Skip to content

Serverless Vulnerabilities

The Serverless Vulnerabilities service collection provides operations for retrieving vulnerability data for serverless functions. Query and retrieve lambda vulnerabilities in SARIF format using Falcon Query Language filters.

Language	Last Update
Python	v1.4.8
PowerShell	v2.2.9
Go	v0.20.0
TypeScript	v0.6.0
Rust	v0.7.0
Ruby	v1.2.0

Table of Contents

Operation	Description
GetCombinedVulnerabilitiesSARIF `get_vulnerabilities`	Retrieve all lambda vulnerabilities that match the given query and return in the SARIF format.

GetCombinedVulnerabilitiesSARIF

Retrieve all lambda vulnerabilities that match the given query and return in the SARIF format.

GET /lambdas/combined/vulnerabilities/sarif/v1

Scope Falcon Container Image: READ Consumes · Produces application/json

PEP 8 get_vulnerabilities

Parameters

Name	Type	Data type	Description
filter	query	string	Filter lambda vulnerabilities using a query in Falcon Query Language (FQL).Supported filters: application_name,application_name_version,cid,cloud_account_id,cloud_account_name,cloud_provider,cve_id,cvss_base_score,exprt_rating,first_seen_timestamp,function_name,function_resource_id,is_supported,is_valid_asset_id,layer,region,runtime,severity,timestamp,type
limit	query	integer	The upper-bound on the number of records to retrieve.
offset	query	integer	The offset from where to begin.
parameters	query	dictionary	Full query string parameters payload in JSON format.
sort	query	string	The fields to sort the records on. Supported columns: [application_name application_name_version cid cloud_account_id cloud_account_name cloud_provider cve_id cvss_base_score exprt_rating first_seen_timestamp function_resource_id is_supported layer region runtime severity timestamp type]

Code Examples

from falconpy import ServerlessVulnerabilities

falcon = ServerlessVulnerabilities(client_id=CLIENT_ID,
                                   client_secret=CLIENT_SECRET
                                   )

response = falcon.get_vulnerabilities(filter="string",
                                      limit=integer,
                                      offset=integer,
                                      sort="string")
print(response)

from falconpy import ServerlessVulnerabilities

falcon = ServerlessVulnerabilities(client_id=CLIENT_ID,
                                   client_secret=CLIENT_SECRET
                                   )

response = falcon.GetCombinedVulnerabilitiesSARIF(filter="string",
                                                  limit=integer,
                                                  offset=integer,
                                                  sort="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("GetCombinedVulnerabilitiesSARIF",
                          filter="string",
                          limit=integer,
                          offset=integer,
                          sort="string")
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/serverless_vulnerabilities"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  limit := int64(0)
  offset := int64(0)
  sort := "string"

  response, err := client.ServerlessVulnerabilities.GetCombinedVulnerabilitiesSARIF(
    &serverless_vulnerabilities.GetCombinedVulnerabilitiesSARIFParams{
      Filter: &filter,
      Limit: &limit,
      Offset: &offset,
      Sort: &sort,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.serverlessVulnerabilities.getCombinedVulnerabilitiesSARIF(
  "string",  // filter
  integer,  // limit
  integer,  // offset
  "string"  // sort
);

console.log(response);

use rusty_falcon::apis::serverless_vulnerabilities_api::get_combined_vulnerabilities_sarif;
use rusty_falcon::easy::client::FalconHandle;

#[tokio::main]
async fn main() {
    let falcon = FalconHandle::from_env().await.expect("Could not authenticate");

    let response = get_combined_vulnerabilities_sarif(
        &falcon.cfg,  // configuration
        Some("string"),  // filter
        Some(integer),  // limit
        Some(integer),  // offset
        Some("string"),  // sort
    ).await.expect("API call failed");

    println!("{:?}", response);
}

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::ServerlessVulnerabilities.new

response = api.get_combined_vulnerabilities_sarif(filter: 'string',
                                                  limit: integer,
                                                  offset: integer,
                                                  sort: 'string')

puts response