RegScale 6.30.0.0

[6.30.0.0] 2026-03-30

Fixes

Platform & Data Integrity

• Fixed an issue where Security Profile Exports did not include JSON files compatible for re-import.
• Fixed multiple Export Builder issues affecting Appendix A, Appendix Q, and SOD exports.
• Resolved placeholder text appearing in final exports.
• Fixed issue preventing customer records from being saved.
• Fixed Appendix Q export failures.
• Resolved asset mapping issues for vulnerabilities creating issues.

Vulnerability & Issue Management

• Fixed multiple issues with and endpoints:
  • Issues not appearing in reports
  • Missing asset associations
  • Incorrect default status (“Closed”)
  • Mop-up functionality failures
  • Missing POA&M fields
  • KEV auto-detection not functioning
• Fixed KEV filtering returning incorrect results.
• Corrected issue where “Mitigated” vulnerabilities appeared in Open filters.
• Fixed Auto Close issues for scanner integrations.
• Resolved Issues Analytics graph issues (KEV identification, Issues Due by Month).

Navigation & UI/UX

• Fixed Wayfinder deep links to ensure reliable navigation across modules and records.
• Resolved UI issues including:
  • Pagination display cutoffs
  • Quick Links truncation
  • Dashboard and Compliance Certificate console errors
• Fixed navigation between Assets, Issues, Vulnerabilities, and Assessments.
• Fixed missing logos in cross-app views.

Security & Access Control

• Fixed multiple authorization and tenant isolation issues:
  • Tenant users accessing restricted admin routes via direct URL
  • Tenant admins viewing users across tenants
  • Tenant admins creating global admin accounts
• Fixed separation of duties enforcement issues.
• Fixed Compliance Certificate visibility and access control issues.

Integrations & APIs

• Fixed Axonius integration failure when no SSP controls exist.
• Fixed Frontend API base URL mismatch causing GCP environment failures.
• Fixed CI/CD workflow issue preventing Docker images from deploying to ACR.
• Fixed SSP Author query filtering bug.

Logging & System Behavior

• Fixed errors when navigating audit logs.
• Fixed inconsistent pagination in security logs.
• Fixed error when submitting consecutive bug bounty reports.

Access Requests & Workflows

• Fixed errors when approving/rejecting access requests.
• Fixed Capabilities/Milestones issue where Responsible Person was not updating.

Miscellaneous Fixes

• Fixed inability to create Service Accounts.
• Fixed UI confusion in Create Product and Create Company flows.
• Fixed Trust Center Inbox and Branding access via direct URL.

Changes & Enhancements

Navigation & User Experience

• Improved cross-object navigation:
  • One-click navigation between vulnerabilities, issues, assets, and assessments
  • Linked navigation across compliance failures and security plans
• Added filtering capabilities:
  • Assets by vulnerabilities and issues
  • Issues by POA&M, identification, and source report

Vulnerability & Risk Management

• Added automatic KEV CVE detection for vulnerability ingestion.
• Introduced vulnerability-to-disposition linking.
• Added POA&M and Milestones rollup status board.
• Improved asset visibility in compliance failures.

RegML & AI Enhancements

• Improved RegML query handling with structured support.
• Reduced chatbot hallucinations and stale data responses.
• Enhanced dynamic policy harvesting capabilities.

Platform & Architecture

• Refactored Auditor Service to use structured response schemas.
• Updated control implementation patterns for CLI CSAM integration.

UI & Workflow Improvements

• Added Issue-to-Asset mapping UI enhancements.
• Improved Compliance Certificate interactions.
• Enhanced SSP Inventory visualizations with graph labels.

Developer & API Improvements

• Enhanced batch processing APIs to align with vulnerability disposition logic.
• Improved feature flag handling for SSP Author dynamic harvesting.