Added

• Prisma Cloud , , and commands now support (preview counts without writing), (skip N items), and (process at most N items) for parallel job splitting via the Orchestration Hub

Fixed

• AWS silently dropping all queued issues; issues are now flushed to RegScale after findings processing completes
• Qualys sync skipping vulnerability processing entirely due to defaulting to false; findings are now synced by default
• Qualys vulnerability sync failing with StreamReset errors on air-gapped or slow networks; added config (default 50) to send smaller batches per request
• Component creation failing with 400 "Compliance Setting is required" on RegScale installations that enforce complianceSettingsId; scanner integration now falls back to the tenant's first available compliance setting when the security plan lookup returns none
• Prisma Cloud SBOMs not appearing in the Security Plan SBOM tab; records are now linked to the security plan instead of individual assets so they populate the SSP-level SBOM view
• Prisma Cloud vulnerability sync creating duplicate records on consecutive runs for non-CVE identifiers (GHSA-, PRISMA-); client-side deduplication now checks existing SSP vulnerabilities before submission

[6.34.1.0] - 2026-04-08

Fixed

• lazy load import issue with axonius v1

[6.34.0.0] - 2026-04-07

Changed

• Nessus asset naming now uses FQDN or hostname instead of IP address when available, with priority: FQDN > hostname > NetBIOS > IP
• Axonius endpoint calls for 6.30.0.0 additions
• Tanium no longer includes compliance data by default; use for proper control assessments
• Tanium now runs asset sync, vulnerability sync, and compliance assessment sync as three separate steps

Added

• Tanium command to sync compliance/benchmark data as control assessments instead of vulnerabilities
• Opt-in scan-level assessment creation for vulnerability scanners via init.yaml setting, linking issues to assessments and updating control implementation statuses from aggregated scan findings
• sync_compliance now maps Issues to created Assets if they exist in the SSP

Fixed

• AWS Inspector CSV import failing with "can only concatenate str (not int) to str" when processing findings
• AWS Inspector CRITICAL severity findings now correctly mapped to Critical instead of being downgraded to High
• AWS Inspector now uses real public/private IP addresses from scan data instead of hardcoding 0.0.0.0
• AWS Security Hub creating duplicate issues on successive runs by switching to server-side deduplication keyed on stable plugin IDs instead of per-resource SecurityHub ARNs
• Qualys creating duplicate vulnerability records on successive runs by adding to so the server can locate existing records; now correctly enables server-side POAM/finding creation from each vulnerability
• Qualys now correctly defaults to instead of the deprecated mode when no vulnerability creation setting is provided
• s3 file downloader now allows for customer local filename
• AWS integration missing f-string causing PatchSummary installed count to display as literal text
• AWS integration performance improvements: severity filtering moved before expensive computations, CVE data extracted once per finding instead of per resource, and class-level constant maps to avoid per-call allocation
• Tenable CIS checklist sync commands ( and ) not creating checklists, vulnerabilities, or issues in RegScale
• Axonius sync_compliance no longer crashed on SSPs with no controls
• AWS GuardDuty sync creating duplicate issues by processing findings through both compliance framework and individual finding paths
• Vulnerability deduplication across consecutive scanner imports caused by missing parentModule in the uniqueKeys lookup
• Stale vulnerabilities from previous scans not being closed when a subsequent scan produces fewer findings
• Duplicate issues created per vulnerability when retry logic re-queued the same vulnerability for batch submission
• Azure Entra access review evidence collection for Government cloud environments where incorrect URL construction caused a 404 "Invalid version" error

[6.34.0.0] - 2026-04-07

Changed

• Nessus asset naming now uses FQDN or hostname instead of IP address when available, with priority: FQDN > hostname > NetBIOS > IP
• Axonius endpoint calls for 6.30.0.0 additions
• Tanium no longer includes compliance data by default; use for proper control assessments
• Tanium now runs asset sync, vulnerability sync, and compliance assessment sync as three separate steps

Added

• Tanium command to sync compliance/benchmark data as control assessments instead of vulnerabilities
• Opt-in scan-level assessment creation for vulnerability scanners via init.yaml setting, linking issues to assessments and updating control implementation statuses from aggregated scan findings
• sync_compliance now maps Issues to created Assets if they exist in the SSP

Fixed

• AWS Inspector CSV import failing with "can only concatenate str (not int) to str" when processing findings
• AWS Inspector CRITICAL severity findings now correctly mapped to Critical instead of being downgraded to High
• AWS Inspector now uses real public/private IP addresses from scan data instead of hardcoding 0.0.0.0
• AWS Security Hub creating duplicate issues on successive runs by switching to server-side deduplication keyed on stable plugin IDs instead of per-resource SecurityHub ARNs
• Qualys creating duplicate vulnerability records on successive runs by adding to so the server can locate existing records; now correctly enables server-side POAM/finding creation from each vulnerability
• Qualys now correctly defaults to instead of the deprecated mode when no vulnerability creation setting is provided
• s3 file downloader now allows for customer local filename
• AWS integration missing f-string causing PatchSummary installed count to display as literal text
• AWS integration performance improvements: severity filtering moved before expensive computations, CVE data extracted once per finding instead of per resource, and class-level constant maps to avoid per-call allocation
• Tenable CIS checklist sync commands ( and ) not creating checklists, vulnerabilities, or issues in RegScale
• Axonius sync_compliance no longer crashed on SSPs with no controls
• AWS GuardDuty sync creating duplicate issues by processing findings through both compliance framework and individual finding paths
• Vulnerability deduplication across consecutive scanner imports caused by missing parentModule in the uniqueKeys lookup
• Stale vulnerabilities from previous scans not being closed when a subsequent scan produces fewer findings
• Duplicate issues created per vulnerability when retry logic re-queued the same vulnerability for batch submission
• Azure Entra access review evidence collection for Government cloud environments where incorrect URL construction caused a 404 "Invalid version" error

[6.30.0.1] 2026-04-03

Changes

• Improved UI behavior to ensure filter options display correctly without requiring a manual refresh.
• Enhanced security by updating cache-control headers on endpoints that may return sensitive data to enforce and directives.

Fixes

• Resolved an issue where users were unable to view evidence after the most recent release.
• Fixed FedRAMP Test Case Procedure Export to remove unintended HTML/XML metadata and eliminate duplicated content.
• Addressed an error occurring during post-startup processing in .
• Fixed Wayfinder links to allow opening in a new browser window as expected.
• Corrected Access Request email links that were incorrectly pointing to localhost instead of the production URL.

[6.33.2] - 2026-03-31

Fixed

• AWS GuardDuty sync creating duplicate issues by processing findings through both compliance framework and individual finding paths
• Vulnerability deduplication across consecutive scanner imports caused by missing parentModule in the uniqueKeys lookup
• Stale vulnerabilities from previous scans not being closed when a subsequent scan produces fewer findings
• Duplicate issues created per vulnerability when retry logic re-queued the same vulnerability for batch submission

[6.33.2] - 2026-03-31

Fixed

• AWS GuardDuty sync creating duplicate issues by processing findings through both compliance framework and individual finding paths
• Vulnerability deduplication across consecutive scanner imports caused by missing parentModule in the uniqueKeys lookup
• Stale vulnerabilities from previous scans not being closed when a subsequent scan produces fewer findings
• Duplicate issues created per vulnerability when retry logic re-queued the same vulnerability for batch submission

[6.30.0.0] 2026-03-30

Fixes

Platform & Data Integrity

• Fixed an issue where Security Profile Exports did not include JSON files compatible for re-import.
• Fixed multiple Export Builder issues affecting Appendix A, Appendix Q, and SOD exports.
• Resolved placeholder text appearing in final exports.
• Fixed issue preventing customer records from being saved.
• Fixed Appendix Q export failures.
• Resolved asset mapping issues for vulnerabilities creating issues.

Vulnerability & Issue Management

• Fixed multiple issues with and endpoints:
  • Issues not appearing in reports
  • Missing asset associations
  • Incorrect default status (“Closed”)
  • Mop-up functionality failures
  • Missing POA&M fields
  • KEV auto-detection not functioning
• Fixed KEV filtering returning incorrect results.
• Corrected issue where “Mitigated” vulnerabilities appeared in Open filters.
• Fixed Auto Close issues for scanner integrations.
• Resolved Issues Analytics graph issues (KEV identification, Issues Due by Month).

Navigation & UI/UX

• Fixed Wayfinder deep links to ensure reliable navigation across modules and records.
• Resolved UI issues including:
  • Pagination display cutoffs
  • Quick Links truncation
  • Dashboard and Compliance Certificate console errors
• Fixed navigation between Assets, Issues, Vulnerabilities, and Assessments.
• Fixed missing logos in cross-app views.

Security & Access Control

• Fixed multiple authorization and tenant isolation issues:
  • Tenant users accessing restricted admin routes via direct URL
  • Tenant admins viewing users across tenants
  • Tenant admins creating global admin accounts
• Fixed separation of duties enforcement issues.
• Fixed Compliance Certificate visibility and access control issues.

Integrations & APIs

• Fixed Axonius integration failure when no SSP controls exist.
• Fixed Frontend API base URL mismatch causing GCP environment failures.
• Fixed CI/CD workflow issue preventing Docker images from deploying to ACR.
• Fixed SSP Author query filtering bug.

Logging & System Behavior

• Fixed errors when navigating audit logs.
• Fixed inconsistent pagination in security logs.
• Fixed error when submitting consecutive bug bounty reports.

Access Requests & Workflows

• Fixed errors when approving/rejecting access requests.
• Fixed Capabilities/Milestones issue where Responsible Person was not updating.

Miscellaneous Fixes

• Fixed inability to create Service Accounts.
• Fixed UI confusion in Create Product and Create Company flows.
• Fixed Trust Center Inbox and Branding access via direct URL.

Changes & Enhancements

Navigation & User Experience

• Improved cross-object navigation:
  • One-click navigation between vulnerabilities, issues, assets, and assessments
  • Linked navigation across compliance failures and security plans
• Added filtering capabilities:
  • Assets by vulnerabilities and issues
  • Issues by POA&M, identification, and source report

Vulnerability & Risk Management

• Added automatic KEV CVE detection for vulnerability ingestion.
• Introduced vulnerability-to-disposition linking.
• Added POA&M and Milestones rollup status board.
• Improved asset visibility in compliance failures.

RegML & AI Enhancements

• Improved RegML query handling with structured support.
• Reduced chatbot hallucinations and stale data responses.
• Enhanced dynamic policy harvesting capabilities.

Platform & Architecture

• Refactored Auditor Service to use structured response schemas.
• Updated control implementation patterns for CLI CSAM integration.

UI & Workflow Improvements

• Added Issue-to-Asset mapping UI enhancements.
• Improved Compliance Certificate interactions.
• Enhanced SSP Inventory visualizations with graph labels.

Developer & API Improvements

• Enhanced batch processing APIs to align with vulnerability disposition logic.
• Improved feature flag handling for SSP Author dynamic harvesting.

[6.33.1] - 2026-03-30

Changed

• Faster CLI startup by deferring DuroSuite module loading until its commands are invoked
• Lazy-loaded RegScale model imports to reduce CLI startup memory by ~20MB
• Reduced default HTTP connection pool size from 200 to 100 to lower memory usage at startup
• Replaced dependency with for lighter, faster CLI progress bars and console output
• Introduced abstract interface for swappable progress bar backends
• Batch API responses now log at DEBUG level on success, INFO only on errors
• Consistent progress bar styling across all CLI commands with cleaner display
• Pydantic model performance and memory optimization across all RegScale CLI models with slots-based storage, Literal type constraints, and TypeAdapter bulk validation
• Assessment model memory footprint reduced via deferred imports, cached endpoint lookups, and annotation deferral

Fixed

• GCP compliance sync now creates issues for failed controls when issue creation is enabled, with a clear log message when turned off
• GCP compliance items now use unique per-resource identifiers from SCC findings instead of the project-level ID, fixing asset deduplication
• Wiz integration now creates Ports & Protocols and Software Inventory records for synced assets, restoring functionality lost during scanner migration
• ComponentMapping and AssetMapping model overrides now accept skip_validation parameter, fixing asset sync failures across all scanner integrations
• GCP findings now use correct issue status values instead of ControlTestResultStatus enums, eliminating status mapping warnings during sync
• Tanium Cloud CVE vulnerability fetch now uses correct GraphQL field names, resolving API 400 errors
• Tanium compliance findings now create unique vulnerabilities per finding instead of collapsing to a handful due to missing plugin identifiers
• Tanium integration now pre-loads endpoint data during findings sync, enabling vulnerability-to-asset linkage when syncing to components
• Server-side POAM creation from vulnerabilities now respects the setting and is off by default ()
• Test suite no longer overwrites the user's when running locally
• Burp integration logger initialization using incorrect parameter