HomeGuidesChangelog
Changelog
Back to All

CLI 6.31.0

March 16th, 2026

[6.31.0] - 2026-03-16

Changed

  • CrowdStrike compliance sync now supports all 7 frameworks (NIST, CSF, SOC2, CMMC, ISO, CIS, OWASP) via option
  • CrowdStrike compliance sync now uses SSP compliance settings for proper status mapping (FedRAMP, DoD, NIST)
  • CrowdStrike compliance sync auto-detects framework from the SSP's security profile using the framework handler registry
  • CrowdStrike integration refactored into modular package structure for improved maintainability
  • CrowdStrike SDK reuses authenticated sessions across bulk operations for improved performance
  • CrowdStrike compliance notes are now HTML-escaped before rendering
  • Consolidated Qualys Airflow DAGs into a single DAG with user-configurable options for VMDR, WAS, Container Security, and Total Cloud services

Added

  • CrowdStrike command to export prevention policy configurations as audit evidence
  • CrowdStrike command to generate comprehensive SOC2 evidence packages (host inventory, policies, alerts)
  • CrowdStrike evidence auto-links to matching control implementations using compliance mapping data with cross-framework support (NIST, SOC2, CSF, CMMC)
  • CrowdStrike vulnerability sync from Spotlight API with severity and CVE mapping
  • CrowdStrike asset sync from Hosts API with platform detection and device inventory
  • CrowdStrike compliance sync supports Full and Partial control implementation levels
  • Cross-framework mapping utility to automatically translate compliance controls between NIST, CSF, SOC2, CMMC, ISO, and CIS
  • CSF (Cybersecurity Framework) handler for control ID detection and parsing

Fixed

  • CrowdStrike FalconPy 1.6.0 deprecated API compatibility (Incidents, Intel, UserManagement)
  • CrowdStrike SDK authentication validation and SSL verify configuration support
  • CrowdStrike compliance sync no longer requires catalog lookup, reads control implementations directly from SSP
  • Entra ID evidence collection no longer fails to upload when PIM licensing (AadPremiumLicenseRequired) is unavailable; successfully collected evidence now uploads to the RegScale SSP regardless of downstream licensing errors (REG-20943)
  • Fixed OOM crash in Qualys Total Cloud import caused by swallowing instead of re-raising it, which caused to loop infinitely accumulating values
  • Fixed unclosed Rich markup tag in CLI disclaimer ( → ) that could cause rendering artifacts