HomeGuidesAPI ReferenceChangelog
Changelog

[6.26.6.0] - 2025-10-21

Changed

  • Subform redesigned to improve usability and make subform buttons more visible
  • OSCAL models updated to latest version
  • OSCAL endpoints moved to dedicated OSCAL controller
  • Removed IssueScreener Role

Fixed

  • Assigned workflows show up in the Workbench
  • Issue User, Case User, and Threat User can access Questionnaires Module
  • Workflows assigned to functional roles can be started
  • CMMC export includes all inherited statements and related policies
  • CMMC Component export to only retrieve active components
  • Export for eMASS Hardware/Software to correctly populate the "Critical Information System Asset?" column with Yes or No
  • PUT updates to /api/assessments and /api/securityplans
  • Web hook calls for Questionnaire Instances created before 6.20.17.0
  • Assessment User, Case User, Issue User, Security Plan User, and Threat User can now access tasks
  • Pie chart detail results displaying correctly
  • Ability for General Users to search Components, Issues, and Security Plans
  • Extra ampersand(&) appearance in SSP Appendix A Export
  • Removed Response Actions option appearing in the Incidents module
  • Workflow updates go to the correct workflow and not just the first
  • Data entered in different tabs is retained even after saving forms
  • Response Automation module search functionality
  • Control Implementation Summarization not showing completed for planned status
  • Wayfinder Builder listing page formatting issues
  • OSCAL Security Profile sort order on export by control ID
  • Null seeding message on startup for custom fields

[6.27.2.0] - 2025-10-20

Added

  • Logic to Sicura integration to a RegScale Security Plan's control implementations to build a control profile scan for the assets
  • Mapping CCI data for control parts for NIST 800-53 rev4 and rev5 catalogs in cci_importer integration

Changed

  • Microsoft entra evidence collection to use .xlsx files to preserve data format

Fixed

  • Wiz vulnerability integration handling of findings with missing asset containers or None severity values
  • Added support for "INFO" and "NONE" severity levels from Wiz findings
  • Improved error handling to prevent crashes when Wiz returns null values for asset references
  • Not filtering assets and findings from Tenable IO with the provided tags
  • Mapping vulnerability severities during Aqua import
  • Logic when handling region during the AWS integration

[6.27.1.0] - 2025-10-16

Added

  • Retry and backoff logic when fetching data from Ticketing, Assets, Vulnerabilities, & EDR connector integrations
  • Resiliency and fallback methods when parsing data from Vulnerabilities connector integrations

Fixed

  • Errors when parsing data from the Tanium Cloud integration

[6.27.0.1] - 2025-10-09

Fixed

  • Error in wiz command structure

[6.27.0.0] - 2025-10-09

Added

  • Wiz Compliance Report integration now uses ControlMatcher for robust control ID matching
  • AWS sync_assets and sync_findings_and_assets commands in Automation Manager
  • CIS benchmark compliance sync from Tenable.io and Tenable SC to RegScale checklists
  • STIG compliance sync from Tenable.io and Tenable SC to RegScale checklists
  • Custom field support for Jira integrations
  • --poam flag to the Jira issues command to create/update issues in RegScale for the issues coming from Jira

Changed

  • Improved threaded tasks in Jira to log any errors encountered to the console and logs
  • vuln_filter in vulnerabilities connector to minimum_severity_filter
  • Hiding input when prompting for secrets during any of the Ticketing, Assets, Vulnerabilities, & EDR connector integrations
  • Refactored Wiz integration to use modular architecture
  • Control Implementation status updates to use ControlMatcher class
  • Default value to preventAutoClose to false, update the value in init.yaml for issues that are no longer reported in scans to close outdated issues

Fixed

  • Default value for status_lst on the Control Implementation model
  • Wiz compliance report:
    • compliance report filtering
    • control matching with leading zeros
    • Milestone creation for compliance integration issue updates
    • Issue identification properly set to SecurityControlAssessment for compliance findings
    • GraphQL error when listing Wiz compliance reports now matching by name with project id included in name
    • Default value for status_lst on the Control Implementation model to support new RegScale server versions
  • FedRAMP CIS/CRM import to work with AWS worksheets that have extra columns
  • "No SSP Document Found." error during fedramp import_docx command
  • Multiple errors during Qualys import_scans command

[6.26.5.0] - 2025-10-09

Fixed

  • Error message logging for email failures
  • Catalogs archiving successfully if there are attached Control Implementations
  • Ability for general users to save updates to issues they didn't create

[6.26.0.0] - 2025-10-04

Added

  • JQL parameter for both Jira issues and tasks sync jobs in Automation Manager
  • FedRAMP Rev 5 POAM export enhancements to Nexpose integration:
    • Support for custom text-based severity fields adobe_severity and nexpose_severity with null safety
    • get_source_file_path method to expose file path for source file path property generation
  • Ability to export FedRAMP Rev 5 POAM Excel via regscale fedramp export_poam_v5
    • Support for custom text-based severity fields (adobe_severity, nexpose_severity) with null safety
    • get_source_file_path() method to expose file path for source file path property generation
  • Option to Sicura sync_findings command to trigger a new task before importing the results into RegScale

Changed

  • Updated Sicura integration to work with their latest release
  • Improved logic when matching controls from Wiz to RegScale controls
  • Improved Wiz compliance report filtering to use projectId parameter

Fixed

  • Jira Tasks Job not showing up in Automation Manager
  • Changed some attributes on STIG related entities to correctly be optional
  • Rare instance of init.yaml getting corrupt/reset
  • Control assessments being created as Failed when the Control is Fully Implemented in Scanner Integration
  • Incorrectly labeling CIS Benchmarks as STIGs for Asset Security Checks
  • Milestone creation for compliance integration issue updates
  • Issue identification properly set to SecurityControlAssessment for compliance findings

[6.26.4.0] - 2025-10-01

Fixed

  • Resolved Security Plan scorecard performance to deliver much faster load times
  • Resolved issue so that creating Security Plans via API now works reliably
  • Resolved issue to allow general users to successfully update Issue records

[6.26.3.0] - 2025-09-30

Added

  • Add table question type
  • Ability to define questionnaire header fields to capture additional information on questionnaire responses

Changed

  • Option to limit response editing to questions that the user is assigned to

Fixed

  • Resolved "FlatAssignee" value not populating in Questionnaire Instance when no other assignee exists
  • Resolved error when trying to re-open an Accepted Questionnaire
  • Resolved reporting issue on questionnaire data created before the initial report builder enhancement

[6.26.2.1] - 2025-09-29

Fixed

  • Ability for builder to add controls to a SSP