April 25th, 2025
Option to process STIG assets and vulnerabilities to a Component
Improved error handling when encountering errors while uploading files to RegScale
Improved performance in Qualys Total Cloud integration
Tenable SC to use jsonl scanner integration to reduce overhead and increase performance
Tenable IO and SC directory and commands to use variables and follow design pattern
Application class being prematurely initialized causing unnecessary overhead
Tenable SC integration not honoring config minimum severity in init.yaml
April 20th, 2025
New Cyber Hygiene Report to easily view most risky components
Rollup vulnerability data by component
Rollup security check data to show posture and calculate overall system posture
Rollup by issue
Rollup metrics for size and quantity of data in the database
Parent information included in risk rollup
Layout of security checks to make most relevant data display first
Password generator to always meet app requirements
Relationships between risk records to display correctly and include the correct identifier
Prevent running RegML Auditor when there is no data present
Can add new tests when there are no existing tests in the catalog
Vulnerability modal displays in dark mode
Layout of vulnerability data
Calculation of security check percentage is now correct
Removed soft deleted data from rollup status board
April 18th, 2025
SSP validation to the Nessus and Burp flat file imports
EDR/Endpoint connector in Automation Manager
Prevent sending Authorization headers for validateToken endpoint in API requests
April 18th, 2025
Background scheduled task to automate database index maintenance
Database index defragmentation across multiple tables for improved performance
April 17th, 2025
Introduced the Report Builder role for additional access granularity to report builder
Modified the Project Status field on the Projects listing page to display as a string
Eliminated the requirement for Control Source in the Control Implementations module
Ensured that LOI-compliant calculations no longer include the N/A status
Corrected the display of the Evidence Scorecard in the Policies Module ensuring it accurately shows evidence
Improved dark mode display
Evidence Scorecard
Project Scorecard
Enabled users to clear the Date Completed field in the Data Calls module
Enhanced the functionality of the Security Plan Status Board ensuring that search works correctly
Corrected the rendering of drop-downs
Ensured that FedRAMP SAR Export completes the container web and database sections accurately
Return expected 400 response code for missing field in POST or PUT to softwareInventory
Corrected the control status and originations for FedRAMP CIS/CRM exports when using compliance settings
Ensured that Control Implementations are sorted correctly on the Security Plan scorecards
Changed to an Edit prefix in the Compliance Settings header when editing existing settings
Prevented users from deleting RegScale-provided Compliance Settings
Implemented Swagger updates when new APIs are added to the system
Populated the Parent ID when creating new Continuous Monitoring records
Tailored exports corrections
Consistent font
Fixed large image sizes
Duplicated Implementation Statement
Spacing after Implementation Statement
Including additional data from the platform
Strengthened the form upgrade logic to prevent upgrades from hiding fields
Restored the paragraph formatting for the Control Implementation statement
Enhanced the functionality of the Questionnaire role ensuring it works as expected
Returning results when selecting All Time in Reports
Report titles working with custom labels
Respecting role permissions when navigating to Reports
Populating data calls by owner and status date dropdown in Reports
Performance issue for finalizing Continuous Monitoring Plan with a large number of controls
Check to prevent error response when pulling control implementation with bad data
April 11th, 2025
MasterAssessment model to RegScale Models
.msg
file type support when uploading files to RegScale
EDR Connector type which adds the ability to ingest EDR data from multiple integrations like CrowdStrike, Microsoft Defender, Malwarebytes and future integrations via
Counting informational findings when processing vulnerabilities during
Using the sslVerify
from init.yaml or environment variable: to DuroSuite and Sicura API calls
Better authentication errors with Tenable SC and Vulnerability Management (IO)
Required fields on SupplyChain model to match RegScale model
Improved performance when analyzing issues for closure during
Multiple warning messages when was set to false in the file or environment variable
Error when counting vulnerabilities during Tenable SAP import
Error parsing vulnerabilities during OpenText import
Progress bars not behaving correctly during the SAP and SysDig flat file imports
Errors during Tenable SAP and Tenable SysDig integration
recommendations
from the Risk model
April 10th, 2025
Added option to populate FedRAMP Rev5 Appendix A implementation statements from the Implementation Statement field on the Control Setting tab
Improved application startup performance
April 5th, 2025
Introduction of Wayfinder Builder for creating Wayfinder Templates
Create, edit, and delete Wayfinder Templates
Create, edit, and delete Stages and Activities
Add internal and external links to Wayfinder activities
Select Wayfinder Templates from a form
Select a Wayfinder Template as the Default Wayfinder for a Compliance Setting
Import & Export Wayfinder templates
Wayfinder SSP Dashboard Widget
April 4th, 2025
Fixed repetitive logging message during ScannerIntegration when updating ScanDate
April 4th, 2025
Additional logging during ScannerIntegration to further describe the Vulnerabilities processed
Additional logging to the Qualys total cloud command
FunctionalRole
to RegScale Models
Updated risk RegScale model
Conflicting progress bars during the Sicura integration
Control origin, responsibility texts, and rolled up to the implementation during FedRAMP CIS/CRM import
Missing assets and vulnerabilities when scan file contains both fqdn and ip address for the same asset
Wiz inventory command when using the --regscale_id
option
Scan date being reset due to sync_findings bug where the kwargs was not being passed in
Due date parsing during Trivy, Grype, and OpenText imports & Tenable IO integration
Errors during the model load --model control
command
regscale control_editor
command, use regscale model
commands instead with --model control
option