[6.29.15.1] - 2026-02-04

Fixed

• ServiceNow parameter now consistently validates incident types across all commands and maps 'critical' to 'high' for better user experience
• FedRAMP CIS/CRM import now works on first run when creating a new Security Plan
• VALID_MODULE_NAMES constant now dynamically generated from Modules().api_names() to prevent sync issues
• version check now uses metadata

Changed

• RegScale module parameter () now uses strict validation against list of valid modules for improved error messages and user experience
• Module validation is now case-insensitive (e.g., "Issues" and "issues" both work)
• ServiceNow help text improved for clarity on accepted incident type values

[6.29.15.0] - 2026-02-02

Added

• Comprehensive Test Suite for due date handler
• Python 3.14 support with CI testing

Changed

• AssetCache now uses multi-field O(1) indexing for all identifier lookups instead of O(n) iteration
• Expanded module ID mappings in modules.py from 18 to 36 modules, now covering all RegScale modules including vulnerabilities, controls, capabilities, and other previously unmapped modules
• Updated _module_id class variables for core models: Vulnerability (20→41), Control (5→15), CausalAnalysis (0→24), and added explicit module IDs for Issue (10) and Asset (3) to ensure proper API routing

Fixed

• ScannerVariables attribute access for Python 3.14 compatibility
• SSL verification setting () now correctly applied to httpx HTTPTransport for CSAM and other integrations
• homePageUrl attribute validation for older RegScale version on the User model
• Mapping severity during Snyk imports
• Asset lookup fallback now checks all identifier fields including awsIdentifier, azureIdentifier, googleIdentifier, qualysId, tenableId, wizId, and other cloud/scanner identifiers
• AWS Audit Manager resource_id format for consistency with AWS inventory asset identifiers
• CSAM:
  • Removed the "includeActive" flag on CSAM API call as it was crashing some environments
  • Added User Indicated Severity custom field to the issues module and mapped it to poams.userIdentifiedCriticality
• Fallback value not being honored when parsing dates from Qualys
• init.yaml corruption and improved failsafes when multiple tasks are trying to update the config
• Configuration save functionality that was accidentally removed during FileLock implementation
• Config defaults template now validates at load time to prevent empty dict values from being added
• SafeConfigManager now includes built-in cross-process file locking for concurrent write protection

[6.28.1.1] - 2026-01-29

Fixes

• Fixed an issue in RegML SSP Author where extracted statement previews rendered extra blank bullets and excessive spacing.
• Resolved a bug in RegML Response Automation UI that prevented confidence scores from displaying.
• Fixed an issue where the RegML enable button was not appearing in the Modules and Features section.
• Corrected custom fields behavior.
• Resolved a migration issue related to operations requiring sysadmin priviledges.
• Fixed an incorrect redirect URL to Workflow.

Changes

• Improved overall stability and compatibility of RegML features across tenant configurations.

[6.29.14.1] - 2026-01-28

Added

• Tanium integration component selection support allowing sync to SSP or specific Component via and options
• Custom CA certificate support for corporate proxy environments (Netskope, Zscaler) via config option with SSL_CERT_FILE and REQUESTS_CA_BUNDLE environment variable fallback
• OWASP ASVS framework handler for control ID matching with CWE-based vulnerability mapping
• CWE-to-control lookup methods in ControlMatcher for SARIF and vulnerability scan integrations
• SentinelOne integration for syncing agents, threats, and vulnerabilities from SentinelOne Management Console
• Unified severity mapper for consistent severity mapping across 17+ integrations
• Asset and finding parser framework for configurable data transformation
• Resilience patterns including circuit breaker, retry policies, and checkpoint manager
• Observability framework with structured logging, metrics collection, and distributed tracing
• Integration configuration manager for centralized settings management
• Dynamic connection pool sizing that scales with thread configuration
• Added Databricks Integration [Beta], allows for querying Databricks Catalog and importing as a json file
• FedRAMP CIS/CRM workbook validation command () to pre-check files before import
• SARIF compliance sync integration for mapping static analysis findings to security controls
  • New CLI command for syncing SARIF compliance data to RegScale
  • Maps SARIF findings via CWE IDs to OWASP Top 10 or NIST 800-53 controls
  • Automatically toggles control implementation status between Planned and In Remediation

Changed

• GraphQL pagination now uses iterative approach instead of recursive for improved stability
• FedRAMP CIS/CRM import now uses flexible column header matching with aliases for better template compatibility
• Api class now uses thread-local singleton pattern for improved connection pool efficiency and thread safety
• AssetCache now uses multi-field O(1) indexing for all identifier lookups instead of O(n) iteration

Fixed

• FedRAMP CIS/CRM import performance improved with optimized control implementation loading
• Asset lookup fallback now checks all identifier fields
• Custom CA certificate validation now fails fast on invalid paths instead of warning and continuing
• SARIF compliance integration now escapes HTML in user-controlled data to prevent stored XSS vulnerabilities
• SentinelOne SSL warning suppression now scoped to client requests only, no longer affects other integrations

[6.28.1.0] - 2026-01-26

Added

• Severity Label to default metadata
• Real-time cost savings streaming per control in AI Generator
• Support for global (non-U.S.) facilities in Facility Manager
• API support for creating custom fields
• Inheritance navigation to visualize security plan inheritance
• Ability for users to reset ConMon data (Assets, Vulnerabilities, Issues, linkages)
• Appendix Q export
• Separation of Duties export
• OpenTelemetry monitoring for exports and background services
• Enhanced OpenTelemetry instrumentation for RegML
• Microsoft Authenticator support for MFA
• OSCAL POA&M export update
• Appendix Q custom data object in Export Builder
• Separation of Duties custom data object in Export Builder
• Questionnaire rule support for tables
• Exposed affected control field in Report Builder

Changed

• Updated OSCAL platform exports to call new OSCAL controller APIs
• Removed group membership for disabled accounts
• Removed inheritance and component summaries from Control Implementations dialog
• Improved RBAC inheritance during batch create/update operations
• Updated Vulnerabilities, Issues, and POA&Ms management flow
• Improved Intelligent Questionnaire titles
• Updated Stakeholders endpoint (backward compatibility impact)
• Made Causal Analysis categorization and significance configurable
• Updated Kanban to respect Form Builder configuration
• Clarified Report Builder list report sorting for Lead Assessor field
• Status Boards now reflect custom compliance roll-up statuses
• Removed invalid options from Control Implementations list view
• Removed unintended bold formatting from embedded parameters in Netskope exports
• Removed supplemental guidance from FedRAMP Appendix A export
• Removed leading zeros from control titles
• Restored backward compatibility for Facility endpoint
• Tightened duplicate field validation

Fixed

• Hover cursor and highlight behavior on risk score pills
• Control preview display issues in dark mode
• Component selector overlap in Assets Module
• FedRAMP Appendix A export handling for duplicate control IDs
• Vulnerability mappings API behavior
• Missing X-axis labels in bar charts with large result sets
• Policy Status Board drill-down view
• Inheritance issues when inheriting into plans with blank parameters
• Dashboard chart drill-down functionality
• Unreadable 100% compliance score display
• Form Builder scorecard tab caching issue
• SSP export when tagging multiple diagrams
• Drill-down errors on custom reports
• Incorrect compliance status values in CMMC SSP export
• Custom fields not displaying on security controls
• Duplication of original custom fields in new tenants
• Embedded tables in SSP exports
• Incorrect component counts on Security Plan Status Board
• 500 errors on saved searches using custom fields
• Inconsistent FedRAMP Appendix A table-of-contents generation
• Unintended child record deletion when deleting an SSP
• Profiles list API timeout (504 error)
• Inability to save partial control implementations
• Saving multiple questionnaire rule actions
• Lightning Assessments finalization flow
• PDF preview display in file subsystem
• Missing CVEs and remediation comments in reports
• License format error on new instances
• Asset batch create/update integration key handling
• ConMon FedRAMP SAR and SAP export generation
• Form Browser page titles not reflecting selected tab
• Font switching issue when updating FedRAMP Appendix A TOC
• User Management navigation causing 404
• Control Title field issues in Export Builder
• Multiple Appendix A Export Builder defects
• Misleading questionnaire toast errors in on-prem environments
• Intermittent login errors for users without assigned roles
• Relabeled fields not appearing in Report Builder
• AI Auditor not completing after audits
• SSP Author failing to run after startup
• Missing Save button on Maturity & Quality tab
• Importing Form Builder exports
• RegML extractor failures with large file sets
• Issues ↔ Assets mapping table errors
• Security finding related to overexposed keys
• Issue Status Board analytics tab
• Unimplemented Angular questionnaire methods
• Inability to create new user accounts
• Required Issue custom fields not saving
• SSP Author timeout (504 error)
• Validation errors when saving forms with custom fields
• Incorrect compliance hygiene display on Status Boards

[6.29.13.0] - 2026-01-23

Added

• Unified severity mapper for consistent severity mapping across 17+ integrations
• Asset and finding parser framework for configurable data transformation
• Resilience patterns including circuit breaker, retry policies, and checkpoint manager
• Observability framework with structured logging, metrics collection, and distributed tracing
• Integration configuration manager for centralized settings management
• Dynamic connection pool sizing that scales with thread configuration

Changes

• GraphQL pagination now uses iterative approach instead of recursive for improved stability

Fixed

• Fixed an issue with default config affecting config decryption/encryption

[6.29.7.6] - 2026-01-22

Fixed

• Fixed requirements.txt package to lock version
• Set minimum versions for rich and typing-extensions to prevent pip dependency conflicts
• Prisma Cloud scanner integration kwargs compatibility with ScannerIntegration base class
• Prisma Cloud IntegrationFinding field mapping to use correct scanner_integration field names (affected_packages, installed_versions, fixed_versions)
• Prisma Cloud Issue field population in RegScale UI (title, source identifier, identification, severity handling)
• Prisma Cloud vulnerability parsing AttributeError when status field is None from API (502 parsing errors fixed)
• Prisma Cloud integration now accepts non-CVE vulnerability identifiers (GHSA, PRISMA, GO, etc.) instead of rejecting them
• Prisma Cloud AttributeError when status field contains enum object instead of string value during fix version extraction
• Prisma Cloud warning about unable to map status value by passing string instead of enum to IntegrationFinding
• Scanner integration status mapping now recognizes common vulnerability status values (fail/failed, active, new, fixed)
• Removed unused frontend dependency to reduce transitive dependencies

[6.29.7.5] - 2026-01-21

Fixed

• Fixed a conflict with emass integration
• Airflow container update security patch
• Fixed an issue causing AirFlow DAG's to not load properly

[6.29.7.1] - 2026-01-20

Added

• SSP cleanup CLI commands to delete issues and vulnerabilities with associated mappings
  • • Delete all issues from an SSP with optional status filtering
  • • Delete all vulnerabilities and mappings from an SSP
  • Supports dry-run mode, force flag, and progress feedback during bulk operations
• Qualys CIS Benchmark report import with full POAM metadata support
  • New CLI command for importing CIS Benchmark compliance reports
  • Creates Issues with 5 POAM metadata fields (Original Risk Rating, Remediation Description, POA&M Comments, Asset Identifier, Affected Controls)
  • Creates Vulnerabilities from failed CIS controls with proper severity mapping
  • Optional control assessment creation with NIST 800-53 mapping via flag
  • Helper function in vmdr.py for programmatic issue creation
  • CIS compliance integration processor with heuristic control ID matching
  • Comprehensive unit tests for CIS report parsing and issue creation (14 tests covering parsing, de-duplication, POAM fields, and integration workflow)

Fixed

• Qualys CIS report parsing now handles None/empty CSV field values without crashing
• Qualys integration POAM metadata field handling
  • Asset identifier now uses newline-separated format per RegScale convention
  • POAM fields now persist correctly using two-step process (batch create + individual .save() calls)
  • Issue severity levels use simple format (Critical, High, Medium, Low) instead of FedRAMP format
• Console output now uses ASCII characters instead of Unicode for Windows CMD compatibility
• Qualys VMDR report import now supports configurable POAM fields for multi-tenant compatibility
  • and fields can be disabled via config for tenants without these fields
  • Configuration flags: and (both default to true)
• Qualys batch operations now include retry logic for transient API failures
  • 3-attempt retry with exponential backoff (5s, 10s, 20s) for issue and vulnerability creation
  • Improved resilience for large imports with network interruptions
• Qualys API rate limiting now supports Retry-After headers with adaptive backoff
  • Increased max retries from 3 to 5 for report fetching
  • Uses server-provided Retry-After header when available instead of fixed exponential backoff
• Prisma Cloud integration type conversion errors with empty configuration values
  • Applied safe type conversion pattern across all 7 affected locations in scanner.py and cli.py
  • Empty string values in init.yaml for prismaApiTimeout, prismaApiRetries, prismaPageSize now use proper defaults (30, 3, 50)
  • Empty or None values for prismaVerifySsl now default to True (secure default)
  • Empty values for prismaDeduplicateFindings now properly disable deduplication
  • Comprehensive regression test suite (19 tests) validates edge case handling
• Security vulnerabilities in core dependencies
  • Updated cryptography to >=43.0.0
  • Updated pyyaml to >=6.0
  • Updated requests to >=2.32.0 (ensures latest SSL/TLS security patches)
  • Dependency version constraints
  • Upgraded Python from 3.12 to 3.13
  • Upgraded Airflow from 3.1.3 to 3.1.6 to align with pyproject.toml
  • Pinned urllib3>=2.6.3
  • Pinned setuptools>=75.8.0
  • Removed unused git package from Airflow runtime image
  • Removed unused Airflow simple auth UI with vulnerable JavaScript packages
• Security patches for system Python packages (pip, setuptools, jaraco.context)
• Missing dependency for Wiz integration compliance features

[6.28.0.1] - 2026-01-20

Summary

This release addresses issues identified in the 6.28.0.0 release related to database migrations impacting large and newly created databases. The fixes improve upgrade reliability, prevent blocking migrations, and ensure successful installation across all supported database scenarios.

Fixes

• Resolved database migration issues affecting upgrades on large databases, particularly those with substantial LogEvents data.
• Prevented blocking behavior caused by schema changes that could leave the database in an unusable state.
• Fixed migration failures when installing or upgrading against a blank database (no existing LogEvents table).

Improvements

• Added safeguards to conditionally apply online index operations only when supported and safe.
• Introduced mitigation scripts to reduce excessive LogEvents data during upgrades, improving migration performance and reliability.
• Improved validation and testing coverage across large, integration, and clean-install database scenarios.