CLI 6.34.34.0

[6.34.34.0] - 2026-05-20

Changed

• Wiz inventory type allow-list trimmed to 25 approved asset types; network plumbing, IAM artifacts, governance/scope, and individual secret types removed from default filter
• Wiz asset provider-native cloud identifiers (ARM path, AWS ARN) now used as primary dedup keys instead of internal Wiz UUIDs
• Cloud-native Kubernetes Clusters now categorized as Hardware assets in the eMASS inventory
• Database engine version (e.g. SQL Server, PostgreSQL) now correctly populates SoftwareVersion rather than OSVersion
• VM image assets now carry a meaningful AssetType instead of "Other"

Added

• OpenSCAP now accepts FedRAMP POA&M-shaped CSV files in addition to the previously supported xccdf2csv scan-output format

Fixed

• OpenSCAP now logs a header-mismatch warning instead of silently reporting zero findings when CSV columns are not recognized
• integration now follows Microsoft Graph pagination on group and group-member fetches, so , , and see the full set of groups and members instead of silently truncating at the first page (~100 items)
• FedRAMP POA&M import no longer fails on every sheet when run in Airflow and ROH workers, restoring asset and finding sync
• eMASS now correctly detects an existing Security Plan by eMASS ID and updates it instead of creating a duplicate
• Wiz compliance sync no longer creates stub Asset records for refused entity types such as DNS records, IAM roles, and subscription/namespace types
• Cloud-native firewalls (NSGs, security groups) now correctly categorized as Software instead of Hardware
• Prisma host sync no longer silently drops vulnerabilities that share a package name across hosts; the integration now sends the full server-aligned vulnerability dedup key so distinct CVE findings persist as distinct records