum, metaclass=MissingItem):
                 return "Private Repository"
             case ControlCategory.HARDWARE:
                 return "Client Hardware Security"
+            case ControlCategory.SASE:
+                return "Secure Access Service Edge"
             case _:
                 return "Unknown Control Category"
 
@@ -435,6 +431,7 @@ class SCMCategory(Enum, metaclass=MissingItem):
                 Control.INTEL_INTUNE,
                 Control.INTUNE,
                 Control.JAMF,
+                Control.NETSKOPE,
                 Control.QUALYS,
                 Control.QUALYS_DISCOVERY,
                 Control.RAPID7,
@@ -466,6 +463,7 @@ class SCMCategory(Enum, metaclass=MissingItem):
                 ControlCategory.ASSET_MANAGER,
                 ControlCategory.DISCOVERED_DEVICES,
                 ControlCategory.HARDWARE,
+                ControlCategory.SASE,
                 ControlCategory.VULN_MANAGER,
                 ControlCategory.XDR,
             ],
@@ -524,6 +522,8 @@ class PartnerEvents(Enum, metaclass=MissingItem):
     NO_DEVICE_COMPLIANCE_POLICY = 22
     NONCOMPLIANT = 23
     NO_ASR_POLICY = 24
+    MISSING_SASE = 25
+    OUT_OF_DATE_VERSION = 26
 
     @classmethod
     def _missing_(cls, value):
@@ -541,6 +541,7 @@ class PartnerEvents(Enum, metaclass=MissingItem):
             PartnerEvents.MISSING_ASSET_MANAGER: [ControlCategory.ASSET_MANAGER],
             PartnerEvents.MISSING_EDR: [ControlCategory.XDR],
             PartnerEvents.MISSING_MFA: [ControlCategory.IDENTITY],
+            PartnerEvents.MISSING_SASE: [ControlCategory.SASE],
             PartnerEvents.MISSING_SERVER_MANAGER: [ControlCategory.ASSET_MANAGER],
             PartnerEvents.MISSING_VULN_MANAGER: [ControlCategory.VULN_MANAGER],
             PartnerEvents.MISSING_VULN_SCAN: [ControlCategory.VULN_MANAGER],
@@ -563,6 +564,7 @@ class PartnerEvents(Enum, metaclass=MissingItem):
             PartnerEvents.NO_REGISTERED_DEVICES: [ControlCategory.IDENTITY],
             PartnerEvents.NONCOMPLIANT: [ControlCategory.ASSET_MANAGER],
             PartnerEvents.OUT_OF_DATE_FIRMWARE: [ControlCategory.NETWORK],
+            PartnerEvents.OUT_OF_DATE_VERSION: [ControlCategory.SASE],
             PartnerEvents.OUT_OF_DATE_SCAN: [ControlCategory.VULN_MANAGER],
             PartnerEvents.REDUCED_FUNCTIONALITY_MODE: [ControlCategory.XDR],
             PartnerEvents.USER_MISSING_ASSET_MANAGER: [ControlCategory.IDENTITY],
@@ -596,6 +598,8 @@ class AlertTypes(Enum, metaclass=MissingItem):
     NEW_NO_DEVICE_COMPLIANCE_POLICY_ENDPOINTS = 23
     NEW_NONCOMPLIANT_ENDPOINTS = 24
     NEW_NO_ASR_POLICY_ENDPOINTS = 25
+    NEW_MISSING_SASE_ENDPOINTS = 26
+    NEW_OUT_OF_DATE_VERSION_ENDPOINTS = 27
 
     @classmethod
     def _missing_(cls, value):
@@ -624,6 +628,7 @@ class PolicyType(Enum, metaclass=MissingItem):
     INTEL_CHIP = 19
     DISK_ENCRYPTION = 20
     ASR = 21
+    SASE_CLIENT = 22
 
     @classmethod
     def _missing_(cls, value):

{prelude_sdk-2.6.40 → prelude_sdk-2.6.42}/prelude_sdk.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: prelude-sdk
-Version: 2.6.40
+Version: 2.6.42
 Summary: For interacting with the Prelude API
 Home-page: https://github.com/preludeorg
 Author: Prelude Research

{prelude_sdk-2.6.40 → prelude_sdk-2.6.42}/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = prelude-sdk
-version = 2.6.40
+version = 2.6.42
 author = Prelude Research
 author_email = support@preludesecurity.com
 description = For interacting with the Prelude API