HomeGuidesChangelog
Changelog

RegScale 6.27.2.0

[6.27.2.0] - 2025-12-10

Fixed

  • Evidence Completion Report now includes evidence from Evidence Locker
  • Task creation in the Categorization Kanban now works correctly
  • Deviation Rationale now displays properly in the Deviations tab
  • Swagger generation for releases now correctly lists v1 and v2 endpoints
  • Dashboard Builder “By Module” filter now returns accurate results
  • Steps to implement can now be saved when only part of a control is implemented
  • Title Status and Description fields in user-defined Task Reports no longer show null values
  • POST requests with invalid LoE now return a 400 status as expected
  • PUT requests with invalid LoE now return a 400 status as expected

CLI 6.29.1.1

[6.29.1.1] - 2025-12-09

Fixed

  • fixed issue with synqly tanium vulnerability ipaddress holding both v4 and 6

CLI 6.29.1.0

[6.29.1.0] - 2025-12-08

Removed

  • Irrelevant Audit Manager Status and Evidence Count metadata from issue descriptions during AWS Security Hub integration

Fixed

  • Fix FedRAMP Appendix A page break content truncation
  • REG-18979: Fixed Qualys VMDR API URL construction causing XML parsing errors - URLs now include leading slash and trailing slash before query parameters
  • AWS Security Hub:
    • Consolidated mode now properly groups findings by plugin_id
    • AttributeError by standardizing plugin_id naming convention
    • Remediation URLs removing extra 'securityhub-' prefix that caused broken documentation links

Security

  • Routine dependency updates

RegScale 6.27.1.1

[6.27.1.1] - 2025-12-05

Fixed

  • Assessment modules with required custom fields can be updated
  • Ability to create a new Casual Analysis from an existing Issue record

RegScale 6.27.1.0

[6.27.1.0] - 2025-11-26

Added

  • Issues API
      • Bulk create issues
      • Bulk update existing issues
      • Create or update based on provided unique keys
      • Memory-efficient export of large datasets
      • Stream-process large issue batches
  • Assets API
      • Bulk create assets
      • Bulk update existing assets
      • Create or update based on unique keys
      • Memory-efficient export of large datasets
      • Stream-process large asset batches
  • Vulnerabilities API
      • Bulk create vulnerabilities
      • Stream-process vulnerability batches
      • Stream-create vulnerability mappings
  • Known Exploited Vulnerabilities (KEV) integration with CISA catalog
  • Configurable unique key fields for deduplication
  • Performance monitoring metrics for batch operations

Fixed

  • OAuth claims processing for SSO providers
  • Memory leaks in large-scale data processing
  • Security control save operations using proper change tracking

CLI 6.29.0.6

[6.29.0.6]

Fixed

  • Fixed Jira integration to use new /rest/api/3/search/jql endpoint after Atlassian deprecated /rest/api/2/search (removed Oct 31, 2024)
  • Fixed Jira integration to gracefully handle missing issue types across diverse client configurations
  • Fixed Jira authentication to properly use basic_auth for API tokens instead of OAuth token_auth

CLI 6.29.0.5

[6.29.0.5]

Fixed

  • Fixed CrowdStrike query_incidents KeyError when API response is missing expected 'resources' key
  • CSAM Integration is failing to create inheritance associations
  • SARIF Integration vulnerability severity issue.

Added

  • QRadar Integration that uses QRadar API integration

CLI 6.29.0.1

[6.29.0.1]

Fixed

  • Fixed issue with metadata api endpoint

CLI 6.29.0.0

[6.29.0.0]

Fixed

  • CSAM: Fixed inheritance bug and POA&M bug
  • SARIF: Fixed vulnerability severity mapping bug
  • Fixed a bug where Kerberos was missing from container build packages
  • Container build process improvements

Changed

  • CSAM: Fixed controlImplementations endpoint API change (get_list_by_parent returns {"items": []} format)

Fixed

  • AWS Security Hub: Fixed consolidated mode to properly group findings by GeneratorId instead of unique finding UUID, preventing duplicate issues for the same security control type
  • CSAM Integration enhancements:
    • POA&M import functionality for synchronizing CSAM POA&Ms to RegScale Issues
    • Artifacts import with automatic file downloads and attachments
    • Points of Contact (POC) mapping to RegScale users
    • Business continuity and incident response data import
    • Additional status fields (risk assessment, SSP completion, configuration management)
    • Agency-defined data items with customizable field mappings
    • New CLI command for connectivity testing
    • Enhanced SSP import with improved error handling

CLI 6.28.4.1

[6.28.4.1] - 2025-11-17

Fixed

  • vulnerability module updates to align with platform updates