- Added option to populate FedRAMP Rev5 Appendix A implementation statements from the Implementation Statement field on the Control Setting tab
- Improved application startup performance
- Introduction of Wayfinder Builder for creating Wayfinder Templates
- Create, edit, and delete Wayfinder Templates
- Create, edit, and delete Stages and Activities
- Add internal and external links to Wayfinder activities
- Select Wayfinder Templates from a form
- Select a Wayfinder Template as the Default Wayfinder for a Compliance Setting
- Import & Export Wayfinder templates
- Wayfinder SSP Dashboard Widget
- Fixed repetitive logging message during ScannerIntegration when updating ScanDate
- Additional logging during ScannerIntegration to further describe the Vulnerabilities processed
- Additional logging to the Qualys total cloud command
FunctionalRole to RegScale Models
- Updated risk RegScale model
- Conflicting progress bars during the Sicura integration
- Control origin, responsibility texts, and rolled up to the implementation during FedRAMP CIS/CRM import
- Missing assets and vulnerabilities when scan file contains both fqdn and ip address for the same asset
- Wiz inventory command when using the
--regscale_id option
- Scan date being reset due to sync_findings bug where the kwargs was not being passed in
- Due date parsing during Trivy, Grype, and OpenText imports & Tenable IO integration
- Errors during the
model load --model control command
regscale control_editor command, use regscale model commands instead with --model control option
- Component relationships are displayed in the Control Implementations module
- A vulnerability section has been added to the Components module
- A search bar has been added to both the left and right panels
- The user experience of the Control Implementation module has been streamlined
- After viewing the first level of children records, the navigation panel opens a grid view of relationships
- The scorecard has been redesigned
- Implementation Statements for inherited Control Implementations are now optional
- Various general styling issues have been resolved
- Asset vulnerability section now functions as intended
- There is a no selection option available for the Lightening Assessment Result field
- Navigation panel now works as expected
- Security Plan Scorecard search bar now functions as intended
- My Risk Assessment Due Soon widget now renders correctly
- Scorecard links now function as intended
- Ability to summarize Control Implementations in paragraph format
- Asset dates save correctly
- FedRAMP Test Case Procedures export saves to file subsystem after generation
- Preview button no longer shows for .DOCX files
- Questionnaire Profile selection no longer contains duplicates
- Questionnaire phone number validation is less restrictive
- Users cannot type in Policy Editor
- Catalogues import as expected
- Wayfinder deep links work correctly
- Security Plan Scorecard tiles are properly aligned
- Blank rows removed from eMASS Hardware Software export
- eMASS SLCM export generates as expected
- eMASS POA&M export exports as expected
- FedRAMP Appendix A export generates as expected
- FedRAMP Test Case Procedures export works as expected
- FedRAMP SSP export generates Tables 7-1 and 6-1 correctly
- SSP Lab Export
- Revision history and review history removed
- Additional categorization information added
- System Owner added
- Removed image headers
- Corrected Implementation Status
- Deviation export Type column exports correctly
- DOE SSP Export generates as expected
- Lab SAP and SAR generates as expected
- SecurityPlanUsers have access to Continuous Monitoring module
- AssessmentUsers have access to Lightening Assessments and the Continuous Monitoring module
- The Continuous Monitoring module now inherits RBAC from the parent security plan
- SecurityPlanUsers can access the Control Implementations module
- Read-only users can no longer:
- Delete a questionnaire association
- Create a questionnaire
- Upload a Continuous Monitoring template
- Edit the Categorization tab in the Security Plans module
- Create a new Issue in the Security Plans module
- Type in Lightning Assessment fields
- Type in Control Implementation fields
- Create new Lines of Inquiry on a Control Implementation
- Create or modify files, links, or comments in the module subsystem
- Form Builder issue where save button was missing
- Correct styling in Form Builder to align menu
- Form Builder losing focus after typing a character into a field
"viewable_by": "everyone" for label creation in ServiceNow issues_and_attachments command- .json file support for Snyk & Veracode flat file importing
- Veracode .xml File imports
- Properties not being created during vulnerability
- CrowdStrike sync compliance incorrectly using the catalog control statement when creating new control implementations
- Qualys integration not using the sslVerify from init.yaml or environment variable:
sslVerify
- Vulnerability flag
NoIssue was not being honored
- RegScale Version fixed and issue where internal version was not being used for validation
- Added additional Vulnerability fields to Trivy, Grype, OpenText and Tenable SC import scans
- Logging messages for any potential secrets from being logged
- Fixed first detected date on issues created from vulnerabilities
