HomeGuidesAPI ReferenceChangelog
Changelog

[6.19.0.0] - 2025-04-25

Added

  • Option to process STIG assets and vulnerabilities to a Component

Changed

  • Improved error handling when encountering errors while uploading files to RegScale
  • Improved performance in Qualys Total Cloud integration
  • Tenable SC to use jsonl scanner integration to reduce overhead and increase performance
  • Tenable IO and SC directory and commands to use variables and follow design pattern

Fixed

  • Application class being prematurely initialized causing unnecessary overhead
  • Tenable SC integration not honoring config minimum severity in init.yaml

[6.19.0.0] - 2025-04-20

Added

  • New Cyber Hygiene Report to easily view most risky components
    • Rollup vulnerability data by component
    • Rollup security check data to show posture and calculate overall system posture
    • Rollup by issue
  • Rollup metrics for size and quantity of data in the database
  • Parent information included in risk rollup

Changed

  • Layout of security checks to make most relevant data display first

Fixed

  • Password generator to always meet app requirements
  • Relationships between risk records to display correctly and include the correct identifier
  • Prevent running RegML Auditor when there is no data present
  • Can add new tests when there are no existing tests in the catalog
  • Vulnerability modal displays in dark mode
  • Layout of vulnerability data
  • Calculation of security check percentage is now correct
  • Removed soft deleted data from rollup status board

[6.18.0.0] - 2025-04-18

Added

  • SSP validation to the Nessus and Burp flat file imports
  • EDR/Endpoint connector in Automation Manager

Fixed

  • Prevent sending Authorization headers for validateToken endpoint in API requests

[6.18.3.0] - 2025-04-17

Added

  • Background scheduled task to automate database index maintenance

Performance

  • Database index defragmentation across multiple tables for improved performance

[6.18.2.0] - 2025-04-17

Added

  • Introduced the Report Builder role for additional access granularity to report builder

Changed

  • Modified the Project Status field on the Projects listing page to display as a string
  • Eliminated the requirement for Control Source in the Control Implementations module

Fixed

  • Ensured that LOI-compliant calculations no longer include the N/A status
  • Corrected the display of the Evidence Scorecard in the Policies Module ensuring it accurately shows evidence
  • Improved dark mode display
    • Evidence Scorecard
    • Project Scorecard
  • Enabled users to clear the Date Completed field in the Data Calls module
  • Enhanced the functionality of the Security Plan Status Board ensuring that search works correctly
  • Corrected the rendering of drop-downs
  • Ensured that FedRAMP SAR Export completes the container web and database sections accurately
  • Return expected 400 response code for missing field in POST or PUT to softwareInventory
  • Corrected the control status and originations for FedRAMP CIS/CRM exports when using compliance settings
  • Ensured that Control Implementations are sorted correctly on the Security Plan scorecards
  • Changed to an Edit prefix in the Compliance Settings header when editing existing settings
  • Prevented users from deleting RegScale-provided Compliance Settings
  • Implemented Swagger updates when new APIs are added to the system
  • Populated the Parent ID when creating new Continuous Monitoring records
  • Tailored exports corrections
    • Consistent font
    • Fixed large image sizes
    • Duplicated Implementation Statement
    • Spacing after Implementation Statement
    • Including additional data from the platform
  • Strengthened the form upgrade logic to prevent upgrades from hiding fields
  • Restored the paragraph formatting for the Control Implementation statement
  • Enhanced the functionality of the Questionnaire role ensuring it works as expected
  • Returning results when selecting All Time in Reports
  • Report titles working with custom labels
  • Respecting role permissions when navigating to Reports
  • Populating data calls by owner and status date dropdown in Reports
  • Performance issue for finalizing Continuous Monitoring Plan with a large number of controls
  • Check to prevent error response when pulling control implementation with bad data

[6.17.0.0] - 2025-04-11

Added

  • MasterAssessment model to RegScale Models
  • .msg file type support when uploading files to RegScale
  • EDR Connector type which adds the ability to ingest EDR data from multiple integrations like CrowdStrike, Microsoft Defender, Malwarebytes and future integrations via
  • Counting informational findings when processing vulnerabilities during
  • Using the sslVerify from init.yaml or environment variable: to DuroSuite and Sicura API calls

Changed

  • Better authentication errors with Tenable SC and Vulnerability Management (IO)

Changed

  • Required fields on SupplyChain model to match RegScale model
  • Improved performance when analyzing issues for closure during

Fixed

  • Multiple warning messages when was set to false in the file or environment variable
  • Error when counting vulnerabilities during Tenable SAP import
  • Error parsing vulnerabilities during OpenText import
  • Progress bars not behaving correctly during the SAP and SysDig flat file imports
  • Errors during Tenable SAP and Tenable SysDig integration

Removed

  • recommendations from the Risk model

[6.18.1.0] - 2025-04-10

Added

  • Added option to populate FedRAMP Rev5 Appendix A implementation statements from the Implementation Statement field on the Control Setting tab

Performance

  • Improved application startup performance

[6.18.0.0] - 2025-04-05

Added

  • Introduction of Wayfinder Builder for creating Wayfinder Templates
    • Create, edit, and delete Wayfinder Templates
    • Create, edit, and delete Stages and Activities
    • Add internal and external links to Wayfinder activities
    • Select Wayfinder Templates from a form
    • Select a Wayfinder Template as the Default Wayfinder for a Compliance Setting
    • Import & Export Wayfinder templates
  • Wayfinder SSP Dashboard Widget

[6.16.4.1] - 2025-04-04

Fixed

  • Fixed repetitive logging message during ScannerIntegration when updating ScanDate

[6.16.4.0] - 2025-04-04

Added

  • Additional logging during ScannerIntegration to further describe the Vulnerabilities processed
  • Additional logging to the Qualys total cloud command
  • FunctionalRole to RegScale Models

Changed

  • Updated risk RegScale model

Fixed

  • Conflicting progress bars during the Sicura integration
  • Control origin, responsibility texts, and rolled up to the implementation during FedRAMP CIS/CRM import
  • Missing assets and vulnerabilities when scan file contains both fqdn and ip address for the same asset
  • Wiz inventory command when using the --regscale_id option
  • Scan date being reset due to sync_findings bug where the kwargs was not being passed in
  • Due date parsing during Trivy, Grype, and OpenText imports & Tenable IO integration
  • Errors during the model load --model control command

Deprecated

  • regscale control_editor command, use regscale model commands instead with --model control option