ROH 6.31.1.0
May 29th, 2026
Purpose
RegScale Orchestration Hub (ROH) enables organizations to automate the import and export of data between RegScale and external systems through configurable integrations and commands.
This beta release is intended for early adopters and validation of core orchestration capabilities. Functionality, supported integrations, and performance characteristics may change before General Availability (GA).
What's Included
Core Capabilities
ROH Beta Supports:
- Multiple scheduled job configurations per integration to support different data sources, configuration options, secrets, etc.
- Run instant jobs for ad hoc data loads
- Job splitting enables breaking larger jobs up into multiple smaller batches to support processing very large collections of data more quickly
- Review logs of currently running job executions or previously completed job executions
- Review of the health of different ROH components from a dashboard about job workers
- Managing different sets of credentials and settings in a secret set so the same kind of job can be run against multiple different environment with different credentials or environments
- Executing jobs ad-hoc by a user pressing a button or running a job on a schedule without direct user interaction
Newly Supported Integrations
| Integration | Command |
|---|---|
| AWS | sync_assets |
| sync_findings | |
| sync_findings_and_assets | |
| sync_compliance | |
| sync_config_compliance | |
| sync_kms | |
| sync_org | |
| sync_iam | |
| sync_guardduty | |
| sync_s3 | |
| sync_cloudtrail | |
| sync_cloudwatch | |
| sync_cloudwatch_ex | |
| sync_ssm | |
| Axonius | sync_assets |
| sync_findings | |
| sync_all | |
| sync_saved_queries | |
| Azure Active Directory | sync_admins |
| sync_general | |
| sync_readonly | |
| CrowdStrike | collect_evidence |
| sync_assets | |
| sync_compliance | |
| sync_incidents | |
| sync_vulnerabilities | |
| Entra Evidence Microsoft Defender | collect_entra_evidence |
| Google BigQuery | collect_evidence |
| sync_assets | |
| sync_compliance | |
| sync_findings | |
| Jira | issues |
| tasks | |
| Palo Alto Prisma Cloud | sync_hosts |
| sync_images | |
| sync_sbom | |
| Qualys | sync_cis_report |
| sync_qualys | |
| SentinelOne | sync_assets |
| sync_findings | |
| sync_threats | |
| sync_vulnerabilities | |
| sync_all | |
| Rapid7 | sync_all |
| sync_assets | |
| sync_findings | |
| Tenable.io | sync_all |
| sync_assets | |
| sync_findings | |
| Tenable SC | sync_all |
| sync_assets | |
| sync_compliance | |
| sync_findings | |
| Wiz | inventory |
| issues | |
| vulnerabilities | |
| sync_compliance | |
| compliance_report |
Known Limitations
Functional Limitations
- A ROH deployment can only execute two jobs at the same time. This behavior is not dynamic.
- A ROH deployment can only talk to integrations using HTTP 1.1, HTTP 2 is disabled for stability purposes.
Performance Limitations
-
Issue Ingestion Limitations
- The issue ingest functionality of the core RegScale Platform does not completely performantly for smaller batches of 100 items or less at a time. For integration_command sync_all and integration_command sync_issues commands, add the secret issuesBatchSize 500, Type Integer, and Category General.
-
Vulnerability Ingestion Limitations
- The vulnerability ingestion functionality of the core RegScale Platform does not perform stably for large batches over 1,000 items at a time. For integration_command sync_all and integration_command sync_vulnerabilities commands, add the secret vulnerabilityBatchSize 500, Type Integer, and Category General.
-
Integration-specific Limitations
-
Azure AD
- The azure sync_admins, azure sync_general, azure sync_readonly command is not near real-time. With default settings, the command will ingest approximately 333 users per minute successfully.
- The azure sync_admins command will not perform reliably for ingesting more than 50,000 users at one time.
-
Jira
- The jira issues command is not near real-time. With default settings, the command will ingest approximately 500 issues per minute.
- The jira tasks command is not near real-time. With default settings, the command will ingest approximately 540 issues per minute.
-
Rapid7
- The rapid7 sync_all command is not near real-time. With default settings, the command will ingest approximately 2,100 items per minute.
- The rapid7 sync_assets command is not near real-time. With default settings, the command will ingest approximately 3,300 items per minute.
-
Tenable.io
- The tenable_io sync_assets command is not near real-time. With default settings, the command will ingest approximately 1,300 assets per minute.
- The tenable_io sync_findings command is not near real-time. With default settings, the command will ingest approximately 1,100 findings per minute.
-