Changelog

Provides details on all changes to the RegScale-CLI over time.

[6.8.0] - 2024-11-14

Added

• New RegScale models: Change, Group, UserGroup, WorkflowAction, WorkflowInstance, WorkflowInstanceStep, WorkflowTemplate, WorkflowTemplateStep,
• QuestionType enum to the Question model
• QuestionnaireInstanceState enum to the QuestionnaireInstances model and method to filter QuestionnaireInstances
• --scan_date parameter to Tenable Nessus imports and Burp Suite imports
• Support for rev4 during FedRAMP cis-crm import via regscale fedramp import-cis-crm using the --version or -rev options
• Command to pull resources from Microsoft Defender for Cloud to RegScale as assets and components via regscale defender sync_cloud_resources

Changed

• ScannerIntegration to override default vulnerability date values with the scan date if provided
• wizAccessToken to no longer be required in the init.yaml file

Fixed

• Flat File Import Fixes:
  • Parsing data when using a mapping file
  • Parsing First Scene Data during Defender import
  • Setting description for the parsed asset during ECR import
  • Vulnerability title during IBM AppScan import
• Better hostname matching for assets
• Incorrect file id when using File.upload_file_to_regscale() with return_object=True
• Incorrect mapping when parsing instructions worksheet during FedRAMP cis-crm import

Removed

• Beta tags from the following FedRAMP imports:
  • load-fedramp-docx
  • import-fedramp-ssp-xml
  • load-fedramp-docx-v5
  • load-fedramp-appendix-a
  • import-drf
  • import_fedramp_inventory

[6.7.0] - 2024-11-13

Added

• Command to sync recommendations from Microsoft Defender for Cloud to RegScale as issues via regscale defender sync_cloud_recommendations
• Command to pull resources from Microsoft Defender for Cloud to RegScale as assets and components via regscale defender sync_cloud_resources
• PickleFileHandler Model to handle reading and writing Pickled data while being threadsafe

Changed

• Improved Tenable SC to cache to disk and process all findings and assets to ScannerIntegration in a single action using new PickleFileHandler model

[6.6.0] - 2024-11-08

Added

• Handling unauthorized responses (401) when making API calls to API class
• More logging during API calls for better debugging

Changed

• Logging during admin_actions send_reminders if no users have email notifications enabled

Fixed

• AttributeError during get_mappings_as_assets in AssetMappings class
• Misnamed attribute in Questions model to follow RegScaleModel convention

Removed

• Handling unauthorized responses (401) when making API calls from APIHandler class

[6.5.0] - 2024-11-06

Added

• Wiz Asset child list of Software inventory is able to map to STIGs and is automated based on rules in STIG mapping rule file

Changed

• Silenced Import warning in Wiz when memory is 0
• Deprecated API call to validate RegScale token when using regscale validate_token and when validating RegScale CLI Application

Fixed

• Import issue in Wiz integration when type is container image
• Issue prompting for in Wiz credentials when not using Wiz integration

[6.4.0] - 2024-11-01

Added

• --poam_id_column option to the regscale fedramp import-poam command to specify the column name for the POAM ID

Fixed

• POAM ID can be any format as long as it contains V-# instead of V-### only format

[6.3.0] - 2024-10-31

Added

• Emailing user that triggered job in Automation Manager if it fails

Changed

• Consolidated Wiz CLI
• Ensure Issues are using ScannerIntegration
• Parsing control implementation part statements during FedRAMP Appendix A parsing

Fixed

• Issue Status incorrectly set on closed issues in ScannerIntegration

[6.2.0] - 2024-10-30

Added

• Original Risk Rating calculation to ScannerIntegration
• Basis For Adjustment fallback value if finding value is None or empty
• Optional ingestClosedIssues key to the init.yaml, defaults to False

[6.1.0] - 2024-10-28

Added

• ImportValidater to validate the import of files into RegScale before processing the data
  • Added to xray, aqua, defender, ibm, nexpose, prisma, qualys, snyk, aws, ecr, veracode imports
• show_mapping command to display the custom header mappings for file imports
  • Added to xray, aqua, defender, prisma, qualys, snyk, aws, ecr, veracode imports
• Command prompts when creating custom mapping files for flat file imports if required fields are missing

Changed

• Improved error handling during the import of files into RegScale

Fixed

• Numerous bugs during the import of files into RegScale

[6.0.0] - 2024-10-24

Added

• id attribute to Link RegScale model
• Python 3.13 support

Changed

• Updated response handling during catalog import
• Updated internal testing suite
• Error message when failed to parse userId from token in parse_user_id_from_jwt()

Fixed

• CISA Alert ingestion
• Errors when processing vulnerabilities in ScannerIntegration
• URLs to use new forms in RegScale
• Issue with asset_mapping mappingId to id
• Issue with questionnaire and questionnaireInstance creation due to renaming properties

Removed

• fitz dependency

[5.82.0] - 2024-10-22

Changed

• Set default values for IssueCreation=Consolidated and VulnerabilityCreation=PoamCreation

[5.81.1] - 2024-10-18

Fixed

• tenableMinimumSeverityFilter not being used during Tenable SC integration
• _get_vulns_by_scan logic and returned datatype updated to properly return a list of tool_vulns

[5.81.0] - 2024-10-14

Added

• Option for FedRAMP rev4 SSP docx import to allow for RegScale security profile id or name
• Missing field riskCategorization to Component model
• Several missing fields from Privacy model
• User model:
  • Added roles attribute
  • get_by_user_id method to find a user by their user id
  • assign_role method to assign a role to a user

Changed

• Updated Question and Questionnaire models to include default values
• Token parsing logic during login

Fixed

• Typing of app config to default to dict instead of _SpecialForm
• Bug in questionnaire create_instance_from_questionnaire method
• FedRAMP rev4 SSP docx import:
  • Bug causing import to freeze when checking for specific text in the document
  • Missing ports and protocols during import
  • Handling of content control elements in the document when parsing text

Removed

• Duplicate name attribute on the User model

[5.80.1] - 2024-10-14

Fixed

• Missing dependency causing import errors

[5.80.0] - 2024-10-14

Added

• Filtering vulnerabilities by scanner in ScannerIntegration

Changed

• Closing vulnerability mappings that are no longer reported by a scan

Fixed

• Possible error when checking against scanningTool when no vulnerabilities are found

[5.79.0] - 2024-10-14

Added

• SAP Concur support for SysDig and Tenable flat files
• Object level locking to prevent duplicate creation during multithreading

[5.78.0] - 2024-10-07

Added

• Optional support for grouping by Tenable Plugin inside ScannerIntegration
• RegScale ID and RegScale Module parameters to Microsoft Defender jobs in Automation Manager
• Threading utilities for better performance throughout the CLI

Fixed

• Errors when running Wiz integrations in Automation Manager

[5.77.0] - 2024-10-03

Added

• drNumber field to the Deviation model

Changed

• Update Deviation model to support the new get_by_security_plan endpoint

Fixed

• Error in qualys sync_qualys when the Qualys instance has < 100 vulnerabilities

[5.76.0] - 2024-09-29

Added

• ipv4 as an option when retrieving the name of a Tenable IO asset
• ability to process Nessus files from s3
• Pagination to Qualys integration to fetch Assets when there are more than 1000 assets
• Section 8 from section 3 (table 3.1) descriptions during FedRAMP SSP import
• Info message when no Tenable SC data is found

Changed

• Optimized Qualys integration to use RegScale models and only fetch necessary data while avoiding rate limits

Fixed

• Improved POAM import process and error handling
  • Enhanced date parsing and CVE validation
  • Implemented more robust error handling and logging
• False positives on Jobs running in Automation Manager
• Not using urljoin when concatenating qualysUrl from init.yaml to call Qualys APIs

[5.75.0] - 2024-09-23

Added

• STIG support for Tenable

Changed

• Method on running jobs in Automation Manager
• Security Check field during Burp flat file import to use hex identifier per Burp documentation

[5.74.1] - 2024-09-21

Added

• Resilience to POA&M importer when parsing status from sheet names

Fixed

• Error during Aqua import when description not provided, it will now be skipped and warn the user

[5.74.0] - 2024-09-19

Added

• Privacy model used during parsing privacy data while importing FedRAMP .docx System Security Plan
• otherIdentifier field for deviations model
• Populating otherIdentifier during the deviation importer
• Caching mixin for RegScale models to cache object by plan id
• Ability to import eMASS SLCM .xlsm files into RegScale via regscale emass import_slcm
• Support for OSCAL versions 1.1.1 and 1.1.2 catalog imports
• Fix a Nessus break on invalid cache object in the parent cache
• Added criticality updater for security controls in a catalog for eMASS via regscale criticality_updater import
• Automation Manager jobs for Wiz integration commands: vulnerabilities, attach_sbom and add_report_evidence
• Option to sync Microsoft Defender for Cloud and Microsoft Defender 365 to a provided regscale_id and regscale_module

Changed

• Improved integrations import speed using new caching mixin
• Changed issue.sourceReport to Burp Suite during Burp file import
• Wiz command options to use --regscale_ssp_id or -id to specify the System Security Plan ID
• Improved the speed and reliability of Microsoft Defender for Cloud and Microsoft Defender 365

Fixed

• First seen and last seen dates not being set during Tenable SC and flat file imports
• Error handling when unable to find profile during FedRAMP Rev5 .docx import
• Improved Wiz issue import to prevent timeouts
• Fixed Not importing Column Q (Vendor Last Check In Date) of POAM spreadsheet
• FedRAMP Inventory: Handle end of life missing and populate if present

[5.73.1] - 2024-09-11

Fixed

• Updated imports to optimize performance during FedRAMP Rev5 inventory workbook import
• Software inventory now saving to assets properly during Aqua import
• Whitespaces in part statements when importing FedRAMP Rev 5 SSP Appendix A

[5.73.0] - 2024-09-10

Added

• Added Stig Mapping Engine to Scanner Integration
• Added Stig Mapping json Config
• Added Sbom importer from wiz sbom report into ssp
• Support for Python 3.12
• Added option for poamTitleType, Cve (default) or pluginId during POAM creation
• RiskAdjustment field to Issue model

Changed

• Updated Jira integration to add a comment to the Jira issue when creating it containing populated RegScale issue fields & link to the issue in RegScale
• ScannerIntegration to use new IntegrationFindingId field in RegScale
• Risk Adjustment column (Column U) logic for POAM importer to use the new RiskAdjustment field in Issues

Fixed

• Fixed Duplicate Components being created in scanner integration
• Delayed import of pandas
• Fixed STIG Integration mappings
• Fixed Model caching bug
• Fixed authentication error in Okta integration
• Fixed Wiz Inventory filter param
• Missing F String during header error handling during flat file imports
• Software inventory version datatype during Aqua import
• Make sure artifacts directory exists, before trying to write files to it during Tenable integration
• FedRAMP Rev5 Appendix A .docx importer:
  • Precedence for Not Applicable when multiple control imp statuses are selected.
  • "Implementation Pending" to "Planned"

[5.72.0] - 2024-08-30

Added

• Aqua flat file Import:
  • Support for excel file types
  • Capabilities for extra columns
• Move files routine to Nessus import

Fixed

• Errors during scan file imports
• Handling errors or bad data during Aqua import
• Error during Nessus file import

Removed

• Unused methods for Snyk, Nexpose and Prisma file imports

[5.71.0] - 2024-08-29

Added

• Added Wiz report to RegScale Evidence locker via regscale wiz add_report_evidence
• Option to filter work notes to update in RegScale via regscale_id and regscale_module during ServiceNow integration
• Option to filter incidents from ServiceNow by adding --all False to the regscale servicenow issues_and_attachments command
• find_by_service_now_id method to the Issue model to find issues with a ServiceNow Incident ID

Changed

• import-fedramp-ssp-xml-rev4 command to import-fedramp-ssp-xml
• Updated column logic for POAM Importer

Fixed

• SystemName parsing during FedRAMP import
• RegScale platform Version check
• Fixed bug causing errors around object caching in the RegScale CLI
• Much better performance for Tenable IO Assets and Vulnerability imports
• ServiceNow integration sync_work_notes
• Errors during bulk excel editor commands

[5.70.2] - 2024-08-27

Fixed

• Error in check_text function during FedRAMP importer
• POAM importer starting row number
• Bug causing errors around object caching in the RegScale CLI
• Extra spaces appearing in fields during FedRAMP Rev5 Appendix A import
• Original detection date not importing during POAM import

[5.70.1] - 2024-08-23

Fixed

• Handle invalid create API returns from RegScale when it returns id as 0
• Update justification on RA deviations

Added

• Add AdjustedRiskRating to POAM importer

[5.69.0] - 2024-08-21

Added

• Durosuite Integration via regscale durosuite

Fixed

• Bug causing issues to close during import
• Bug preventing Wiz cli from using the project id passed

[5.68.1] - 2024-08-20

Fixed

• Bug in Burp integration when assigning IPAddress
• Asset identifiers not mapping correctly during Tenable Nessus integration
• FileTag model to Tag to match RegScale
• Error during tag creation when uploading files to RegScale via CLI

[5.68.0] - 2024-08-19

Added

• Tagging model used in Files and Properties classes
• TagMapping model used for mapping tags to Files or Properties
• Deviation Request Forms can now be imported and saved as RegScale deviation via regscale fedramp import-drf
• POAM import field mappings are improved
• Added ScannerIntegration to the Tenable SC integration
• New command to ServiceNow integration to sync RegScale and ServiceNow Incidents as well as their attachments via regscale servicenow issues_and_attachments
• RegScale object validation to XRay import

Changed

• Added ScannerIntegration to the Tenable SC integration
• Updated logging for an issue breakdown before saving it to RegScale
• Renamed tag model to filetag and update codebase
• Made issueCreation and vulnerabilityCreation variables required and to be set by the user

Fixed

• Update pluginIds for Tenable SC findings
• make sure flat file integrations create poams, setting the ScannerVariable
• Plugin Id added to Tenable SC
• regscale version check during ScannerIntegration
• issueOwnerId not being set to current CLI user in Issue data model
• Use a more simple and faster hashing algorhythm for unique otherIdentifier naming

Removed

• Unused and deprecated create_issue() method used in flat file integrations

[5.67.0] - 2024-08-09

Added

• Defender flat-file import, based on ScannerIntegration class via regscale defender import_alerts
• otherId to the ControlParameter model to support Rev5 OSCAL compliant catalogs
• vulnerabilityCreation options
• Added missing fields to ControlImplementation model
• Add support for IBM AppScan CSV ingestion via regscale ibm import_appscan

Changed

• FedRAMP Rev 5 SSP import to use the new otherId field in the ControlParameter model
• Tenable SC integration to use ScannerIntegration class for unified parsing and record creation throughout the CLI

Fixed

• Error during Jira integration when creating issues in Jira
• TypeError during regscale tenable sc query_vuln command
• Use IP address for nessus scan asset identifiers
• Parameter names showing non-human readable format during FedRAMP Rev5 .docx import

Removed

• tenable sc trend_vuln command
• __eq__ and hash methods from Issue model

[5.66.1] - 2024-07-31

Fixed

• Fixed broken generator and typo in IntegrationFinding for the FlatFileImporter

[5.66.0] - 2024-07-31

Added

• Bulk excel editor for RegScale assessments, controls, issues, components and assets via regscale model

Changed

• Burp Integration will now use ScannerIntegration
• Set finding vulnerability type correctly for Flat File scans
• System name parsing during FedRAMP import will now use System Name from Table 1.1, if not found, it will use the System Name from the title page
• .XML import to use new otherId field, if available, to support changes in Rev 5 Catalogs

Fixed

• FedRAMP appendix A import not setting control responsibility or control source
• Fixed Wiz bug caused by not having preset full pull limit variable in init.yaml

[5.65.0] - 2024-07-30

Added

• ScannerIntegration to the FlatFileImporter for unified parsing and record creation throughout the CLI

Changed

• Renamed the ContainerScan class to FlatFileImporter

[5.64.0] - 2024-07-30

Added

• Progress bars when using batch_update method in RegScale models

Changed

• Improved CLI performance

Fixed

• Progress bars when using batch_create method in RegScale models
• Typo in burp integration
• Ensure we create vulnerabilities for Wiz GHSA vulnerabilities

[5.63.1] - 2024-07-24

Fixed

• Progress bars not displaying correctly

[5.63.0] - 2024-07-24

Fixed

• Incorrect url in Vulnerability creation method

[5.62.0] - 2024-07-23

Changed

• Updated Wiz Vulnerability and Asset integrations for new vulnerability workflow.

Fixed

• FedRAMP Import Fixes:
  • Parameters during FedRAMP Rev4 SSP .docx import not getting created or updated
  • FedRAMP Rev5 .docx importer parts not importing properly

[5.61.0] - 2024-07-19

Added

• Proper vulnerability and scan history creation with the Tenable SC integration
• Logic to close vulnerabilities that are no longer found for any assets

Changed

• Details for running active user report in Automation Manager
• Improved Tenable integration code structure and optimization

Fixed

• FedRAMP .docx Import:
  • Required fields not having a default value when not found during import
  • Responsible role parsing
  • Leveraged authorization parsing

[5.60.0] - 2024-07-16

Added

• User Email report CLI functionality via regscale admin_actions user_report
• Added Wiz Sbom integration to ingest Wiz SBoM data into RegScale
• Ability to parse Veracode XLSX files via regscale veracode import_veracode
• Support for ingesting Qualys scan artifacts into RegScale via regscale qualys import_scans

Changed

• Updated Docs dockerfile
• Error message when unable to login to remove false statement of missing MFA Token

Fixed

• Updated errors during login to gracefully exit instead of having exceptions on failed login
• FedRAMP Rev 5 Import:
  • Parameters not being imported
  • Control Parts not populating correctly
• Creating links when importing flat files

[5.59.0] - 2024-07-03

Added

• Syncing JIRA tasks as RegScale tasks. Tasks will create and update in RegScale based on JIRA information
• Added terraform to build RegScale CLI Lambda
• Added S3 compatibility for STIG checklist processing

[5.58.0] - 2024-06-28

Added

• ECR CSV and JSON file Scan ingestion via regscale ecr import_ecr
• Updating catalogs via the platform regscale catalog update_via_platform
• Checking the platform for updatable catalogs via regscale catalog check_for_updates

Fixed

• Deprecation warnings in AirFlow container to prevent future issues

[5.57.0] - 2024-06-25

Added

• FedRAMP Imports:
  • MultiSelect on word docx Appendix A Control implementation status if multi-selected set to "Not Implemented"
  • Importing of control-implementation status boolean status values as well as multi-select on control-origination values
    • Warning if control-implementation status does not match FedRAMP Approved values

[5.56.0] - 2024-06-24

Added

• Support for ingesting AWS Inspector scan artifacts into RegScale via regscale aws inspector import_scans

Fixed

• Sync Vulns error in Tenable IO

[5.55.0] - 2024-06-15

Changed

• Endpoint used during validate_token

[5.54.0] - 2024-06-15

Added

• Checking RegScale ID and module provided before running POAM import
• Additional mappings during FedRAMP POAM Import

Changed

• Stig Mapper to the CLI to map STIGs to RegScale Assets added property field to match on any field of asset model

Fixed

• Issue will now close if the vulnerability that created it isn't located in the nessus scan
• Duplicate Vulnerabilities being created in RegScale
• Fixed issue where formulas were reported as values during POAM import

[5.53.0] - 2024-06-12

Added

• Added Stig Mapper to the CLI to map STIGs to RegScale Assets

Fixed

• Parsing identification from Excel workbook during regscale issues load command
• Error during stig integration when parsing Vulnerabilities

[5.52.0] - 2024-06-11

Changed

• AttributeError during tenable io sync_assets command
• Updated consistency in CVE and Title mapping during flat file imports
• Controls with no data during FedRAMP .docx import are now set to "Not Implemented" instead of "NA"

Fixed

• Fixed date time string parsing during tenable io sync_vulns command
• Parts not being mapped even though they are in the FedRAMP .docx document
• Various bugs parsing CVE when creating CVEs during regscale wiz vulnerabilities command

[5.51.0] - 2024-06-10

Changed

• Updated Tenable IO to use delta loads to follow Tenable integration standards

Fixed

• Email subject sent to users with upcoming items when using admin_actions send_reminders
• Timing warnings will only be displayed if logger level is set to DEBUG
• Logic using Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay flat file imports to close issues in RegScale if they are not found in subsequent flat file imports

[5.50.0] - 2024-06-06

Added

• STIG integration for importing assets, creating Issues and setting Control Status from STIG files.
• [BETA] FedRAMP Rev5 CIS/CRM import via regscale fedramp import-cis-crm
• [BETA] FedRAMP POAM worksheet import to RegScale issues via regscale fedramp import-poam
• File tags during FedRAMP XML import
• Link creation during Prisma and Snyk flat file imports on issues if a link is available during parsing
• Logic to close issues in RegScale if they are not found in subsequent flat file imports (Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay)
• Wiz Cloud Configuration, Host and Data Findings

Fixed

• Fixed issues of missing parts on FedRAMP Docx importer
• Error during regscale wiz issues command
• Fixed issues of missing params on FedRAMP Docx importer
• Updated Tenable SC to not use the now deprecated api.update_server method
• KeyError experienced during prisma import_prisma
• Mapping asset.find_os if no operating system is provided
• Possible AttributeError during ecr import_ecr
• Reduced import time to speed up commands

Changed

• Updated Tenable IO asset fetch to cache on disk instead of memory

Removed

• regscale stig command, replaced with regscale stigv2

[5.49.0] - 2024-05-24

Changed

• When uploading a FedRAMP Rev5 .docx SSP when using regscale-rest, you will be redirected to the created SSP in RegScale upon completion
• Logging for missing controls during FedRAMP .xml import

Fixed

• Param and objective mappings now parse correctly during FedRAMP Rev5 .docx import
• Importing FedRAMP Rev5 .docx SSPs with Appendix A .docx file now works correctly in the flask application when using regscale-rest
• Parsing and importing components during .xml import in the flask application when using regscale-rest

[5.48.0] - 2024-05-22

Added

• Command to import a FedRAMP Rev5 appendix a to an existing SSP in RegScale via fedramp load-fedramp-appendix-a
• Option to import Rev 4 .docx SSPs with Appendix A .docx file in the flask application when using regscale-rest

Fixed

• FedRAMP command to execute correctly: fedramp import-fedramp-ssp-xml-rev4
• Styling issue on counts on the FedRAMP import SSP results page

[5.47.0] - 2024-05-21

Added

• Feedback on the page during the SSP import process when using regscale-rest and uploading a FedRAMP .XML System Security Plan

Changed

• Updated UI in the file import process when using regscale-rest
• When clicking the view SSP during a FedRAMP import, the SSP will now open in a new tab

[5.46.0] - 2024-05-17

Added

• More integrations and jobs to populate Automation Manager in RegScale
• Vulnerability information during wiz issues command

Fixed

• Error when creating issues in tenable sc query_vuln

[5.45.0] - 2024-05-15

Added

• NessusReport.close_issues method to handle automatically closing issues based on scans
• ReportGenerator class to easily generate simple .csv reports from a list of changed objects which can be uploaded to RegScale and/or saved locally

Changed

• Updated Tenable IO integration to use the Exports API for asset downloading

[5.44.0] - 2024-05-13

Added

• A --server flag to the regscale version command to pull down the RegScale server version, if available
• Log file uploaded to SSP when importing FedRAMP documents via CLI

Fixed

• Date parsing in CISA integration

[5.43.0] - 2024-05-09

Added

• Visual feedback when creating data in RegScale during regscale wiz issues command
• Vulnerabilities that are not in subsequent scans are closed as well as issues related to those vulnerabilities

Changed

• Removed Vulnerability ID from the expected headers for the regscale prisma import
• Updated regscale nexpose import to map the IP Address using the IP Address column
• Improved speed during regscale wiz issues command

Fixed

• Error when uploading a .PDF file via regscale upload_file, the file preview was not displaying
• FedRAMP Rev5 Importer:
  • Errors during Implementation Options
  • Required fields for parameters
  • Leveraged Authorization parsing

[5.42.0] - 2024-05-07

Added

• Internal testing for the flask application

Fixed

• Flask application not starting when running regscale-rest command

[5.41.1] - 2024-05-06

Fixed

• Error during the Nessus import functionality

[5.41.0] - 2024-05-03

Added

• FedRAMP Rev5 Imports:
  • Inventory .xlsx importer
  • Appendix A .docx importer
• Added Catalog Sync Security Plan to sync a security plan with an updated catalog

Changed

• Updated Catalog Updater to work with newer catalogs

Changed

• get_all_by_parent on Assets to use the new get_all_by_search API endpoint

[5.40.0] - 2024-05-01

Added

• Wiz vulnerability integration to ingest Wiz vulnerability data into RegScale
• processStatus to Asset model which maps to NSA-Approved Process Status

Fixed

• KeyError when parsing # of days from init.yaml if it wasn't populated during flat file vulnerability imports

Security

• Updated dependencies

[5.39.0] - 2024-04-26

Added

• Amazon ECR container scan support to the CLI

Change

• Updated approach on fetching vulnerability data from Qualys to prevent timeout errors

Fixed

• Wiz issues integration not being able to create/update issues in RegScale
• Date parsing during Cisa integration
• Error during Intune integration when a device has never logged in
• Burp ingest error on NoneType response data
• Multiple possible errors during the Qualys integration
• Parsing users during FedRAMP Rev5 XML import
• Error when parsing components with no implementation statements during oscal component

Security

• Reworked the RegScale-CLI container build process

[5.38.0] - 2024-04-15

Fixed

• Date parsing bug that would fail on oddly formatted date strings during Aqua import
• Help text within the Aqua integration.
• Wiz issues integration not being able to create/update issues in RegScale
• Errors during Oscal component import

[5.37.0] - 2024-04-09

Security

• Updated dependency versions

Added

• Functionality for FedRAMP XML import to support rev4 and rev 5 OSCAL XML as they are all 1.x.x versions of OSCAL
• New registry file for catalog downloads

Fixed

• Multiple errors during the Intune integration
• FedRAMP rev5 OSCAL XML Import:
  • Responsible parties not being correctly parsed
  • Added parameter parsing for inclusion of odp parameters
• FedRAMP rev4 OSCAL XML Import:
  • Address FedRAMP default system role import assignments
  • Parts parsing for implementationObjectives
  • Optimization for security control lookups

[5.36.0] - 2024-03-29

Added

• Option to add assets under components for scanner integration
• --scan_date option to flat file imports: Aqua, Prisma, Nexpose, and Snyk

Changed

• Improved logging messages and outputs during the Jira integration

Fixed

• Duplicating issues in Jira and RegScale during Jira integration
• Email message sent from admin_actions send_reminders now uses the correct styling
• Bug that could cause a Scan creation to fail in the Tenable Nessus integration
• Bug in GCP Integrations where it didn't match control ids in a case-insensitive manner
• Missing mapping files during the Crowdstrike integration
• Added a catalog import function to the catalog cli. This will use the new RegScale Catalog import API.
• FedRAMP rev4 .docx importer:
  • Controls not being imported
  • Incorrect parsing of system roles

Changed

• Wiz issues:
  • Now utilizes graphql client
  • Improved issue data mapping

[5.35.0] - 2024-03-20

Added

• XRay integration to ingest .json files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
• Logic to handle additional columns than required during Nexpose, Snyk & Prisma imports
• Prepared By and Prepared For tables to the FedRAMP Rev4 .docx importer
• FedRAMP Rev4 .docx Importer:
  • Version from title page
  • Prepared By and Prepared For tables

Fixed

• Inventory Asset Mapping for Wiz integration
• Additional endpoints to Issue model to support batch_update & batch_create

Fixed

• GCP Integration: Fixed issue with asset import and component mappings

[5.34.0] - 2024-03-14

Added

• Stigv2 integration for importing assets from STIG files.

Fixed

• Failed issue creation during AWS integration
• Error finding unique object during GCP integration
• Errors during Prisma flat file import
• Errors during Snyk flat file import
• Errors during Aqua flat file import
• Errors during Nexpose flat file import

[5.33.1] - 2024-03-08

Added

• Profile data object to match RegScale data model

Changed

• FedRAMP Rev4 .docx importer
  • Improved logging for controls and leveraged authorizations
  • Sped up SystemRole processing

Fixed

• FedRAMP Rev4 .docx importer
  • Prematurely ending the import process when parsed controls > base profile controls
  • Parsing port numbers and protocols
  • Incorrect number of controls imported displayed on SSP Import Results Summary

[5.33.0] - 2024-03-07

Added

• crowdstrikeBaseUrl to the init.yaml file

Changed

• Updated regscale emass populate_controls to use CCIs instead of control IDs when mapping assessment results
• Fixed AttributeError during GCP integration and Prisma flat file import

[5.32.0] - 2024-02-29

Added

• Cloud service fields and cloud deployment fields when parsing FedRAMP .docx during import
• Purpose statement during FedRAMP document import

Changed

• Updated Cryptography version to 42.0.0 to remove security vulnerabilities
• Fixed bug causing System Description not being populated during FedRAMP document import
• AutoCompress large files, warn user when a file is too large to post to RegScale
• Added testing for file uploads and deletion in RegScale

[5.31.0] - 2024-02-24

Added

• Added GraphQL client and handler for GraphQL queries
• Stigv2 integration for importing assets from STIG files.

Changed

• Refactored Wiz Inventory integration to use GraphQL client and handler
• Fixed issue during Burp integration when creating issues in RegScale
• Separated Nexpose and Prisma flat file ingest into two separate integrations
• ServiceNow's data fetching and issue/incident syncing to be more consistent and reliable
• Improved control editor file not found error to gracefully exit
• Modified System Roles to populate correctly during regscale fedramp doc imports

[5.30.2] - 2024-02-16

Added

• N/A

Changed

• Fixed System Role and Leveraged Authorization errors during creation and updating experienced in the FedRAMP integration

[5.30.1] - 2024-02-16

Added

• N/A

Changed

• Improved healthcheck to fail gracefully when no domain is set
• Bugfixes:
  • Corrected incorrect mapping control assessments during regscale emass populate_controls
  • Added logic to handle instances with no facilities and/or organizations correctly in regscale assessments integration
  • Incorrect hash when downloading attachments from RegScale during Jira integration
  • False 401 error during regscale login when expired token in init.yaml
  • Fixed Wiz and Tenable Nessus bugs when creating Assets and Issues
  • Fixed bug with CatalogCompare, now it will increment Tests, objectives and parameters correctly

[5.30.0] - 2024-02-14

Added

• Summary report to inform user what was updated in RegScale when syncing vulnerabilities in Tenable IO integration

Changed

• Fixed various bugs experienced during Wiz integration
• Updated AWS integration by removing deprecated functions and improved internal testing
• Fixed Issue with CrowdStrike integration while fetching existing incidents from RegScale

[5.29.0] - 2024-02-09

Added

• N/A

Changed

• Updated Tenable IO to cache vulnerability results from Tenable to disk, instead of memory.
  • Use the tenableMinimumSeverityFilter config value as a filter for Tenable vulnerabilities
• Fixed issue in application.save_config not updating config in API_Handler or API classes
• API_Handler is now an extension of the Application class
• API object no longer needs Application class to be instantiated
• Improved internal testing for supported versions of Python

[5.28.4] - 2024-02-02

Added

• Additional columns to wrap text in Control Editor workbooks

Changed

• Fixed methods in Assessment, Catalog and CustomField models

[5.28.3] - 2024-02-01

Added

• Aqua integration to ingest Aqua .csv exports into RegScale via regscale aqua

Changed

• Enhanced Wiz inventory report processing
• Crowdstrike model parsing to better align to RegScale data models
• Fixed issue in GCP integration where duplicate assessments were created
• Updated models to use the newest version of Pydantic
• Updated Airflow to version 2.8.1

[5.28.2] - 2024-01-25

Added

• GCP Features: Added passing controls, create issues for findings and ability to scan on a project or organization level

Changed

• Bugfix: Fixed issue in tenable io integration causing incorrect vulnerability counts & possible KeyErrors

[5.28.1] - 2024-01-24

Added

• Snyk CLI Integration added to ingest Snyk .xlsx exports as assets, issues, vulnerabilities and scans to a Security Plan in RegScale

Changed

• Fixed multiple issues during FedRAMP XML and .DOCx imports
• Updated dependencies to latest versions
• Hardened docker container image

[5.28.0] - 2024-01-17

Added

• Logic during the setup process to prevent installation of the CLI if the user is not using a supported version of Python
• Google Cloud Platform integration to pull assets and findings from GCP into RegScale via regscale gcp

Changed

• Improved memory usage by leveraging pickling instead of passing large objects between methods
• Improved batch insert and update methods for Issue model
• Updated batch insert and update methods with improved batch functionality to Asset model
  • Batch issue (still defaulting to threading) is not enabled yet, but will in a subsequent release

[5.27.0] - 2024-01-13

Added

• Palo Alto/Prisma integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
• Rapid7/Nexpose integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
• Logic to wiz integration to add assessments to implementations from the data returned from Wiz

Changed

• Bugfixes:
  • Compliance report could have passing and failing control ids for the same control
  • Added logic to prevent crashes during Crowdstrike integration when unable to find techniques
  • Issue not allowing you to run the regscale-cli container as a flask api server with regscale-rest entry point
  • Improved testing for Sicura integration
  • KeyError with tag_values in the Nessus integration when no tag key is present
  • Update batch insert and update methods with improved batch functionality to Asset model
  • Refactored DAGs to match expected format for RegScale Automation panel
  • Refactored CLI to allow pulling config from platform if running in an Airflow container

[5.26.0] - 2023-12-20

Added

• N/A

Changed

• Bugfixes:
  • Error during asset creation in the STIG integration
  • regscale sicura sync_nodes only worked with a record that had existing assets
  • False negative during regscale validate_token when the user was not an administrator
  • regscale sicura sync_nodes didn't verify provided regscale_module before proceeding
  • False positive of differences.txt being created when no differences found during regscale assessments
• Updated error message when using a CLI command with an invalid token in the init.yaml

[5.25.0] - 2023-12-15

Added

• Support for ingesting Burp Suite scan results into RegScale using regscale burp
• Ability to sync compliance posture for Crowdstrike with CSF and NIST 800-53R5 frameworks via regscale crowdstrike sync_compliance
• Sicura integration to sync nodes and scans into RegScale as Assets and Security Checks via regscale sicura

Changed

• Refactored regscale assessments for better performance and maintainability
• Bugfix: Changed approach on concatenating urls in regscale catalog update
• Bugfix: Incorrectly parsing userId from service account token when using regscale login --token
• Bugfix: Ensure the compliance score data is populating correctly regscale tenable io sync_compliance_controls

[5.24.0] - 2023-11-29

Added

• Total Available Ram to the env_info command
• TenableNessusId and BurpId to the Issues data model
• Internal notification during release workflow

Changed

• Fixed Bug causing control implementations to error during creation whilst using FedRAMP docx import
• Added progress bars to the regscale catalog update command for real time feedback during the process

[5.23.1] - 2023-11-14

Added

• regscale env_info command to display the current environment information running the RegScale CLI

Changed

• Optimized CISA integration and data presentation
• Rewrote the update catalog command to be more efficient and granular
• Bugfixes:
  • Added default timeout of 60 for all API requests
  • Add scan file as artifact to SSP
  • Fixed issue in Plugin integration model with a non Optional field
  • Improved error handling during the Wiz integration

[5.23.0] - 2023-11-08

Added

• tenable nessus Tenable Nessus support added to RegScale. Imports Nessus scans and assets to RegScale and creates issues if significant vulnerabilities are found

Changed

• Bugfixes:
  • Code cleanup during Wiz integration that caused GraphQL errors and inconsistencies
  • Added more checks when analyzing data from Wiz to prevent duplicate issues in RegScale

[5.22.0] - 2023-11-01

Added

• N/A

Changed

• Bugfixes:
  • Fixed issue where uploaded files to RegScale via CLI was missing the Upload Date
  • Fixed issue causing FedRAMP docx not working until a version selection was made

[5.21.1] - 2023-10-31

Added

• regscale-dev make-docs command to create Sphinx documentation for the RegScale CLI

Changed

• Bugfix: Fixed issue causing FedRAMP docx import to fail during system role parsing

[5.21.0] - 2023-10-24

Added

• regscale-dev analyze command to analyze the maintainability, tech debt, and other metrics of the RegScale-CLI codebase
• send reminders dag in airflow to sends reminder email for any Assessments, Issues, Tasks, Data Calls, Security Plans, and Workflows for the users that have email notifications enabled

Changed

• Color for regscale control_editor to gray
• regscale-dev calculate-start-time now defaults to a 0 instead of a None if the regex is not met
• Wiz issues are now merged by the issue type, the individual Wiz ID's will show up in the issue description

[5.20.2] - 2023-10-18

Added

• Added two new fields to asset data model to match RegScale asset data model
  • Diagram Level
  • Location

Changed

• N/A

[5.20.1] - 2023-10-12

Added

• Ability to add Control Owner during regscale control_editor
• Highlighted columns in Excel workbook indicating editable data when using regscale control_editor

Changed

• Bugfix: Fixed errors causing Wiz to crash when fetching all items

[5.20.0] - 2023-10-10

Added

• Logic to parse date during license validation to support different date formats

Changed

• regscale init now defaults to passed domain and will also log in with a token if passed and skip-prompts is passed
• Updated Airflow to version 2.7
• Bugfix: Fixed issue with regscale-dev calculate-start-time on different linux distributions
• Bugfix: Improved error handling when using regscale-rest uploader pages
• [BETA] Regscale-CLI REST Server Docker image
• Bugfix: Fixed console log during Jira integration always showing a 0 when updaing issues in RegScale

[5.19.0] - 2023-10-02

Added

• STIG Uploader page that supports single .ckl and .zip file uploads in regscale-rest
• FedRAMP Rev4 .docx SSP uploader in regscale-rest

Changed

• Bugfix: Fixed issue causing regscale-rest not to load .html templates
• Bugfix: Fixed issues in Tenable integration causing unexpected crashes
• Bugfix: STIG crashes, optimization and ability to recursively search directory for .ckl files if not found at provided parent directory
• Bugfix: Fixed multiple crash points experienced during FedRAMP Rev 4 .docx SSP import in fedramp load-fedramp-docx

[5.18.2] - 2023-09-26

Added

• Support for Tenable.io to existing Tenable integration
• New data model for Risks
• regscale-dev Click command for testing the speed and performance of the RegScale CLI
• regscale[airflow-sqlserver] extra to allow for SQL Server integration with Airflow, while not requiring it for airflow

Changed

• Bugfix: Removed bugs causing regscale migrations to fail while optimizing the workflow
• Improved AWS integration performance
• Bugfix: Removed creation of duplicate assets and checklists

[5.18.1] - 2023-09-21

Added

• N/A

Changed

• Removed | operator to prevent crashes while using the CLI with Python 3.9

[5.18.0] - 2023-09-20

Added

• Add [airflow-azure] extra for managing Azure Airflow deployments
• Logic to nist sort_control_ids command to retry failed controls

Changed

• Optimized: regscale nist sort_control_ids command to iterate all controls one time while sorting the control ids instead of multiple loops
• Enhancement: Save wiz json data to RegScale properties instead of dumping to description field
• Wiz Enhancements:
  • Save wiz json data to RegScale properties instead of dumping to description field
  • Refactoring code for readability and bugfixes
• GitHub Workflows related to airflow
• Bugfix: Fixed issue while processing system roles in regscale fedramp load-fedramp-docx

[5.17.1] - 2023-09-13

Added

• Description for the regscale upload_file command
• [BETA] Added Crowdstrike integration to pull incidents from Crowdstrike as incidents and assets in RegScale

Changed

• Removed remaining getAll calls from STIG integration
• Bugfixes in STIG integration
• Bugfix in the FedRAMP parse .docx command

[5.17.0] - 2023-09-13

Added

• Added regscale upload_file to upload a file to RegScale that will parse embedded base64 tags and upload them as well
• Added functionality to SecurityPlan class to create new ssp from an SSP model
• Added ability to upload files via requests to RegScale-CLI REST API
• Added a File Upload GUI to the RegScale-CLI REST API
• Added log message when validating token

Changed

• Improved url normalizing to support domain without trailing slash in init.yaml
• Replaced all getAll calls in the CLI because of their removal in RegScale
• Bugfix: Fixed errors encountered during FedRAMP .docx importing to RegScale
• Bugfix: Unable to authenticate with Wiz

[5.15.0] - 2023-08-22

Added

• Airflow DAG to reset init.yaml if needed

Changed

• Updated DAG setup method to correct for a bug
• Streamlined Airflow Dockerfile for cloud deployment
• Fixed a merge error artifact in Dockerfile.ironbank
• Added handling in airflow_init.sh to create database if it does not exist
• DAG docstring updates for knowing required params on platform
• Expanded DAG timeout execution to 3 hours
• regscale init modified to properly set domain from env or if passed
• Added helpful console outputs and instructions when running API client via regscale-rest
• Refactored regscale catalog update for a better and faster user experience
• Bugfixes: updated multiple bugs encountered during the catalog update

[5.14.1] - 2023-08-18

Added

• Better error handling when logging into RegScale
• Parsing userId from the token when logging in with a token and now saves it to init.yaml
• Added mfa_token parameter to the regscale init command

Changed

• Bugfix: If using regscale login with environment variables, the domain will now be saved to init.yaml to prevent future errors during a workflow
• Removed REGSCALE_USERNAME occurrences to use REGSCALE_USER instead

[5.14.0] - 2023-08-15

Added

• Added SonarCloud integration along with Airflow DAG to pull in SonarCloud issues

Changed

• Fixed issue for Airflow DAGs that were not running due to incorrect config template
• Various bugfixes for catalog updater

[5.13.1] - 2023-08-10

Added

• Additional logging for interactions with Salesforce when uploading attachments
• Airflow DAGs to separate CISA operations into separate DAGs
• Added Dependabot to scan GitHub repo via CLI, DAGs, and REST API

Changed

• Bugfix: corrected issue in ReadMe.io version workflow that preventing the version to be updated during release
• Temporarily removed SQL Server integration until dependency conflict is resolved
• Bugfix: Fixed issue in Salesforce integration causing duplicate attachments in Salesforce & updated console outputs during task

[5.13.0] - 2023-08-08

Added

• [BETA] Functionality to update existing catalogs in RegScale via CLI command
• [BETA] Added Salesforce integration to sync Cases in Salesforce and Issues in RegScale along with attachments
• Airflow DAGs to pull in Recommendations, Alerts from Microsoft Defender 365 and Alerts from Defender for Cloud
• Added sql server integration
• Added workflow model and workflow helper functions

Changed

• Bugfix: fixed dags that were experiencing issues during execution
• Updated FedRAMP integration to include more information in SSP in RegScale
• Refactored data models of RegScale objects to use Pydantic

[5.12.1] - 2023-08-02

Added

• N/A

Changed

• Removed duplicate workflow that updates changelog in ReadMe.io
• Bugfix: Jira workflow now uploads attachments when creating new issues in RegScale
• Refactored delete_file function in regscale assessments integration to prevent trying to delete an entire directory

[5.12.0] - 2023-08-02

Added

• Added the ability to pull REGSCALE_USERNAME, REGSCALE_PASSWORD and REGSCALE_DOMAIN from the environment variables to streamline regscale login and regscale init commands
  • Added an optional param to regscale login: domain
  • if the environment or param options are not populated for --domain or REGSCALE_DOMAIN, regscale login will parse domain from init.yaml
  • If REGSCALE_USERNAME, REGSCALE_PASSWORD environment variables are not populated, the regscale login will revert back to prompting the user for username & password
• Added Wiz issues and inventory Dags for running wiz through the airflow pipeline
• Added attachment syncing in the Jira integration to sync issue's attachments between RegScale and Jira

Changed

• Updated Dockerfile to install all dependencies unless --build-arg="EXTRA=<extra>" is specified, this allows the container to run AirFlow, Flask API Server and defaults to the CLI
• Changed the flask server to run on port "0.0.0.0" instead of "localhost"/"127.0.0.1" so it can be bound to a local port while running in a Docker container
• Refactored CLI to use the RegScaleAuth pydantic class for Platform authentication
• Refactored login command to check provided token's validity before saving to init.yaml
• Fix Typo in servicenow integration.
• Bugfix: fixed keyError possibility with wizIssuesReportId
• Bugfix: None properties causing index error in Wiz integration
• Removed dynamically created dags from Airflow
• Updated Jira integration to be bidirectional, issues can be created in RegScale from a Jira board

[5.11.0] - 2023-07-19

Added

• Airflow Documentation and default configurations as well as a yesterday() function for scheduling yesterday
• Airflow image is pushed to Dockerhub
• Airflow DAGs for Tenable, GitLab & Wiz integrations

Changed

• Bugfix: fixed issue when trying to login with a token instead of username & password
• Bugfix: fixed error when trying to run CLI flask application
• Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.

[5.10.0] - 2023-07-12

Added

• regscale version command to quickly print the version of RegScale-CLI installed
• File monitoring tools for development, along with watchdog dev dependency and a dev submodule for development help
• Added file utilities to print contents

Changed

• [BETA] regscale-rest command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml
• Fixed issue with GitLab url variable naming
• Bugfix: Implemented logic to fix AWS integration

[5.9.0] - 2023-07-05

Added

• N/A

Changed

• Fixed missing commands for GitLab integration
• Added support for the new DOD catalog
• Fixed bug with SSP level option id's not being set properly in STIG integration
• Replaced click.argument with click.option in regscale oscal component

[5.8.0] - 2023-06-27

Added

• regscale[server] extra capable of running regscale-server, which launches a REST API
  • this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
  • if no params on the command, then GET method is assumed.
  • This will work with the current init.yaml if ran in the same directory
  • This can also work with the future AppConfig.
• POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
• Evidence Build_Package Command for FEDRamp go to market audit process
• GitLab integration to pull issues into RegSCale with or without links from description

Changed

• Updated error handling for Wiz when invalid credentials provided
• Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
• Refactored catalog utils, replaced export verbiage to download
• Refactored and fixed bugs in test_poam_editor.py for better test execution

[5.7.0] - 2023-06-21

Added

• jwt-token parameter for regscale login command
• Timeout parameter for get_all_from_module function in regscale.core.utils.app_utils.py

Changed

• regscale login command to use a jwt-token parameter
• Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
• Updated and refactored Assessment Editor CLI feature and testing coverage
• Changed starlette version from 0.26.1 to 0.27.0
• Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
• Fixed bug for OSCAL components being updating in RegScale

[5.6.1] - 2023-06-07

Added

• N/A

Changed

• Fixed bug with Wiz issues and assets

[5.6.0] - 2023-06-07

Added

• Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
• Azure Intune Support
  • Query devices from Intune and sync with RegScale
  • If a device is not compliant, a RegScale issue will be created
• Added Azure tests

Changed

• Removed duplicate workflow for updating changelog in ReadMe.io
• Fixed issue with Intune integration where assets and issues could be duplicated.
• Fixed incorrect string on click parent id description.
• Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
• Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.

[5.5.0] - 2023-05-31

Added

• AppConfig class example with basic auth
• Workflow to automatically update the CHANGELOG (CLI) on ReadMe.io when a new release is created
• Workflow to automatically update the version on ReadMe.io when a new release is created

Changed

• N/A

[5.X.X] - 2023-07-XX

Added

• Airflow Documentation and default configurations as well as a yesterday() function for scheduling yesterday
• Airflow image is pushed to Dockerhub
• Airflow DAGs for Tenable, GitLab & Wiz integrations

Changed

• Bugfix: fixed issue when trying to login with a token instead of username & password
• Bugfix: fixed error when trying to run CLI flask application
• Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.

[5.10.0] - 2023-07-12

Added

• regscale version command to quickly print the version of RegScale-CLI installed
• File monitoring tools for development, along with watchdog dev dependency and a dev submodule for development help
• Added file utilities to print contents

Changed

• [BETA] regscale-rest command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml
• Fixed issue with GitLab url variable naming
• Bugfix: Implemented logic to fix AWS integration

[5.9.0] - 2023-07-05

Added

• N/A

Changed

• Fixed missing commands for GitLab integration
• Added support for the new DOD catalog
• Fixed bug with SSP level option id's not being set properly in STIG integration
• Replaced click.argument with click.option in regscale oscal component

[5.8.0] - 2023-06-27

Added

• regscale[server] extra capable of running regscale-server, which launches a REST API
  • this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
  • if no params on the command, then GET method is assumed.
  • This will work with the current init.yaml if ran in the same directory
  • This can also work with the future AppConfig.
• POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
• Evidence Build_Package Command for FEDRamp go to market audit process
• GitLab integration to pull issues into RegSCale with or without links from description

Changed

• Updated error handling for Wiz when invalid credentials provided
• Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
• Refactored catalog utils, replaced export verbiage to download
• Refactored and fixed bugs in test_poam_editor.py for better test execution

[5.7.0] - 2023-06-21

Added

• jwt-token parameter for regscale login command
• Timeout parameter for get_all_from_module function in regscale.core.utils.app_utils.py

Changed

• regscale login command to use a jwt-token parameter
• Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
• Updated and refactored Assessment Editor CLI feature and testing coverage
• Changed starlette version from 0.26.1 to 0.27.0
• Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
• Fixed bug for OSCAL components being updating in RegScale

[5.6.1] - 2023-06-07

Added

• N/A

Changed

• Fixed bug with Wiz issues and assets

[5.6.0] - 2023-06-07

Added

• Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
• Azure Intune Support
  • Query devices from Intune and sync with RegScale
  • If a device is not compliant, a RegScale issue will be created
• Added Azure tests

Changed

• Removed duplicate workflow for updating changelog in ReadMe.io
• Fixed issue with Intune integration where assets and issues could be duplicated.
• Fixed incorrect string on click parent id description.
• Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
• Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.

[5.5.0] - 2023-05-31

Added

• AppConfig class example with basic auth
• Workflow to automatically update the CHANGELOG (CLI) on ReadMe.io when a new release is created
• Workflow to automatically update the version on ReadMe.io when a new release is created

Changed

• N/A

[5.4.0] - 2023-05-25

Added

• AppConfig and Providers class to be implemented with new platform config endpoint
• RegScaleAuth class that can be used with RegScaleAuth.authenticate() to return a RegScaleAuth object authenticated via env vars.
  • includes .refresh() to refresh a new token
  • .token property returns auth_token secret value, .username is RegScale user and .password is RegScale password as a SecretStr.
  • domain is retrieved from REGSCALE_DOMAIN and it can be 'dev' for dev.regscale.io or 'yourcompany.regscale.io'
• generate_regscale_domain_url(domain: str) will generate an f-string to {REGSCALE_DOMAIN}.regscale.io with no default it raises an error
• regscale.core.static.regex <- precompiled regexes for use elsewhere
• regscale.core.utils.urls <- generate_regscale_domain_url
• AppConfig class example with basic auth
• modified the GitHub tests workflow to test the RegScale submodule and all the tests therein
• add tests for new methods

Changed

• Updated requests to 2.31.0
• Refactored send_reminders, compare_files, emass, nist_catalog, jira, qualys, okta and service now integrations for SDK
  usage
• Fixed bug during Okta token generation

[5.3.1] - 2023-05-18

Added

• N/A

Changed

• Updated control sort Id to verify any previous sort Ids are correct before updating them

[5.3.0] - 2023-05-17

Added

• N/A

Changed

• Updated UBI docker image to use newer version with less vulnerabilities
• Refactored and optimized uploading file to RegScale via CLI

[5.2.1] - 2023-05-12

Added

• Additional checks and validations to the STIG integration
• Install options for Airflow and Ansible
• Option to process FedRAMP catalogs in OSCAL integration

Changed

• Fixed bug in FedRAMP integration

[5.2.0] - 2023-05-10

Added

• N/A

Changed

• Revamped Fedramp testing and improved testing for FedRAMP integration
• Improved testing for CISA integration
• Changed version for Cryptography dependency to prevent conflict with OpenSSL

[5.1.0] - 2023-05-04

Added

• Testing for Wiz integration
• AWS Security Hub integration & tests
  • Sync findings from AWS security hub to a RegScale security plan
  • SSP implementations will update and issues will be created if desired

Changed

• Completely refactored the CLI for better performance and maintainability
• Removed unused dependencies from requirements.txt
• Updated docker build process to remove setuptools after install, this removes a moderate vulnerability for the Python
  3.9 image
• Updated handling of GraphQL query timeout errors and increased GraphQL query timeout on the API Graph call

[5.0.0] - 2023-04-25

Added

• N/A

Changed

• Bug Fix: Fixed docker hub release workflow and removed critical vulnerability in docker image
• Updated testing coverage to include testing for the Qualys integration & catalog functionality

[4.26.1] - 2023-04-20

Added

• N/A

Changed

• Bug Fix: Fixed control implementations duplicating during OSCAL import
• Updated Catalog tools to pull data from cloud storage instead of a local file for easier maintenance
• Updated Wiz functionality to properly link to assets along with Checks and Remediation info in the POAM tab of the
  issue

[4.26.0] - 2023-04-19

Added

• Added catalog command to allow users to export, compare and diagnose catalogs

Changed

• Bug Fix: Added verify flag to download_file function to prevent errors during download
• Bug Fix: Correctly upload components and update changed component control implementations
• Moved testing artifacts to Azure blob
• Implemented more tests during update to ensure application integrity

[4.25.1] - 2023-04-13

Added

• Added STIG integration to pull assets, issues and security checklists data into RegScale and update implementations
  from STIG Checklist rules.
• Added at STIG test
• Added command to get_template for the eMASS Control Template in the eMASS integration

Changed

• Update workflow test yaml
• Bug fix: Fixed error handling when fetching assets when no assets were associated to the provided record
• Changed query_vuln command in Qualys integration to sync_qualys to better reflect the function of the command
• Updated final output message to include # of rows not populated during populate_controls in eMASS integration
• Bug fix: updated SBOM workflow to leverage secrets
• Bug fix: Fixed issues encountered during the test_evidence.py

[4.25.0] - 2023-04-12

Added

• Added Qualys integration to pull assets & vulnerabilities data into RegScale from Qualys

Changed

• Bug fix: Fixed issue in evidence.py integration
• Bug fix: Fixed issue in api.py causing errors during Wiz workflow
• Enhancement: Updated logic and performance throughout the CLI

[4.24.1] - 2023-04-06

Added

• N/A

Changed

• Bug fix: Fixed issue causing docker build to script to hang during build process
• Bug fix: Changed setup.py to parse requirements.txt to prevent version conflicts
• Bug fix: removed | operand in Api.py to support Python 3.9

[4.24.0] - 2023-04-05

Added

• N/A

Changed

• Bug fix: Update objective filter to ensure Rev 5 enhancement objectives are populating.
• Updated domain for tests to use the correct DEV instance
• Changed test catalog for test_oscal.py to a smaller catalog to speed up testing

[4.23.0] - 2023-03-28

Added

• N/A

Changed

• Upgrade upload_sbom.py to prevent false negatives and better log status code of unsuccessful API call
• Bug fix: Update CISA Alerts integration to handle updated CISA.gov website

[4.22] - 2023-03-23

Added

• Add copyright notice to ssp_management.py

Changed

• Bug fix: Enforce Path type for input and output in oscal cli wrapper
• Bug fix: Update Tenable integration
• Refactor assessment editor

[4.20.1] - 2023-03-11

Added

• New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
• Added generation of Red Hat Universal Baseline Image (UBI) dockerfile

Changed

• Update build process to also generate Red Hat Universal Baseline Image (UBI)

[4.20.0] - 2023-03-07

Added

• New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans

[4.20.0] - 2023-03-08

Changed

• Provide helpful Alien Vault error on failed API key
• Revised populating eMASS SSP spreadsheet assessment fields to highlight cells missing data and adding comments of what
  needed to be done by the user
• Updated Wiz integration: import SecurityChecks and Recommended Actions to RegScale Issues; concatenate imported
  securityChecks with updated Wiz control IDs; update default Wiz report age
• Updated missing docstrings and missing function typing

[4.19.2] - 2023-03-03

Changed

• Bug Fix: Implemented logic to get the correct sort id for older catalogs in nist sort_control_ids

[4.19.0] - 2023-03-01

Added

• New [BETA] Alien Vault OTX threat integration to pull pulse information into RegScale
• New [BETA] Update an eMASS controls formatted workbook with controls with assessments from RegScale with the provided
  SSP ID

Changed

• Security: Removed credentials used for testing integrations replacing with GitHub action secrets
• Bug Fix: Control Editor problem preventing spreadsheet generation
• Refactored Control Editor to use GraphQL

[4.18.2] - 2023-02-24

Changed

• Bug Fix: Improve FedRAMP import with better handling of exceptions.

[4.18.1] - 2023-02-23

Changed

• Bug Fix: Correct parsing of FedRAMP OSCAL catalogues
• Updated GraphQL query and logic for send_reminders function
• Updated docstrings for reformat_str_date function
• Corrected typo in CHANGELOG

[4.18.0] - 2023-02-22

Added

• New support for OSCAL 1.0.4 and the Austrailian ISM catalog
• New support for editing assessments in a spreadsheet external to RegScale
• Add --obj_to_control option to oscal command to convert 800-53 objectives to controls during catalogue import
• Add --new_catalog_name option to oscal command to define catalogue name during import

Changed

• Bug Fix: Correct parsing of NIST 800-53 Rev 5 objectives and parameters
• Improve outputs of OSCAL import to be clearer and more concise during the workflow
• Update package testing instructions in README
• Update docker tag to "latest"

[4.17.2] - 2023-02-20

Changed

• Revised order of Python libraries

[4.17.0] - 2023-02-15

Changed

• Bug Fix: Updated logs & console output for encrypt/decrypt and fixed bug causing user to set their password twice for
  the first time

[4.16.2] - 2023-02-09

Changed

• Bug Fix: Fixed bug in GraphQL function when normalizing the provided URL

[4.16.1] - 2023-02-09

Changed

• Bug Fix: Refactored evidence CLI to prevent code from executing prematurely

[4.16.0] - 2023-02-08

Added

• New Microsoft 365 Defender to pull alerts from Microsoft 365 into RegScale
• New GitHub NPM audit scan integration to create assessments and related issues in RegScale from NPM audit scan of main
  branch
• New sort CLI to batch sort in natural order NIST controls
• Added better error handling to api.graph
• Added additional links to readme.io docs
• Added links to internal CLI developer standards and GraphQL documentation

Changed

• Bug Fix: Fix failed jiraId keyError
• Bug Fix: Fix OSCAL import test
• Bug Fix: Change click sequence to fix broken test_evidence imports
• Improve OSCAL CLI to load Australian ISM catalog
• Change threaded process terminal output to prevent excessive threaded pool warnings
• Improve testing of evidence CLI
• Update cryptography library

[4.15.2] - 2023-02-3

Changed

• Changed default mapping of control status from imported FedRAMP SSP to Not Implemented

[4.15.1] - 2023-02-1

Changed

• Bug Fix: Fix the CLI looking for file dump path that does not exist
• Bug Fix: Fix the list of acceptable file types was too limited for FedRAMP documents
• Bug Fix: Update build script to properly handle all sections of version

[4.15.0] - 2023-01-31

Added

• Added check for maxThreads to prevent users from being IP-banned by CISA

Changed

• Bug Fix: Fix incorrect login credentials error message
• Fixed typos throughout the application and duplicate periods within console
• Improved Wiz integration to prevent duplicate record creation and other enhancements

[4.14.0] - 2023-01-24

Added

• New GitHub Dependabot integration to import Depandabot found package vulnerabilities into RegScale
• Added special data migration script to support many to may inheritance

Changed

• Bug Fix: Errors between RegScale-CLI and RegScale with Tenable methods
• Bug Fix: Cognito log in error

[4.13.0] - 2023-01-19

RegScale-CLI 4.13.0 adds new integrations, and refactors the application
for greater long term extensibility

The big leap in version number synchronizes RegScale-CLI version with RegScale version.

IMPORTANT: init.yaml parameter names changed in 4.13.0.

Certain init.yaml parameters changed in 4.13.0 to standardize parameter names to camelCase.
RegScale-CLI automatically adds in new and missing parameters and leaves existing parameters in place.
Be sure to check and update your existing init.yaml parameters.

Method 1 – move, generate, diff, and manually edit

# move init.yaml to backup
mv init.yaml init-bak.yaml
# generate fresh init.yaml
regscale init
# diff backup to fresh to see changes
diff init-bak.yaml init.yaml
# manually edit init.yaml to copy values from params back up to new params in fresh init.yaml

Method 2 – add new and manually edit

# run regscale to add in new/missing params
regscale about
# manually edit init.yaml to copy values around from old params into new params

Added

• New Okta integration to pull different users from Okta core API
• New FedRAMP SSP docx import to RegScale support
• New Azure Microsoft Defender for Cloud to pull alerts from Azure into RegScale
• New initialization workflow for setting up RegScale CLI
• Added workflows to reminder command
• Added bulk control editing via Excel
• Added persistent CHANGELOG file for releases
• Added Microsoft Defender for Cloud (DFC) integration that will create issues in RegScale for DFC alerts

Changed

• Removed support for Python 3.8 to support Python typing
• Bug Fix: Include missing requirements
• Bug Fix: Replaced built in tuple for Python 3.8 crashes
• Bug Fix: Minor bug fixes for functions throughout the application
• Bug Fix: Standardize to Python Yaml "pyaml" package to correct packaging issue
• Bug Fix: Automatically create directory "static" required by Python Fitz package
• Renamed platform to admin_actions
• Sync CLI version number to RegScale version number
• Application refactor, restructure and standardization
• Improved speed performance of Jira, Migrations, Wiz and OSCAL integrations with multithreading
• Fixed typos in Doc Strings and standardized Doc String and user feedback usage of periods

[1.3.8] - 2023-01-10

Added

• N/A

Changed

• Bug Fix: Correct oscal_cli_path default

[1.3.7] - 2022-12-22

Added

• N/A

Changed

• Bug Fix: replaced tuple with Tuple to fix crash in Python 3.8

[1.3.6] - 2022-12-19

Added

• N/A

Changed

• Bug Fix: Added missing keys to init.yaml