HomeGuidesAPI ReferenceChangelog
Changelog

CLI 6.28.3.0

[6.28.3.0] - 2025-11-07

Fixed

  • Fix AWS control status mapping to use 'In Remediation' instead of 'Not Implemented'

Added

  • QRadar SIEM integration skeleton with CLI commands for syncing security events, findings, and assets from IBM QRadar. Includes test connection functionality to validate QRadar instance connectivity.

CLI 6.28.2.1

[6.28.2.1] - 2025-11-05

Fixed

  • FedRAMP POAM import incorrectly splitting asset identifiers containing spaces (e.g., "10.10.160.200 ( 2049 / TCP )") into multiple assets

CLI 6.28.2.0

[6.28.2.0] - 2025-11-05

Added

  • Vulnerabilities connector additions:
    • Logic to only populate the latest version of CVSS scores
    • CVE ID suffix to the Issue title
    • Issue Due date calculations and overrideable defaults based on issue severity

Fixed

  • Assets being deduped outside the provided SSP ID throughout various commands
  • Pieces of evidence not being processed and uploaded during AWS Audit Manager
  • Incorrect operation counts in Scanner Integration logging outputs
  • AWS Fixes:
    • Enhanced framework-aware status mapping for control implementations
    • control implementation status updates on subsequent runs & improved logging
    • control pass/fail determination for AWS Audit Manager compliance sync

CLI 6.28.1.1

[6.28.1.1] - 2025-10-31

Fixed

  • Misaligned parameters for Wiz job in Automation Manager

CLI 6.28.1.0

[6.28.1.0] - 2025-10-30

Added

  • Jobs for AWS in Automation Manger for CloudTrail, CloudWatch, GuardDuty, IAM, KMS, S3, SSM, Config Compliance and sync_compliance

CLI 6.28.0.0

[6.28.0.0] - 2025-10-29

Added

  • Filter validation when translating asset filters to vulnerability filters in the Vulnerability connector
  • Multiple AWS integrations: CloudTrail, CloudWatch, GuardDuty, IAM, KMS, S3, SSM, Config Compliance and sync_compliance

Changed

  • Improved performance in scanner integration during issue lookup indexing

Fixed

  • Scanner integration KeyError for NotAssigned severity in due_date_handler (added default 364-day timeline)

RegScale 6.26.8.0

[6.26.8.0] - 2025-10-28

Changed

  • SSP Author
    • Migrated to a job-based processing approach with significant improvements to scalability and performance
    • Jobs can be saved and retrieved for later review
    • Responses improved for professionalism and linguistic nuance
  • Response Automation
    • Confidence scores now reflect the strength of contextual information used to answer questions
    • Job list includes real-time status updates
    • Expanded to use questionnaires and policies as information sources
    • Job submission details now display sources used
    • Responses improved for professionalism and linguistic nuance
    • Context searching made slightly less restrictive for greater flexibility and broader response discovery
  • Implemented model parameter tuning to better align generated responses with retrieved context information
  • AI Generator workflow UI clarifies that a questionnaire response instance ID is required as input

Fixed

  • Response Automation search fields in job list and sources list work correctly
  • UI improvements and minor fixes in Response Automation
  • Policy Templates save correctly when uploaded through the UI

RegScale 6.26.7.0

[6.26.7.0] - 2025-10-28

Changed

  • Minimized the amount of logs generated in Automation Manager

Fixed

  • Hidden service account expiration no longer causes service disruption
  • Using the search bar in Automation Manager no longer disrupts integrations
  • Updating a secret now correctly filters secrets for the selected job
  • Red outline no longer appears on optional fields after being populated
  • Fetching names for a security plan no longer changes the selected SSP for subsequent inputs
  • Integration count now updates correctly when using the search bar
  • Intermittent “Automation Container Connection Error” pop-up in Automation Manager eliminated
  • Download button for job logs now functions correctly
  • Tooltip messages now display properly on fields
  • Export Builder can now create tables of controls with required data

CLI 6.27.3.0

[6.27.3.0] - 2025-10-27

Added

  • FedRAMP POAM import validation asset existence check before POAM import to guide users to import inventory first if no assets exist in the Security Plan
  • Completed Initial CSAM integration
  • Support for importing Configuration Findings tab from FedRAMP POAM Excel files
    • Configuration Findings sheets are now detected and processed alongside POA&M Items
    • Controls field (Column B) from Configuration Findings is mapped to affectedControls in RegScale issues

Changed

  • Improved control matching during fedramp import_cis_crm
  • Model command to utilize RegScale model methods and handle updates and creations using one workbook
  • Filtering vulnerability data for the provided asset filter in the Vulnerabilities connector

Fixed

  • FedRAMP POAM import:
    • Asset parsing to handle multiple delimiters and long asset names
    • Detect and skip header/description rows in various file formats
    • Skip asset parsing when asset identifier field contains description text
    • Parent ID errors and validations when processing files with non-standard formatting
    • Status determination for Configuration Findings sheets (now correctly identified as Open status)
  • TypeError in and commands when control implementations have missing controlOwner or control fields
  • Property creation during FedRAMP POAM import
  • Final output of build-query command in the assets and vulnerabilities connector to match the filter for each connector

Security

  • Routine dependency updates

RegScale 6.26.6.0

[6.26.6.0] - 2025-10-21

Changed

  • Subform redesigned to improve usability and make subform buttons more visible
  • OSCAL models updated to latest version
  • OSCAL endpoints moved to dedicated OSCAL controller
  • Removed IssueScreener Role

Fixed

  • Assigned workflows show up in the Workbench
  • Issue User, Case User, and Threat User can access Questionnaires Module
  • Workflows assigned to functional roles can be started
  • CMMC export includes all inherited statements and related policies
  • CMMC Component export to only retrieve active components
  • Export for eMASS Hardware/Software to correctly populate the "Critical Information System Asset?" column with Yes or No
  • PUT updates to /api/assessments and /api/securityplans
  • Web hook calls for Questionnaire Instances created before 6.20.17.0
  • Assessment User, Case User, Issue User, Security Plan User, and Threat User can now access tasks
  • Pie chart detail results displaying correctly
  • Ability for General Users to search Components, Issues, and Security Plans
  • Extra ampersand(&) appearance in SSP Appendix A Export
  • Removed Response Actions option appearing in the Incidents module
  • Workflow updates go to the correct workflow and not just the first
  • Data entered in different tabs is retained even after saving forms
  • Response Automation module search functionality
  • Control Implementation Summarization not showing completed for planned status
  • Wayfinder Builder listing page formatting issues
  • OSCAL Security Profile sort order on export by control ID
  • Null seeding message on startup for custom fields