CCI (Control Correlation Identifier) importer utility:
Clean code refactored implementation with low complexity methods
CLI integration as command
Default file path support for
NIST 800-53 revision 4 and 5 support
Configurable catalog ID parameter for flexible deployment environments
Dry-run and verbose modes for testing and validation
Comprehensive type hints and error handling
Added configuration option to prevent automatic issue closure by scanner integrations, defaults to True
Changed
Enhanced Wiz integration status mapping to correctly handle IN_PROGRESS status as Open
Fixed
Default date format for scan_date parameter in Sarif import command
Typo in FormFieldValue.save_custom_fields method
Wiz issues being prematurely closed by auto-closure logic when still active in Wiz platform
Added issue protection mechanism to prevent specific issues from being automatically closed
Issue Org field not being populated during Issue creation process or by Issue ingest: if Issue Owner is set, use the Issue Owner’s Org. If Issue Owner’s Org is not available, use the SSP Owner’s Org
Inherited Control Implementations now display System Implementation, Inherited/Cloud Responsibility, and Customer Responsibility fields, which automatically update based on changes to the source system
Security Plans built with Components now display System Implementation, Inherited/Cloud Responsibility, and Customer Responsibility in Control Implementations, automatically updating when the Component’s Control Implementation changes