[6.29.0.6]

Fixed

• Fixed Jira integration to use new /rest/api/3/search/jql endpoint after Atlassian deprecated /rest/api/2/search (removed Oct 31, 2024)
• Fixed Jira integration to gracefully handle missing issue types across diverse client configurations
• Fixed Jira authentication to properly use basic_auth for API tokens instead of OAuth token_auth

[6.29.0.5]

Fixed

• Fixed CrowdStrike query_incidents KeyError when API response is missing expected 'resources' key
• CSAM Integration is failing to create inheritance associations
• SARIF Integration vulnerability severity issue.

Added

• QRadar Integration that uses QRadar API integration

[6.29.0.1]

Fixed

• Fixed issue with metadata api endpoint

[6.29.0.0]

Fixed

• CSAM: Fixed inheritance bug and POA&M bug
• SARIF: Fixed vulnerability severity mapping bug
• Fixed a bug where Kerberos was missing from container build packages
• Container build process improvements

Changed

• CSAM: Fixed controlImplementations endpoint API change (get_list_by_parent returns {"items": []} format)

Fixed

• AWS Security Hub: Fixed consolidated mode to properly group findings by GeneratorId instead of unique finding UUID, preventing duplicate issues for the same security control type
• CSAM Integration enhancements:
  • POA&M import functionality for synchronizing CSAM POA&Ms to RegScale Issues
  • Artifacts import with automatic file downloads and attachments
  • Points of Contact (POC) mapping to RegScale users
  • Business continuity and incident response data import
  • Additional status fields (risk assessment, SSP completion, configuration management)
  • Agency-defined data items with customizable field mappings
  • New CLI command for connectivity testing
  • Enhanced SSP import with improved error handling

[6.28.4.1] - 2025-11-17

Fixed

• vulnerability module updates to align with platform updates

[6.27.0.0] - 2025-11-15

Added

• Policy Generator RegML Agent for automated policy creation
• Questionnaire Visual Rule Builder for dynamic conditional logic
• Cost Savings analytics integrated into:
  • RegML Evidence Mapper
  • RegML Control Author
  • RegML Explainer
  • Dashboards with new cost savings visualizations
• Search and date filters added to Scorecard filters
• Deep linking support added to Tenant Form
• Status column added to Supply Chain List View
• Org field added to Components
• Programs enhanced with KPS and hierarchical support
• RegML Audit History Report with improved gauge interaction
• Introduced Vulnerability Module
  • New table and list views for easier management
  • Tenant-level configuration options including SLA support
  • Assets Impacted field for improved traceability
  • Disposition column and filters on the Vulnerability Status Board
  • Issue and Bulk Action features for streamlined triage and updates
  • Vulnerability Scorecard with enhanced analytics and visualization
  • Enhanced prioritization of known exploited vulnerabilities (KEVs)
  • Task Assignment bulk action and task count synchronization
  • Corrected casing, mapping, and validation behaviors within vulnerability data
• Templating System
  • Create/Edit form and catalog list view introduced for easy management
  • Template utilities added for SSP and Components modules
  • Parameters Builder importer added for template population
• Report Builder support for custom fields in list-type reports

Changed

• Questionnaire Assignment workflow and UX improved with modal enhancements and additional options
• Grid views display loading indicators during data retrieval
• Workbench optimized to reduce repeat API calls and unnecessary data loads
• Security Plan and Component Status Boards optimized for faster loading
• Risk and SSP Scorecards improved with performance tuning and loading indicators
• RBAC indexing and composite indexes optimized for faster role-based access control
• Authentication logging enhanced with security fingerprinting and SIEM-friendly context enrichers
• Login startup time improved through K8s health probe and startup seeding optimizations
• Control and Security Control modules optimized for faster performance and reduced bundle size
• eMASS exports moved to a background service for improved reliability
• Font and icon loading optimized to improve client performance
• UI consistency improved across forms, notifications, accordions, and ellipsis menus
• Risk Scorecard updated to show business metrics only when data changes
• Ellipsis menu interactions smoothed for improved responsiveness
• Context searching made slightly less restrictive to return more relevant information
• Model parameter tuning implemented to better align generated responses with retrieved context

Fixed

• Questionnaire Importer loads all sections instead of stopping after the first
• Inactive account deactivation logic corrected to enforce expiration settings
• Digital Signature Settings save correctly
• Reset Password functionality restored
• Issue Screening loads QA person correctly
• Task Auto-Close now updates UI as expected
• “My Controls” filter reinstated on Scorecard
• Control Bulk Editor rebuilt and functions correctly
• Creating child Vulnerabilities properly maps parent relationships
• Org Create API now returns record ID
• Labels and capitalization on Grid Views corrected
• File subsystem progress button removed to prevent premature closing
• Response compression fixed
• Non-async blocking calls removed from Authentication Controller
• Risks can now be associated with Security Plans
• Import Threat Model loads as expected
• Risk print report includes BIA information
• Visual and layout issues resolved across textboxes, accordions, and labels

[6.28.4.0] - 2025-11-12

Fixed

• Prisma: flatfile importer when given a file with multiple hosts issue
• Async graphql client not honoring the sslVerify setting for OpenSSL 3.x and corporate environments

[6.28.3.5] - 2025-11-11
Fixed
Fix AWS max evidence to collect option not being honored
CrowdStrike:
Fixed an issue that was causing failures
Fixed an issue causing inaccurate results
Fixed error handling of incident command

[6.28.3.0] - 2025-11-07

Fixed

• Fix AWS control status mapping to use 'In Remediation' instead of 'Not Implemented'

Added

• QRadar SIEM integration skeleton with CLI commands for syncing security events, findings, and assets from IBM QRadar. Includes test connection functionality to validate QRadar instance connectivity.

[6.28.2.1] - 2025-11-05

Fixed

• FedRAMP POAM import incorrectly splitting asset identifiers containing spaces (e.g., "10.10.160.200 ( 2049 / TCP )") into multiple assets