Qualys Policy Compliance integration with three new commands for policy management
list_policies: List all policies from Qualys Policy Compliance with framework and control count
export_policy: Export individual policies to JSON format for backup or review
import_policy: Import Qualys policies into RegScale Security Plans or Components as Policy objects
AWS Audit Manager control ID matching for non-NIST frameworks
Fixed
Minor Bug fixes to Axonius Integration
AWS IAM evidence collection now properly creates assets for compliance tracking
QRadar query_events evidence filenames now use full date-time format (YYYYMMDD_HHMMSS) instead of date-only format for better traceability and to prevent file overwrites
Evidence record titles now include full date-time format (YYYY-MM-DD HH:MM:SS) instead of date-only or missing timestamps for better traceability
QRadar query_events evidence titles now include full timestamp
QRadar sync_events evidence titles now include time component
AWS evidence generators (Audit Manager, Config, GuardDuty, IAM, KMS, Organizations, SecurityHub) now include time component
AWS sync_findings_and_assets command now supports --force-refresh flag to bypass 8-hour inventory cache
AWS Audit Manager evidence collection NameError for undefined scan_date variable in _upload_consolidated_evidence
QRadar query_events timeouts now treated as failed queries (no results found) instead of raising exceptions
Qualys Policy Compliance integration with three new commands for policy management
list_policies: List all policies from Qualys Policy Compliance with framework and control count
export_policy: Export individual policies to JSON format for backup or review
import_policy: Import Qualys policies into RegScale Security Plans or Components as Policy objects
AWS Audit Manager control ID matching for non-NIST frameworks
Fixed
Minor Bug fixes to Axonius Integration
AWS IAM evidence collection now properly creates assets for compliance tracking
QRadar query_events evidence filenames now use full date-time format (YYYYMMDD_HHMMSS) instead of date-only format for better traceability and to prevent file overwrites
Evidence record titles now include full date-time format (YYYY-MM-DD HH:MM:SS) instead of date-only or missing timestamps for better traceability
QRadar query_events evidence titles now include full timestamp
QRadar sync_events evidence titles now include time component
AWS evidence generators (Audit Manager, Config, GuardDuty, IAM, KMS, Organizations, SecurityHub) now include time component
AWS sync_findings_and_assets command now supports --force-refresh flag to bypass 8-hour inventory cache
AWS Audit Manager evidence collection NameError for undefined scan_date variable in _upload_consolidated_evidence
QRadar query_events timeouts now treated as failed queries (no results found) instead of raising exceptions
Qualys Policy Compliance integration with three new commands for policy management
list_policies: List all policies from Qualys Policy Compliance with framework and control count
export_policy: Export individual policies to JSON format for backup or review
import_policy: Import Qualys policies into RegScale Security Plans or Components as Policy objects
AWS Audit Manager control ID matching for non-NIST frameworks
Fixed
Minor Bug fixes to Axonius Integration
AWS IAM evidence collection now properly creates assets for compliance tracking
QRadar query_events evidence filenames now use full date-time format (YYYYMMDD_HHMMSS) instead of date-only format for better traceability and to prevent file overwrites
Evidence record titles now include full date-time format (YYYY-MM-DD HH:MM:SS) instead of date-only or missing timestamps for better traceability
QRadar query_events evidence titles now include full timestamp
QRadar sync_events evidence titles now include time component
AWS evidence generators (Audit Manager, Config, GuardDuty, IAM, KMS, Organizations, SecurityHub) now include time component
AWS sync_findings_and_assets command now supports --force-refresh flag to bypass 8-hour inventory cache
AWS Audit Manager evidence collection NameError for undefined scan_date variable in _upload_consolidated_evidence
QRadar query_events timeouts now treated as failed queries (no results found) instead of raising exceptions
Add Container Security integration to sync_qualys command with --include-containers flag supporting mode-aware issue consolidation (Consolidated vs Per-Asset)
WAS (Web Application Scanning) integration to sync_qualys command with --include-was flag
HTTP Basic Auth for WAS API with pagination and threading support
Mode-aware deduplication (Consolidated vs Per-Asset)
OWASP category mapping and WAS-specific fields (URL, parameter, HTTP method)
31 comprehensive unit tests with 100% pass rate
Uses dateutil for robust datetime parsing
Proper error handling with warnings for unexpected data types and duplicates
QRadar query_events now supports flexible field querying (not just AWS Account ID)
New CLI options: --query-field, --query-value, --time-window-hours for flexible querying
Can now query by username, IP address, or any QRadar field (not just AWS Account ID)
Backward compatible: --account-id still works and maps to AWS Account ID query
Introduced QRadarQueryConfig and ControlAssessmentContext data classes for type safety
Assessment descriptions now generic (e.g., "username: jdoe" instead of hardcoded "AWS Account")
Improved data validation and parameter cohesion
Created constants.py module to centralize configuration constants for better maintainability
Replaced hardcoded strings throughout with named constants (ASSESSMENT_RESULT_PASS, ASSESSMENT_RESULT_FAIL, etc.)
Reduced cognitive complexity from 16 to 5 by extracting helper functions
GCP Security Command Center Integration
Asset Collection: Collects inventory for compute, storage, database, and more.
Findings & Vulnerabilities: Fetches SCC findings, parses for multi-framework mapping, and syncs vulnerabilities.
Compliance Integration: Maps findings to frameworks (NIST, CIS, FedRAMP, PCI-DSS, SOC2) and updates control status.
Evidence Collection: Automates evidence gathering per service.
Fixed
QRadar query_events now creates assessments with descriptive text and properly links evidence to both control-level and SSP-level assessments for complete visibility
Changed QRadar query time window from 24 hours to 8 hours for more accurate recent event assessment
Reduce complexity in Qualys inner_join function by extracting helper functions
Fixed critical KeyError: 'domain' crash affecting all Automation Manager integrations in RegScale
Added defensive config access in APIHandler to prevent KeyError crashes
Implemented JSON validation in decryption flow to handle malformed decrypted config
