HomeGuidesChangelog
Changelog
Back to All

CLI 6.29.19.20

February 21st, 2026

[6.29.19.20] - 2026-02-21

Added

  • AWS CloudWatch sync with pagination support ( command) for parallel job processing with dry-run mode to report total log group count and offset/limit parameters for distributed processing across multiple workers
  • IssueAssetMapping model for mapping issues to assets with CRUD, batch create, and query-by-issue/asset support
  • Axonius V2 integration with asset and vulnerability synchronization using the axonious SDK, supporting hybrid delta sync and saved query strategies
  • OpenText Fortify WebInspect Airflow DAG for automated scan imports
  • Direct AWS SDK credential support (access key, secret key, session token) for OpenText, Trivy, and Grype S3 integrations
  • S3 authentication guide documentation for file import integrations

Changed

  • AWS CloudWatch extended sync command () now supports init.yaml credential configuration and removes explicit credential CLI flags (use init.yaml, environment variables, or --profile instead)
  • AWS CloudWatch evidence processing now uses in-memory compression instead of temporary files, making it Celery-safe for ephemeral containers with limited or readonly filesystems
  • Wiz integration now defaults unknown severity values to "Not Assigned" instead of "Low" to avoid understating risk
  • Wiz async GraphQL client now retries transient failures (429, 500, 502, 503, 504) with exponential backoff before failing
  • Wiz authentication fallback now tries all Cognito URLs instead of only the first one

Fixed

  • AWS no longer hangs during asset cache warming, and now consolidates findings to eliminate duplicate vulnerabilities
  • AWS component mapping no longer produces redundant "mapping already exists" errors for pre-existing components
  • AWS CVE override of no longer breaks finding consolidation for compliance checks sharing the same CVE
  • Qualys Container Security API calls now respect the config setting instead of being hardcoded to
  • Qualys WAS findings pagination now has a safety limit (default 50) to prevent runaway fetches against large or mock servers
  • Scanner integration mopup no longer closes findings from earlier batches during multi-chunk syncs
  • AWS no longer hangs during asset cache warming, and now consolidates findings to eliminate duplicate vulnerabilities
  • AWS component mapping no longer produces redundant "mapping already exists" errors for pre-existing components
  • AWS CVE override of no longer breaks finding consolidation for compliance checks sharing the same CVE
  • Qualys Container Security API calls now respect the config setting instead of being hardcoded to
  • Qualys WAS findings pagination now has a safety limit (default 50) to prevent runaway fetches against large or mock servers
  • Configuration placeholder values no longer use angle brackets that break YAML parsing when fetched from the RegScale API
  • CSAM URL validation no longer incorrectly checks the token variable instead of the URL variable
  • HTTP/2 "Server disconnected" errors during concurrent API requests now automatically retry with exponential backoff instead of failing immediately
  • Prisma Cloud SBOM bulk sync now creates SBOM records and software inventory for matched assets
  • AWS CloudWatch Logs integration failing with ValidationException errors in GovCloud regions due to incomplete ARN construction (missing suffix and wrong partition)
  • Wiz async vulnerability scanner crashing with NoneType error in containerized environments (Fargate/ECS) due to unhandled SystemExit in async event loop
  • FedRAMP Appendix A importer now correctly extracts parameters with multi-parenthetical names and numeric suffixes (e.g., SC-5(a)-1, AC-1(c)(1)-2)
  • FedRAMP Appendix A parameter deduplication no longer produces duplicate warnings due to leading whitespace mismatch between DOCX and markdown parsers
  • FedRAMP Appendix A parameter matching now resolves leading-zero format differences between OSCAL identifiers and RegScale ControlParameter records