- Logic to Sicura integration to a RegScale Security Plan's control implementations to build a control profile scan for the assets
- Mapping CCI data for control parts for NIST 800-53 rev4 and rev5 catalogs in cci_importer integration
- Microsoft entra evidence collection to use .xlsx files to preserve data format
- Wiz vulnerability integration handling of findings with missing asset containers or None severity values
- Added support for "INFO" and "NONE" severity levels from Wiz findings
- Improved error handling to prevent crashes when Wiz returns null values for asset references
- Not filtering assets and findings from Tenable IO with the provided tags
- Mapping vulnerability severities during Aqua import
- Logic when handling region during the AWS integration
- Retry and backoff logic when fetching data from Ticketing, Assets, Vulnerabilities, & EDR connector integrations
- Resiliency and fallback methods when parsing data from Vulnerabilities connector integrations
- Errors when parsing data from the Tanium Cloud integration
- Error in wiz command structure
- Wiz Compliance Report integration now uses ControlMatcher for robust control ID matching
- AWS sync_assets and sync_findings_and_assets commands in Automation Manager
- CIS benchmark compliance sync from Tenable.io and Tenable SC to RegScale checklists
- STIG compliance sync from Tenable.io and Tenable SC to RegScale checklists
- Custom field support for Jira integrations
- --poam flag to the Jira issues command to create/update issues in RegScale for the issues coming from Jira
- Improved threaded tasks in Jira to log any errors encountered to the console and logs
- vuln_filter in vulnerabilities connector to minimum_severity_filter
- Hiding input when prompting for secrets during any of the Ticketing, Assets, Vulnerabilities, & EDR connector integrations
- Refactored Wiz integration to use modular architecture
- Control Implementation status updates to use ControlMatcher class
- Default value to preventAutoClose to false, update the value in init.yaml for issues that are no longer reported in scans to close outdated issues
- Default value for status_lst on the Control Implementation model
- Wiz compliance report:
- compliance report filtering
- control matching with leading zeros
- Milestone creation for compliance integration issue updates
- Issue identification properly set to SecurityControlAssessment for compliance findings
- GraphQL error when listing Wiz compliance reports now matching by name with project id included in name
- Default value for status_lst on the Control Implementation model to support new RegScale server versions
- FedRAMP CIS/CRM import to work with AWS worksheets that have extra columns
- "No SSP Document Found." error during fedramp import_docx command
- Multiple errors during Qualys import_scans command
- Error message logging for email failures
- Catalogs archiving successfully if there are attached Control Implementations
- Ability for general users to save updates to issues they didn't create
- JQL parameter for both Jira issues and tasks sync jobs in Automation Manager
- FedRAMP Rev 5 POAM export enhancements to Nexpose integration:
- Support for custom text-based severity fields adobe_severity and nexpose_severity with null safety
- get_source_file_path method to expose file path for source file path property generation
- Ability to export FedRAMP Rev 5 POAM Excel via regscale fedramp export_poam_v5
- Support for custom text-based severity fields (
adobe_severity, nexpose_severity) with null safety
get_source_file_path() method to expose file path for source file path property generation
- Option to Sicura sync_findings command to trigger a new task before importing the results into RegScale
- Updated Sicura integration to work with their latest release
- Improved logic when matching controls from Wiz to RegScale controls
- Improved Wiz compliance report filtering to use projectId parameter
- Jira Tasks Job not showing up in Automation Manager
- Changed some attributes on STIG related entities to correctly be optional
- Rare instance of init.yaml getting corrupt/reset
- Control assessments being created as Failed when the Control is Fully Implemented in Scanner Integration
- Incorrectly labeling CIS Benchmarks as STIGs for Asset Security Checks
- Milestone creation for compliance integration issue updates
- Issue identification properly set to SecurityControlAssessment for compliance findings
- Resolved Security Plan scorecard performance to deliver much faster load times
- Resolved issue so that creating Security Plans via API now works reliably
- Resolved issue to allow general users to successfully update Issue records
- Add table question type
- Ability to define questionnaire header fields to capture additional information on questionnaire responses
- Option to limit response editing to questions that the user is assigned to
- Resolved "FlatAssignee" value not populating in Questionnaire Instance when no other assignee exists
- Resolved error when trying to re-open an Accepted Questionnaire
- Resolved reporting issue on questionnaire data created before the initial report builder enhancement
- Ability for builder to add controls to a SSP
- noPastDueDates configuration setting in init.yaml to control due date validation behavior (default: true)
- Support for integration-specific due date validation overrides
- Due date validation errors in scanner integrations
- Past due dates are now automatically adjusted to future dates to prevent API validation failures
- Default maxThreads to handle NoneType when deciding number of threads to utilize
