Tanium Cloud API Gateway (GraphQL) support for asset, vulnerability, and compliance synchronization
Automatic detection of Tanium Cloud vs on-premises deployment with configuration option
Thread-safe httpx client management with automatic domain change detection
Shared domain normalization utility for consistent URL handling
Class method for creating clients from Application config
Changed
is now a property that returns the current Application singleton instead of a stored instance; test mocks using are unaffected, but direct attribute assignments like on real Api instances will raise
Domain resolution in HttpClientConfig now uses shared utility for consistency with Application logic
YAML config parsing in Airflow remote fetch now includes error handling for malformed responses
Nessus import now logs per-file progress (file X/Y: filename) for better visibility during large batch imports
Fixed
SyntaxWarning noise from nessus_file_reader package when running Nessus commands on Python 3.12+
Nessus import crashing with out-of-memory on large scan files by using direct file parsing and streaming fallback
Nessus asset updates failing with 500 errors when hosts have many MAC addresses by using only the first MAC
CloudWatch evidence upload (REG-20294): File upload to RegScale now works for sync_cloudwatch_ex and sync_cloudwatch_aws by using dict format for multipart (required by httpx; requests accepts it too)
Wiz Inventory command not fetching Assets from Wiz
AWS CloudWatch sync with pagination support ( command) for parallel job processing with dry-run mode to report total log group count and offset/limit parameters for distributed processing across multiple workers
IssueAssetMapping model for mapping issues to assets with CRUD, batch create, and query-by-issue/asset support
Axonius V2 integration with asset and vulnerability synchronization using the axonious SDK, supporting hybrid delta sync and saved query strategies
OpenText Fortify WebInspect Airflow DAG for automated scan imports
Direct AWS SDK credential support (access key, secret key, session token) for OpenText, Trivy, and Grype S3 integrations
S3 authentication guide documentation for file import integrations
Changed
AWS CloudWatch extended sync command () now supports init.yaml credential configuration and removes explicit credential CLI flags (use init.yaml, environment variables, or --profile instead)
AWS CloudWatch evidence processing now uses in-memory compression instead of temporary files, making it Celery-safe for ephemeral containers with limited or readonly filesystems
Wiz integration now defaults unknown severity values to "Not Assigned" instead of "Low" to avoid understating risk
Wiz async GraphQL client now retries transient failures (429, 500, 502, 503, 504) with exponential backoff before failing
Wiz authentication fallback now tries all Cognito URLs instead of only the first one
Fixed
AWS no longer hangs during asset cache warming, and now consolidates findings to eliminate duplicate vulnerabilities
AWS component mapping no longer produces redundant "mapping already exists" errors for pre-existing components
AWS CVE override of no longer breaks finding consolidation for compliance checks sharing the same CVE
Qualys Container Security API calls now respect the config setting instead of being hardcoded to
Qualys WAS findings pagination now has a safety limit (default 50) to prevent runaway fetches against large or mock servers
Scanner integration mopup no longer closes findings from earlier batches during multi-chunk syncs
AWS no longer hangs during asset cache warming, and now consolidates findings to eliminate duplicate vulnerabilities
AWS component mapping no longer produces redundant "mapping already exists" errors for pre-existing components
AWS CVE override of no longer breaks finding consolidation for compliance checks sharing the same CVE
Qualys Container Security API calls now respect the config setting instead of being hardcoded to
Qualys WAS findings pagination now has a safety limit (default 50) to prevent runaway fetches against large or mock servers
Configuration placeholder values no longer use angle brackets that break YAML parsing when fetched from the RegScale API
CSAM URL validation no longer incorrectly checks the token variable instead of the URL variable
HTTP/2 "Server disconnected" errors during concurrent API requests now automatically retry with exponential backoff instead of failing immediately
Prisma Cloud SBOM bulk sync now creates SBOM records and software inventory for matched assets
AWS CloudWatch Logs integration failing with ValidationException errors in GovCloud regions due to incomplete ARN construction (missing suffix and wrong partition)
Wiz async vulnerability scanner crashing with NoneType error in containerized environments (Fargate/ECS) due to unhandled SystemExit in async event loop
FedRAMP Appendix A importer now correctly extracts parameters with multi-parenthetical names and numeric suffixes (e.g., SC-5(a)-1, AC-1(c)(1)-2)
FedRAMP Appendix A parameter deduplication no longer produces duplicate warnings due to leading whitespace mismatch between DOCX and markdown parsers
FedRAMP Appendix A parameter matching now resolves leading-zero format differences between OSCAL identifiers and RegScale ControlParameter records
Resolved a bug where Categorization & Classification search only returned matches for Information Types.
Fixed distributed cache not being invalidated on startup.
Resolved failing test: .
Fixed returning 401 Unauthorized unexpectedly.
Fixed Automation Manager UI issues with inconsistent Edit/Delete buttons in Keys and Secrets.
Fixed Automation Manager UI bug preventing users from adding new keys.
Fixed Automation Manager execution date scaling issue.
Fixed Workbench drilldown arrow alignment in Automation Manager UI.
Fixed issue where Workbench drilldown into cards failed to load.
Fixed Automation Manager UI issue preventing upload of files.
Fixed issue preventing deletion of Service Account tokens in Automation Manager.
Fixed issue where users were unable to create or update individual secrets in Automation Manager.
Fixed issue where scheduling a job returned a 400 error.
Changed
Improved UI spacing and padding when adding new key values in Automation Manager.
Implementation Limitations and Known Issues in this Release
This release has been tested to be compatible with RegML and Harvester version 6.29.0.0.
To avoid unexpected timeouts and being logged out of the application, set the session timeout value greater than the browser inactivity value. Session timeout is being enforced prior to inactivity.
There is currently no warning to the end user before being automatically logged out of the application.
Prisma Cloud flag for sync_hosts and sync_images to preview sync without creating records
Prisma Cloud and options for paginated sync of hosts and images
Prisma Cloud authenticate command now saves token to init.yaml for reuse by sync commands
Changed
Prisma Cloud sync_hosts and sync_images commands unified into shared sync logic for consistency
Prisma Cloud API client pagination now supports offset and max_items parameters
Prisma Cloud API client URL-encodes user input in path segments for safety
Shortcut for on Tenable Nessus import command
Comprehensive security tests for validate_name_input() function covering 35 command injection attack vectors
Shortcut for on Tenable Nessus import command
Google BigQuery support for asset synchronization with table and query modes, dry-run counting, pagination for parallel processing, and SQL injection protection
AWS CLI parameters standardized to use snake_case as primary naming (e.g., --account_id) with hyphenated aliases for backward compatibility (e.g., --account-id)
Processed Nessus files are now organized into date-based subfolders () preserving original filenames
Fixed
CLI version command tests failing with AttributeError when importing evidence module during lazy loading
Python 3.12+ SyntaxWarning messages when running Tenable CLI commands caused by outdated dependency
Prisma vulnerability integration incorrectly using CVE IDs as the field instead of "Vulnerability Assessment", causing inconsistency with other scanner integrations (Qualys, AWS Inspector, SentinelOne, Tanium)
Prisma Cloud authentication URL construction using f-strings instead of urljoin
Azure Entra evidence collection commands () hitting commercial cloud Graph API endpoints () instead of government cloud endpoints (), causing 401 InvalidCloudInstance errors for Azure Government Cloud tenants
Scanner integrations creating zero vulnerabilities and zero severity counts when assets are not pre-matched in the local cache
Server-side asset discovery now enabled for vulnerability batch submissions, allowing automatic asset linking when CLI-side matching is unavailable
Application config tests failing in Python 3.13+ due to file write buffering causing race conditions between save and load operations in parallel test execution
