HomeGuidesChangelog
Changelog
Back to All

CLI 6.34.0

April 7th, 2026

[6.34.0.0] - 2026-04-07

Changed

  • Nessus asset naming now uses FQDN or hostname instead of IP address when available, with priority: FQDN > hostname > NetBIOS > IP
  • Axonius endpoint calls for 6.30.0.0 additions
  • Tanium no longer includes compliance data by default; use for proper control assessments
  • Tanium now runs asset sync, vulnerability sync, and compliance assessment sync as three separate steps

Added

  • Tanium command to sync compliance/benchmark data as control assessments instead of vulnerabilities
  • Opt-in scan-level assessment creation for vulnerability scanners via init.yaml setting, linking issues to assessments and updating control implementation statuses from aggregated scan findings
  • sync_compliance now maps Issues to created Assets if they exist in the SSP

Fixed

  • AWS Inspector CSV import failing with "can only concatenate str (not int) to str" when processing findings
  • AWS Inspector CRITICAL severity findings now correctly mapped to Critical instead of being downgraded to High
  • AWS Inspector now uses real public/private IP addresses from scan data instead of hardcoding 0.0.0.0
  • AWS Security Hub creating duplicate issues on successive runs by switching to server-side deduplication keyed on stable plugin IDs instead of per-resource SecurityHub ARNs
  • Qualys creating duplicate vulnerability records on successive runs by adding to so the server can locate existing records; now correctly enables server-side POAM/finding creation from each vulnerability
  • Qualys now correctly defaults to instead of the deprecated mode when no vulnerability creation setting is provided
  • s3 file downloader now allows for customer local filename
  • AWS integration missing f-string causing PatchSummary installed count to display as literal text
  • AWS integration performance improvements: severity filtering moved before expensive computations, CVE data extracted once per finding instead of per resource, and class-level constant maps to avoid per-call allocation
  • Tenable CIS checklist sync commands ( and ) not creating checklists, vulnerabilities, or issues in RegScale
  • Axonius sync_compliance no longer crashed on SSPs with no controls
  • AWS GuardDuty sync creating duplicate issues by processing findings through both compliance framework and individual finding paths
  • Vulnerability deduplication across consecutive scanner imports caused by missing parentModule in the uniqueKeys lookup
  • Stale vulnerabilities from previous scans not being closed when a subsequent scan produces fewer findings
  • Duplicate issues created per vulnerability when retry logic re-queued the same vulnerability for batch submission
  • Azure Entra access review evidence collection for Government cloud environments where incorrect URL construction caused a 404 "Invalid version" error