- Subform redesigned to improve usability and make subform buttons more visible
- OSCAL models updated to latest version
- OSCAL endpoints moved to dedicated OSCAL controller
- Removed IssueScreener Role
- Assigned workflows show up in the Workbench
- Issue User, Case User, and Threat User can access Questionnaires Module
- Workflows assigned to functional roles can be started
- CMMC export includes all inherited statements and related policies
- CMMC Component export to only retrieve active components
- Export for eMASS Hardware/Software to correctly populate the "Critical Information System Asset?" column with Yes or No
- PUT updates to /api/assessments and /api/securityplans
- Web hook calls for Questionnaire Instances created before 6.20.17.0
- Assessment User, Case User, Issue User, Security Plan User, and Threat User can now access tasks
- Pie chart detail results displaying correctly
- Ability for General Users to search Components, Issues, and Security Plans
- Extra ampersand(&) appearance in SSP Appendix A Export
- Removed Response Actions option appearing in the Incidents module
- Workflow updates go to the correct workflow and not just the first
- Data entered in different tabs is retained even after saving forms
- Response Automation module search functionality
- Control Implementation Summarization not showing completed for planned status
- Wayfinder Builder listing page formatting issues
- OSCAL Security Profile sort order on export by control ID
- Null seeding message on startup for custom fields
- Logic to Sicura integration to a RegScale Security Plan's control implementations to build a control profile scan for the assets
- Mapping CCI data for control parts for NIST 800-53 rev4 and rev5 catalogs in cci_importer integration
- Microsoft entra evidence collection to use .xlsx files to preserve data format
- Wiz vulnerability integration handling of findings with missing asset containers or None severity values
- Added support for "INFO" and "NONE" severity levels from Wiz findings
- Improved error handling to prevent crashes when Wiz returns null values for asset references
- Not filtering assets and findings from Tenable IO with the provided tags
- Mapping vulnerability severities during Aqua import
- Logic when handling region during the AWS integration
- Retry and backoff logic when fetching data from Ticketing, Assets, Vulnerabilities, & EDR connector integrations
- Resiliency and fallback methods when parsing data from Vulnerabilities connector integrations
- Errors when parsing data from the Tanium Cloud integration
- Error in wiz command structure
- Wiz Compliance Report integration now uses ControlMatcher for robust control ID matching
- AWS sync_assets and sync_findings_and_assets commands in Automation Manager
- CIS benchmark compliance sync from Tenable.io and Tenable SC to RegScale checklists
- STIG compliance sync from Tenable.io and Tenable SC to RegScale checklists
- Custom field support for Jira integrations
- --poam flag to the Jira issues command to create/update issues in RegScale for the issues coming from Jira
- Improved threaded tasks in Jira to log any errors encountered to the console and logs
- vuln_filter in vulnerabilities connector to minimum_severity_filter
- Hiding input when prompting for secrets during any of the Ticketing, Assets, Vulnerabilities, & EDR connector integrations
- Refactored Wiz integration to use modular architecture
- Control Implementation status updates to use ControlMatcher class
- Default value to preventAutoClose to false, update the value in init.yaml for issues that are no longer reported in scans to close outdated issues
- Default value for status_lst on the Control Implementation model
- Wiz compliance report:
- compliance report filtering
- control matching with leading zeros
- Milestone creation for compliance integration issue updates
- Issue identification properly set to SecurityControlAssessment for compliance findings
- GraphQL error when listing Wiz compliance reports now matching by name with project id included in name
- Default value for status_lst on the Control Implementation model to support new RegScale server versions
- FedRAMP CIS/CRM import to work with AWS worksheets that have extra columns
- "No SSP Document Found." error during fedramp import_docx command
- Multiple errors during Qualys import_scans command
- Error message logging for email failures
- Catalogs archiving successfully if there are attached Control Implementations
- Ability for general users to save updates to issues they didn't create
- JQL parameter for both Jira issues and tasks sync jobs in Automation Manager
- FedRAMP Rev 5 POAM export enhancements to Nexpose integration:
- Support for custom text-based severity fields adobe_severity and nexpose_severity with null safety
- get_source_file_path method to expose file path for source file path property generation
- Ability to export FedRAMP Rev 5 POAM Excel via regscale fedramp export_poam_v5
- Support for custom text-based severity fields (
adobe_severity, nexpose_severity) with null safety
get_source_file_path() method to expose file path for source file path property generation
- Option to Sicura sync_findings command to trigger a new task before importing the results into RegScale
- Updated Sicura integration to work with their latest release
- Improved logic when matching controls from Wiz to RegScale controls
- Improved Wiz compliance report filtering to use projectId parameter
- Jira Tasks Job not showing up in Automation Manager
- Changed some attributes on STIG related entities to correctly be optional
- Rare instance of init.yaml getting corrupt/reset
- Control assessments being created as Failed when the Control is Fully Implemented in Scanner Integration
- Incorrectly labeling CIS Benchmarks as STIGs for Asset Security Checks
- Milestone creation for compliance integration issue updates
- Issue identification properly set to SecurityControlAssessment for compliance findings
- Resolved Security Plan scorecard performance to deliver much faster load times
- Resolved issue so that creating Security Plans via API now works reliably
- Resolved issue to allow general users to successfully update Issue records
- Add table question type
- Ability to define questionnaire header fields to capture additional information on questionnaire responses
- Option to limit response editing to questions that the user is assigned to
- Resolved "FlatAssignee" value not populating in Questionnaire Instance when no other assignee exists
- Resolved error when trying to re-open an Accepted Questionnaire
- Resolved reporting issue on questionnaire data created before the initial report builder enhancement
- Ability for builder to add controls to a SSP