April 17th, 2025
Introduced the Report Builder role for additional access granularity to report builder
Modified the Project Status field on the Projects listing page to display as a string
Eliminated the requirement for Control Source in the Control Implementations module
Ensured that LOI-compliant calculations no longer include the N/A status
Corrected the display of the Evidence Scorecard in the Policies Module ensuring it accurately shows evidence
Improved dark mode display
Evidence Scorecard
Project Scorecard
Enabled users to clear the Date Completed field in the Data Calls module
Enhanced the functionality of the Security Plan Status Board ensuring that search works correctly
Corrected the rendering of drop-downs
Ensured that FedRAMP SAR Export completes the container web and database sections accurately
Return expected 400 response code for missing field in POST or PUT to softwareInventory
Corrected the control status and originations for FedRAMP CIS/CRM exports when using compliance settings
Ensured that Control Implementations are sorted correctly on the Security Plan scorecards
Changed to an Edit prefix in the Compliance Settings header when editing existing settings
Prevented users from deleting RegScale-provided Compliance Settings
Implemented Swagger updates when new APIs are added to the system
Populated the Parent ID when creating new Continuous Monitoring records
Tailored exports corrections
Consistent font
Fixed large image sizes
Duplicated Implementation Statement
Spacing after Implementation Statement
Including additional data from the platform
Strengthened the form upgrade logic to prevent upgrades from hiding fields
Restored the paragraph formatting for the Control Implementation statement
Enhanced the functionality of the Questionnaire role ensuring it works as expected
Returning results when selecting All Time in Reports
Report titles working with custom labels
Respecting role permissions when navigating to Reports
Populating data calls by owner and status date dropdown in Reports
Performance issue for finalizing Continuous Monitoring Plan with a large number of controls
Check to prevent error response when pulling control implementation with bad data
April 11th, 2025
MasterAssessment model to RegScale Models
.msg file type support when uploading files to RegScale EDR Connector type which adds the ability to ingest EDR data from multiple integrations like CrowdStrike, Microsoft Defender, Malwarebytes and future integrations via
Counting informational findings when processing vulnerabilities during
Using the sslVerify from init.yaml or environment variable: to DuroSuite and Sicura API calls
Better authentication errors with Tenable SC and Vulnerability Management (IO)
Required fields on SupplyChain model to match RegScale model
Improved performance when analyzing issues for closure during
Multiple warning messages when was set to false in the file or environment variable
Error when counting vulnerabilities during Tenable SAP import
Error parsing vulnerabilities during OpenText import
Progress bars not behaving correctly during the SAP and SysDig flat file imports
Errors during Tenable SAP and Tenable SysDig integration
recommendations from the Risk model April 10th, 2025
Added option to populate FedRAMP Rev5 Appendix A implementation statements from the Implementation Statement field on the Control Setting tab
Improved application startup performance
April 5th, 2025
Introduction of Wayfinder Builder for creating Wayfinder Templates
Create, edit, and delete Wayfinder Templates
Create, edit, and delete Stages and Activities
Add internal and external links to Wayfinder activities
Select Wayfinder Templates from a form
Select a Wayfinder Template as the Default Wayfinder for a Compliance Setting
Import & Export Wayfinder templates
Wayfinder SSP Dashboard Widget
April 4th, 2025
Fixed repetitive logging message during ScannerIntegration when updating ScanDate
April 4th, 2025
Additional logging during ScannerIntegration to further describe the Vulnerabilities processed
Additional logging to the Qualys total cloud command
FunctionalRole to RegScale Models
Updated risk RegScale model
Conflicting progress bars during the Sicura integration
Control origin, responsibility texts, and rolled up to the implementation during FedRAMP CIS/CRM import
Missing assets and vulnerabilities when scan file contains both fqdn and ip address for the same asset
Wiz inventory command when using the --regscale_id option
Scan date being reset due to sync_findings bug where the kwargs was not being passed in
Due date parsing during Trivy, Grype, and OpenText imports & Tenable IO integration
Errors during the model load --model control command
regscale control_editor command, use regscale model commands instead with --model control option April 3rd, 2025
Component relationships are displayed in the Control Implementations module
A vulnerability section has been added to the Components module
A search bar has been added to both the left and right panels
The user experience of the Control Implementation module has been streamlined
After viewing the first level of children records, the navigation panel opens a grid view of relationships
The scorecard has been redesigned
Implementation Statements for inherited Control Implementations are now optional
Various general styling issues have been resolved
Asset vulnerability section now functions as intended
There is a no selection option available for the Lightening Assessment Result field
Navigation panel now works as expected
Security Plan Scorecard search bar now functions as intended
My Risk Assessment Due Soon widget now renders correctly
Scorecard links now function as intended
April 1st, 2025
Ability to summarize Control Implementations in paragraph format
Asset dates save correctly
FedRAMP Test Case Procedures export saves to file subsystem after generation
Preview button no longer shows for .DOCX files
Questionnaire Profile selection no longer contains duplicates
Questionnaire phone number validation is less restrictive
Users cannot type in Policy Editor
Catalogues import as expected
Wayfinder deep links work correctly
Security Plan Scorecard tiles are properly aligned
Blank rows removed from eMASS Hardware Software export
eMASS SLCM export generates as expected
eMASS POA&M export exports as expected
FedRAMP Appendix A export generates as expected
FedRAMP Test Case Procedures export works as expected
FedRAMP SSP export generates Tables 7-1 and 6-1 correctly
SSP Lab Export
Revision history and review history removed
Additional categorization information added
System Owner added
Removed image headers
Corrected Implementation Status
Deviation export Type column exports correctly
DOE SSP Export generates as expected
Lab SAP and SAR generates as expected
April 1st, 2025
SecurityPlanUsers have access to Continuous Monitoring module
AssessmentUsers have access to Lightening Assessments and the Continuous Monitoring module
The Continuous Monitoring module now inherits RBAC from the parent security plan
SecurityPlanUsers can access the Control Implementations module
Read-only users can no longer:
Delete a questionnaire association
Create a questionnaire
Upload a Continuous Monitoring template
Edit the Categorization tab in the Security Plans module
Create a new Issue in the Security Plans module
Type in Lightning Assessment fields
Type in Control Implementation fields
Create new Lines of Inquiry on a Control Implementation
Create or modify files, links, or comments in the module subsystem
March 28th, 2025
Form Builder issue where save button was missing
Correct styling in Form Builder to align menu
Form Builder losing focus after typing a character into a field
