CHANGELOG (CLI)
almost 2 years ago by ReadMe API
Changelog
Provides details on all changes to the RegScale-CLI over time.
[6.7.0] - 2024-11-13
Added
- Command to sync recommendations from Microsoft Defender for Cloud to RegScale as issues via
regscale defender sync_cloud_recommendations
PickleFileHandler
Model to handle reading and writing Pickled data while being threadsafe
Changed
- Improved Tenable SC to cache to disk and process all findings and assets to
ScannerIntegration
in a single action using newPickleFileHandler
model
[6.6.0] - 2024-11-08
Added
- Handling unauthorized responses (401) when making API calls to API class
- More logging during API calls for better debugging
Changed
- Logging during
admin_actions send_reminders
if no users have email notifications enabled
Fixed
- AttributeError during
get_mappings_as_assets
in AssetMappings class - Misnamed attribute in Questions model to follow RegScaleModel convention
Removed
- Handling unauthorized responses (401) when making API calls from APIHandler class
[6.5.0] - 2024-11-06
Added
- Wiz Asset child list of Software inventory is able to map to STIGs and is automated based on rules in STIG mapping rule file
Changed
- Silenced Import warning in Wiz when memory is 0
- Deprecated API call to validate RegScale token when using
regscale validate_token
and when validating RegScale CLI Application
Fixed
- Import issue in Wiz integration when type is container image
- Issue prompting for in Wiz credentials when not using Wiz integration
[6.4.0] - 2024-11-01
Added
--poam_id_column
option to theregscale fedramp import-poam
command to specify the column name for the POAM ID
Fixed
POAM ID
can be any format as long as it contains V-# instead of V-### only format
[6.3.0] - 2024-10-31
Added
- Emailing user that triggered job in Automation Manager if it fails
Changed
- Consolidated Wiz CLI
- Ensure Issues are using
ScannerIntegration
- Parsing control implementation part statements during FedRAMP Appendix A parsing
Fixed
- Issue Status incorrectly set on closed issues in
ScannerIntegration
[6.2.0] - 2024-10-30
Added
- Original Risk Rating calculation to
ScannerIntegration
- Basis For Adjustment fallback value if finding value is None or empty
- Optional
ingestClosedIssues
key to the init.yaml, defaults to False
[6.1.0] - 2024-10-28
Added
- ImportValidater to validate the import of files into RegScale before processing the data
- Added to xray, aqua, defender, ibm, nexpose, prisma, qualys, snyk, aws, ecr, veracode imports
show_mapping
command to display the custom header mappings for file imports- Added to xray, aqua, defender, prisma, qualys, snyk, aws, ecr, veracode imports
- Command prompts when creating custom mapping files for flat file imports if required fields are missing
Changed
- Improved error handling during the import of files into RegScale
Fixed
- Numerous bugs during the import of files into RegScale
[6.0.0] - 2024-10-24
Added
id
attribute to Link RegScale model- Python 3.13 support
Changed
- Updated response handling during catalog import
- Updated internal testing suite
- Error message when failed to parse userId from token in
parse_user_id_from_jwt()
Fixed
- CISA Alert ingestion
- Errors when processing vulnerabilities in
ScannerIntegration
- URLs to use new forms in RegScale
- Issue with asset_mapping mappingId to id
- Issue with questionnaire and questionnaireInstance creation due to renaming properties
Removed
fitz
dependency
[5.82.0] - 2024-10-22
Changed
- Set default values for IssueCreation=Consolidated and VulnerabilityCreation=PoamCreation
[5.81.1] - 2024-10-18
Fixed
- tenableMinimumSeverityFilter not being used during Tenable SC integration
_get_vulns_by_scan
logic and returned datatype updated to properly return a list of tool_vulns
[5.81.0] - 2024-10-14
Added
- Option for FedRAMP rev4 SSP docx import to allow for RegScale security profile id or name
- Missing field riskCategorization to Component model
- Several missing fields from Privacy model
- User model:
- Added roles attribute
get_by_user_id
method to find a user by their user idassign_role
method to assign a role to a user
Changed
- Updated Question and Questionnaire models to include default values
- Token parsing logic during login
Fixed
- Typing of app config to default to dict instead of _SpecialForm
- Bug in questionnaire create_instance_from_questionnaire method
- FedRAMP rev4 SSP docx import:
- Bug causing import to freeze when checking for specific text in the document
- Missing ports and protocols during import
- Handling of content control elements in the document when parsing text
Removed
- Duplicate name attribute on the User model
[5.80.1] - 2024-10-14
Fixed
- Missing dependency causing import errors
[5.80.0] - 2024-10-14
Added
- Filtering vulnerabilities by scanner in ScannerIntegration
Changed
- Closing vulnerability mappings that are no longer reported by a scan
Fixed
- Possible error when checking against scanningTool when no vulnerabilities are found
[5.79.0] - 2024-10-14
Added
- SAP Concur support for SysDig and Tenable flat files
- Object level locking to prevent duplicate creation during multithreading
[5.78.0] - 2024-10-07
Added
- Optional support for grouping by Tenable Plugin inside
ScannerIntegration
- RegScale ID and RegScale Module parameters to Microsoft Defender jobs in Automation Manager
- Threading utilities for better performance throughout the CLI
Fixed
- Errors when running Wiz integrations in Automation Manager
[5.77.0] - 2024-10-03
Added
- drNumber field to the Deviation model
Changed
- Update Deviation model to support the new
get_by_security_plan
endpoint
Fixed
- Error in
qualys sync_qualys
when the Qualys instance has < 100 vulnerabilities
[5.76.0] - 2024-09-29
Added
- ipv4 as an option when retrieving the name of a Tenable IO asset
- ability to process Nessus files from s3
- Pagination to Qualys integration to fetch Assets when there are more than 1000 assets
- Section 8 from section 3 (table 3.1) descriptions during FedRAMP SSP import
- Info message when no Tenable SC data is found
Changed
- Optimized Qualys integration to use RegScale models and only fetch necessary data while avoiding rate limits
Fixed
- Improved POAM import process and error handling
- Enhanced date parsing and CVE validation
- Implemented more robust error handling and logging
- False positives on Jobs running in Automation Manager
- Not using urljoin when concatenating
qualysUrl
from init.yaml to call Qualys APIs
[5.75.0] - 2024-09-23
Added
- STIG support for Tenable
Changed
- Method on running jobs in Automation Manager
- Security Check field during Burp flat file import to use hex identifier per Burp documentation
[5.74.1] - 2024-09-21
Added
- Resilience to POA&M importer when parsing status from sheet names
Fixed
- Error during Aqua import when description not provided, it will now be skipped and warn the user
[5.74.0] - 2024-09-19
Added
- Privacy model used during parsing privacy data while importing FedRAMP .docx System Security Plan
- otherIdentifier field for deviations model
- Populating otherIdentifier during the deviation importer
- Caching mixin for RegScale models to cache object by plan id
- Ability to import eMASS SLCM .xlsm files into RegScale via
regscale emass import_slcm
- Support for OSCAL versions 1.1.1 and 1.1.2 catalog imports
- Fix a Nessus break on invalid cache object in the parent cache
- Added criticality updater for security controls in a catalog for eMASS via
regscale criticality_updater import
- Automation Manager jobs for Wiz integration commands: vulnerabilities, attach_sbom and add_report_evidence
- Option to sync Microsoft Defender for Cloud and Microsoft Defender 365 to a provided
regscale_id
andregscale_module
Changed
- Improved integrations import speed using new caching mixin
- Changed issue.sourceReport to
Burp Suite
during Burp file import - Wiz command options to use
--regscale_ssp_id
or-id
to specify the System Security Plan ID - Improved the speed and reliability of Microsoft Defender for Cloud and Microsoft Defender 365
Fixed
- First seen and last seen dates not being set during Tenable SC and flat file imports
- Error handling when unable to find profile during FedRAMP Rev5 .docx import
- Improved Wiz issue import to prevent timeouts
- Fixed Not importing Column Q (Vendor Last Check In Date) of POAM spreadsheet
- FedRAMP Inventory: Handle end of life missing and populate if present
[5.73.1] - 2024-09-11
Fixed
- Updated imports to optimize performance during FedRAMP Rev5 inventory workbook import
- Software inventory now saving to assets properly during Aqua import
- Whitespaces in part statements when importing FedRAMP Rev 5 SSP Appendix A
[5.73.0] - 2024-09-10
Added
- Added Stig Mapping Engine to Scanner Integration
- Added Stig Mapping json Config
- Added Sbom importer from wiz sbom report into ssp
- Support for Python 3.12
- Added option for poamTitleType, Cve (default) or pluginId during POAM creation
- RiskAdjustment field to
Issue
model
Changed
- Updated Jira integration to add a comment to the Jira issue when creating it containing populated RegScale issue fields & link to the issue in RegScale
- ScannerIntegration to use new IntegrationFindingId field in RegScale
- Risk Adjustment column (Column U) logic for POAM importer to use the new RiskAdjustment field in
Issues
Fixed
- Fixed Duplicate Components being created in scanner integration
- Delayed import of pandas
- Fixed STIG Integration mappings
- Fixed Model caching bug
- Fixed authentication error in Okta integration
- Fixed Wiz Inventory filter param
- Missing F String during header error handling during flat file imports
- Software inventory version datatype during Aqua import
- Make sure artifacts directory exists, before trying to write files to it during Tenable integration
- FedRAMP Rev5 Appendix A .docx importer:
- Precedence for Not Applicable when multiple control imp statuses are selected.
- "Implementation Pending" to "Planned"
[5.72.0] - 2024-08-30
Added
- Aqua flat file Import:
- Support for excel file types
- Capabilities for extra columns
- Move files routine to Nessus import
Fixed
- Errors during scan file imports
- Handling errors or bad data during Aqua import
- Error during Nessus file import
Removed
- Unused methods for Snyk, Nexpose and Prisma file imports
[5.71.0] - 2024-08-29
Added
- Added Wiz report to RegScale Evidence locker via
regscale wiz add_report_evidence
- Option to filter work notes to update in RegScale via regscale_id and regscale_module during ServiceNow integration
- Option to filter incidents from ServiceNow by adding
--all False
to theregscale servicenow issues_and_attachments
command find_by_service_now_id
method to the Issue model to find issues with a ServiceNow Incident ID
Changed
import-fedramp-ssp-xml-rev4
command toimport-fedramp-ssp-xml
- Updated column logic for POAM Importer
Fixed
- SystemName parsing during FedRAMP import
- RegScale platform Version check
- Fixed bug causing errors around object caching in the RegScale CLI
- Much better performance for Tenable IO Assets and Vulnerability imports
- ServiceNow integration
sync_work_notes
- Errors during bulk excel editor commands
[5.70.2] - 2024-08-27
Fixed
- Error in check_text function during FedRAMP importer
- POAM importer starting row number
- Bug causing errors around object caching in the RegScale CLI
- Extra spaces appearing in fields during FedRAMP Rev5 Appendix A import
- Original detection date not importing during POAM import
[5.70.1] - 2024-08-23
Fixed
- Handle invalid create API returns from RegScale when it returns id as 0
- Update justification on RA deviations
Added
- Add AdjustedRiskRating to POAM importer
[5.69.0] - 2024-08-21
Added
- Durosuite Integration via
regscale durosuite
Fixed
- Bug causing issues to close during import
- Bug preventing Wiz cli from using the project id passed
[5.68.1] - 2024-08-20
Fixed
- Bug in Burp integration when assigning IPAddress
- Asset identifiers not mapping correctly during Tenable Nessus integration
- FileTag model to Tag to match RegScale
- Error during tag creation when uploading files to RegScale via CLI
[5.68.0] - 2024-08-19
Added
- Tagging model used in Files and Properties classes
- TagMapping model used for mapping tags to Files or Properties
- Deviation Request Forms can now be imported and saved as RegScale deviation via
regscale fedramp import-drf
- POAM import field mappings are improved
- Added ScannerIntegration to the Tenable SC integration
- New command to ServiceNow integration to sync RegScale and ServiceNow Incidents as well as their attachments via
regscale servicenow issues_and_attachments
- RegScale object validation to XRay import
Changed
- Added ScannerIntegration to the Tenable SC integration
- Updated logging for an issue breakdown before saving it to RegScale
- Renamed tag model to filetag and update codebase
- Made issueCreation and vulnerabilityCreation variables required and to be set by the user
Fixed
- Update pluginIds for Tenable SC findings
- make sure flat file integrations create poams, setting the ScannerVariable
- Plugin Id added to Tenable SC
regscale version
check during ScannerIntegration- issueOwnerId not being set to current CLI user in Issue data model
- Use a more simple and faster hashing algorhythm for unique otherIdentifier naming
Removed
- Unused and deprecated create_issue() method used in flat file integrations
[5.67.0] - 2024-08-09
Added
- Defender flat-file import, based on ScannerIntegration class via
regscale defender import_alerts
- otherId to the ControlParameter model to support Rev5 OSCAL compliant catalogs
- vulnerabilityCreation options
- Added missing fields to ControlImplementation model
- Add support for IBM AppScan CSV ingestion via
regscale ibm import_appscan
Changed
- FedRAMP Rev 5 SSP import to use the new otherId field in the ControlParameter model
- Tenable SC integration to use ScannerIntegration class for unified parsing and record creation throughout the CLI
Fixed
- Error during Jira integration when creating issues in Jira
- TypeError during
regscale tenable sc query_vuln
command - Use IP address for nessus scan asset identifiers
- Parameter names showing non-human readable format during FedRAMP Rev5 .docx import
Removed
tenable sc trend_vuln
command__eq__
andhash
methods from Issue model
[5.66.1] - 2024-07-31
Fixed
- Fixed broken generator and typo in IntegrationFinding for the FlatFileImporter
[5.66.0] - 2024-07-31
Added
- Bulk excel editor for RegScale assessments, controls, issues, components and assets via
regscale model
Changed
- Burp Integration will now use ScannerIntegration
- Set finding vulnerability type correctly for Flat File scans
- System name parsing during FedRAMP import will now use System Name from Table 1.1, if not found, it will use the System Name from the title page
- .XML import to use new
otherId
field, if available, to support changes in Rev 5 Catalogs
Fixed
- FedRAMP appendix A import not setting control responsibility or control source
- Fixed Wiz bug caused by not having preset full pull limit variable in init.yaml
[5.65.0] - 2024-07-30
Added
- ScannerIntegration to the FlatFileImporter for unified parsing and record creation throughout the CLI
Changed
- Renamed the ContainerScan class to FlatFileImporter
[5.64.0] - 2024-07-30
Added
- Progress bars when using batch_update method in RegScale models
Changed
- Improved CLI performance
Fixed
- Progress bars when using batch_create method in RegScale models
- Typo in burp integration
- Ensure we create vulnerabilities for Wiz GHSA vulnerabilities
[5.63.1] - 2024-07-24
Fixed
- Progress bars not displaying correctly
[5.63.0] - 2024-07-24
Fixed
- Incorrect url in Vulnerability creation method
[5.62.0] - 2024-07-23
Changed
- Updated Wiz Vulnerability and Asset integrations for new vulnerability workflow.
Fixed
- FedRAMP Import Fixes:
- Parameters during FedRAMP Rev4 SSP .docx import not getting created or updated
- FedRAMP Rev5 .docx importer parts not importing properly
[5.61.0] - 2024-07-19
Added
- Proper vulnerability and scan history creation with the Tenable SC integration
- Logic to close vulnerabilities that are no longer found for any assets
Changed
- Details for running active user report in Automation Manager
- Improved Tenable integration code structure and optimization
Fixed
- FedRAMP .docx Import:
- Required fields not having a default value when not found during import
- Responsible role parsing
- Leveraged authorization parsing
[5.60.0] - 2024-07-16
Added
- User Email report CLI functionality via
regscale admin_actions user_report
- Added Wiz Sbom integration to ingest Wiz SBoM data into RegScale
- Ability to parse Veracode XLSX files via
regscale veracode import_veracode
- Support for ingesting Qualys scan artifacts into RegScale via
regscale qualys import_scans
Changed
- Updated Docs dockerfile
- Error message when unable to login to remove false statement of missing MFA Token
Fixed
- Updated errors during login to gracefully exit instead of having exceptions on failed login
- FedRAMP Rev 5 Import:
- Parameters not being imported
- Control Parts not populating correctly
- Creating links when importing flat files
[5.59.0] - 2024-07-03
Added
- Syncing JIRA tasks as RegScale tasks. Tasks will create and update in RegScale based on JIRA information
- Added terraform to build RegScale CLI Lambda
- Added S3 compatibility for STIG checklist processing
[5.58.0] - 2024-06-28
Added
- ECR CSV and JSON file Scan ingestion via
regscale ecr import_ecr
- Updating catalogs via the platform
regscale catalog update_via_platform
- Checking the platform for updatable catalogs via
regscale catalog check_for_updates
Fixed
- Deprecation warnings in AirFlow container to prevent future issues
[5.57.0] - 2024-06-25
Added
- FedRAMP Imports:
- MultiSelect on word docx Appendix A Control implementation status if multi-selected set to "Not Implemented"
- Importing of control-implementation status boolean status values as well as multi-select on control-origination values
- Warning if control-implementation status does not match FedRAMP Approved values
[5.56.0] - 2024-06-24
Added
- Support for ingesting AWS Inspector scan artifacts into RegScale via
regscale aws inspector import_scans
Fixed
- Sync Vulns error in Tenable IO
[5.55.0] - 2024-06-15
Changed
- Endpoint used during
validate_token
[5.54.0] - 2024-06-15
Added
- Checking RegScale ID and module provided before running POAM import
- Additional mappings during FedRAMP POAM Import
Changed
- Stig Mapper to the CLI to map STIGs to RegScale Assets added property field to match on any field of asset model
Fixed
- Issue will now close if the vulnerability that created it isn't located in the nessus scan
- Duplicate Vulnerabilities being created in RegScale
- Fixed issue where formulas were reported as values during POAM import
[5.53.0] - 2024-06-12
Added
- Added Stig Mapper to the CLI to map STIGs to RegScale Assets
Fixed
- Parsing identification from Excel workbook during
regscale issues load
command - Error during stig integration when parsing Vulnerabilities
[5.52.0] - 2024-06-11
Changed
- AttributeError during
tenable io sync_assets
command - Updated consistency in CVE and Title mapping during flat file imports
- Controls with no data during FedRAMP .docx import are now set to "Not Implemented" instead of "NA"
Fixed
- Fixed date time string parsing during
tenable io sync_vulns
command - Parts not being mapped even though they are in the FedRAMP .docx document
- Various bugs parsing CVE when creating CVEs during
regscale wiz vulnerabilities
command
[5.51.0] - 2024-06-10
Changed
- Updated Tenable IO to use delta loads to follow Tenable integration standards
Fixed
- Email subject sent to users with upcoming items when using
admin_actions send_reminders
- Timing warnings will only be displayed if logger level is set to DEBUG
- Logic using Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay flat file imports to close issues in RegScale if they are not found in subsequent flat file imports
[5.50.0] - 2024-06-06
Added
- STIG integration for importing assets, creating Issues and setting Control Status from STIG files.
- [BETA] FedRAMP Rev5 CIS/CRM import via
regscale fedramp import-cis-crm
- [BETA] FedRAMP POAM worksheet import to RegScale issues via
regscale fedramp import-poam
- File tags during FedRAMP XML import
- Link creation during Prisma and Snyk flat file imports on issues if a link is available during parsing
- Logic to close issues in RegScale if they are not found in subsequent flat file imports (Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay)
- Wiz Cloud Configuration, Host and Data Findings
Fixed
- Fixed issues of missing parts on FedRAMP Docx importer
- Error during
regscale wiz issues
command - Fixed issues of missing params on FedRAMP Docx importer
- Updated Tenable SC to not use the now deprecated
api.update_server
method - KeyError experienced during
prisma import_prisma
- Mapping
asset.find_os
if no operating system is provided - Possible AttributeError during
ecr import_ecr
- Reduced import time to speed up commands
Changed
- Updated Tenable IO asset fetch to cache on disk instead of memory
Removed
regscale stig
command, replaced withregscale stigv2
[5.49.0] - 2024-05-24
Changed
- When uploading a FedRAMP Rev5 .docx SSP when using
regscale-rest
, you will be redirected to the created SSP in RegScale upon completion - Logging for missing controls during FedRAMP .xml import
Fixed
- Param and objective mappings now parse correctly during FedRAMP Rev5 .docx import
- Importing FedRAMP Rev5 .docx SSPs with Appendix A .docx file now works correctly in the flask application when using
regscale-rest
- Parsing and importing components during .xml import in the flask application when using
regscale-rest
[5.48.0] - 2024-05-22
Added
- Command to import a FedRAMP Rev5 appendix a to an existing SSP in RegScale via
fedramp load-fedramp-appendix-a
- Option to import Rev 4 .docx SSPs with Appendix A .docx file in the flask application when using
regscale-rest
Fixed
- FedRAMP command to execute correctly:
fedramp import-fedramp-ssp-xml-rev4
- Styling issue on counts on the FedRAMP import SSP results page
[5.47.0] - 2024-05-21
Added
- Feedback on the page during the SSP import process when using
regscale-rest
and uploading a FedRAMP .XML System Security Plan
Changed
- Updated UI in the file import process when using
regscale-rest
- When clicking the view SSP during a FedRAMP import, the SSP will now open in a new tab
[5.46.0] - 2024-05-17
Added
- More integrations and jobs to populate Automation Manager in RegScale
- Vulnerability information during
wiz issues
command
Fixed
- Error when creating issues in
tenable sc query_vuln
[5.45.0] - 2024-05-15
Added
- NessusReport.close_issues method to handle automatically closing issues based on scans
- ReportGenerator class to easily generate simple .csv reports from a list of changed objects which can be uploaded to RegScale and/or saved locally
Changed
- Updated Tenable IO integration to use the Exports API for asset downloading
[5.44.0] - 2024-05-13
Added
- A
--server
flag to theregscale version
command to pull down the RegScale server version, if available - Log file uploaded to SSP when importing FedRAMP documents via CLI
Fixed
- Date parsing in CISA integration
[5.43.0] - 2024-05-09
Added
- Visual feedback when creating data in RegScale during
regscale wiz issues
command - Vulnerabilities that are not in subsequent scans are closed as well as issues related to those vulnerabilities
Changed
- Removed
Vulnerability ID
from the expected headers for theregscale prisma
import - Updated
regscale nexpose
import to map the IP Address using theIP Address
column - Improved speed during
regscale wiz issues
command
Fixed
- Error when uploading a .PDF file via
regscale upload_file
, the file preview was not displaying - FedRAMP Rev5 Importer:
- Errors during Implementation Options
- Required fields for parameters
- Leveraged Authorization parsing
[5.42.0] - 2024-05-07
Added
- Internal testing for the flask application
Fixed
- Flask application not starting when running
regscale-rest
command
[5.41.1] - 2024-05-06
Fixed
- Error during the Nessus import functionality
[5.41.0] - 2024-05-03
Added
- FedRAMP Rev5 Imports:
- Inventory .xlsx importer
- Appendix A .docx importer
- Added Catalog Sync Security Plan to sync a security plan with an updated catalog
Changed
- Updated Catalog Updater to work with newer catalogs
Changed
get_all_by_parent
on Assets to use the newget_all_by_search
API endpoint
[5.40.0] - 2024-05-01
Added
- Wiz vulnerability integration to ingest Wiz vulnerability data into RegScale
- processStatus to Asset model which maps to NSA-Approved Process Status
Fixed
- KeyError when parsing # of days from init.yaml if it wasn't populated during flat file vulnerability imports
Security
- Updated dependencies
[5.39.0] - 2024-04-26
Added
- Amazon ECR container scan support to the CLI
Change
- Updated approach on fetching vulnerability data from Qualys to prevent timeout errors
Fixed
- Wiz issues integration not being able to create/update issues in RegScale
- Date parsing during Cisa integration
- Error during Intune integration when a device has never logged in
- Burp ingest error on NoneType response data
- Multiple possible errors during the Qualys integration
- Parsing users during FedRAMP Rev5 XML import
- Error when parsing components with no implementation statements during
oscal component
Security
- Reworked the RegScale-CLI container build process
[5.38.0] - 2024-04-15
Fixed
- Date parsing bug that would fail on oddly formatted date strings during Aqua import
- Help text within the Aqua integration.
- Wiz issues integration not being able to create/update issues in RegScale
- Errors during Oscal component import
[5.37.0] - 2024-04-09
Security
- Updated dependency versions
Added
- Functionality for FedRAMP XML import to support rev4 and rev 5 OSCAL XML as they are all 1.x.x versions of OSCAL
- New registry file for catalog downloads
Fixed
- Multiple errors during the Intune integration
- FedRAMP rev5 OSCAL XML Import:
- Responsible parties not being correctly parsed
- Added parameter parsing for inclusion of odp parameters
- FedRAMP rev4 OSCAL XML Import:
- Address FedRAMP default system role import assignments
- Parts parsing for implementationObjectives
- Optimization for security control lookups
[5.36.0] - 2024-03-29
Added
- Option to add assets under components for scanner integration
--scan_date
option to flat file imports: Aqua, Prisma, Nexpose, and Snyk
Changed
- Improved logging messages and outputs during the Jira integration
Fixed
- Duplicating issues in Jira and RegScale during Jira integration
- Email message sent from
admin_actions send_reminders
now uses the correct styling - Bug that could cause a Scan creation to fail in the Tenable Nessus integration
- Bug in GCP Integrations where it didn't match control ids in a case-insensitive manner
- Missing mapping files during the Crowdstrike integration
- Added a catalog import function to the catalog cli. This will use the new RegScale Catalog import API.
- FedRAMP rev4 .docx importer:
- Controls not being imported
- Incorrect parsing of system roles
Changed
- Wiz issues:
- Now utilizes graphql client
- Improved issue data mapping
[5.35.0] - 2024-03-20
Added
- XRay integration to ingest .json files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Logic to handle additional columns than required during Nexpose, Snyk & Prisma imports
- Prepared By and Prepared For tables to the FedRAMP Rev4 .docx importer
- FedRAMP Rev4 .docx Importer:
- Version from title page
- Prepared By and Prepared For tables
Fixed
- Inventory Asset Mapping for Wiz integration
- Additional endpoints to Issue model to support batch_update & batch_create
Fixed
- GCP Integration: Fixed issue with asset import and component mappings
[5.34.0] - 2024-03-14
Added
- Stigv2 integration for importing assets from STIG files.
Fixed
- Failed issue creation during AWS integration
- Error finding unique object during GCP integration
- Errors during Prisma flat file import
- Errors during Snyk flat file import
- Errors during Aqua flat file import
- Errors during Nexpose flat file import
[5.33.1] - 2024-03-08
Added
- Profile data object to match RegScale data model
Changed
- FedRAMP Rev4 .docx importer
- Improved logging for controls and leveraged authorizations
- Sped up SystemRole processing
Fixed
- FedRAMP Rev4 .docx importer
- Prematurely ending the import process when parsed controls > base profile controls
- Parsing port numbers and protocols
- Incorrect number of controls imported displayed on SSP Import Results Summary
[5.33.0] - 2024-03-07
Added
- crowdstrikeBaseUrl to the init.yaml file
Changed
- Updated
regscale emass populate_controls
to use CCIs instead of control IDs when mapping assessment results - Fixed AttributeError during GCP integration and Prisma flat file import
[5.32.0] - 2024-02-29
Added
- Cloud service fields and cloud deployment fields when parsing FedRAMP .docx during import
- Purpose statement during FedRAMP document import
Changed
- Updated Cryptography version to 42.0.0 to remove security vulnerabilities
- Fixed bug causing System Description not being populated during FedRAMP document import
- AutoCompress large files, warn user when a file is too large to post to RegScale
- Added testing for file uploads and deletion in RegScale
[5.31.0] - 2024-02-24
Added
- Added GraphQL client and handler for GraphQL queries
- Stigv2 integration for importing assets from STIG files.
Changed
- Refactored Wiz Inventory integration to use GraphQL client and handler
- Fixed issue during Burp integration when creating issues in RegScale
- Separated Nexpose and Prisma flat file ingest into two separate integrations
- ServiceNow's data fetching and issue/incident syncing to be more consistent and reliable
- Improved control editor file not found error to gracefully exit
- Modified System Roles to populate correctly during
regscale fedramp
doc imports
[5.30.2] - 2024-02-16
Added
- N/A
Changed
- Fixed System Role and Leveraged Authorization errors during creation and updating experienced in the FedRAMP integration
[5.30.1] - 2024-02-16
Added
- N/A
Changed
- Improved healthcheck to fail gracefully when no domain is set
- Bugfixes:
- Corrected incorrect mapping control assessments during
regscale emass populate_controls
- Added logic to handle instances with no facilities and/or organizations correctly in
regscale assessments
integration - Incorrect hash when downloading attachments from RegScale during Jira integration
- False 401 error during
regscale login
when expired token in init.yaml - Fixed Wiz and Tenable Nessus bugs when creating Assets and Issues
- Fixed bug with CatalogCompare, now it will increment Tests, objectives and parameters correctly
- Corrected incorrect mapping control assessments during
[5.30.0] - 2024-02-14
Added
- Summary report to inform user what was updated in RegScale when syncing vulnerabilities in Tenable IO integration
Changed
- Fixed various bugs experienced during Wiz integration
- Updated AWS integration by removing deprecated functions and improved internal testing
- Fixed Issue with CrowdStrike integration while fetching existing incidents from RegScale
[5.29.0] - 2024-02-09
Added
- N/A
Changed
- Updated Tenable IO to cache vulnerability results from Tenable to disk, instead of memory.
- Use the tenableMinimumSeverityFilter config value as a filter for Tenable vulnerabilities
- Fixed issue in application.save_config not updating config in API_Handler or API classes
- API_Handler is now an extension of the Application class
- API object no longer needs Application class to be instantiated
- Improved internal testing for supported versions of Python
[5.28.4] - 2024-02-02
Added
- Additional columns to wrap text in Control Editor workbooks
Changed
- Fixed methods in Assessment, Catalog and CustomField models
[5.28.3] - 2024-02-01
Added
- Aqua integration to ingest Aqua .csv exports into RegScale via
regscale aqua
Changed
- Enhanced Wiz inventory report processing
- Crowdstrike model parsing to better align to RegScale data models
- Fixed issue in GCP integration where duplicate assessments were created
- Updated models to use the newest version of Pydantic
- Updated Airflow to version 2.8.1
[5.28.2] - 2024-01-25
Added
- GCP Features: Added passing controls, create issues for findings and ability to scan on a project or organization level
Changed
- Bugfix: Fixed issue in
tenable io
integration causing incorrect vulnerability counts & possible KeyErrors
[5.28.1] - 2024-01-24
Added
- Snyk CLI Integration added to ingest Snyk .xlsx exports as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
Changed
- Fixed multiple issues during FedRAMP XML and .DOCx imports
- Updated dependencies to latest versions
- Hardened docker container image
[5.28.0] - 2024-01-17
Added
- Logic during the setup process to prevent installation of the CLI if the user is not using a supported version of Python
- Google Cloud Platform integration to pull assets and findings from GCP into RegScale via
regscale gcp
Changed
- Improved memory usage by leveraging pickling instead of passing large objects between methods
- Improved batch insert and update methods for Issue model
- Updated batch insert and update methods with improved batch functionality to Asset model
- Batch issue (still defaulting to threading) is not enabled yet, but will in a subsequent release
[5.27.0] - 2024-01-13
Added
- Palo Alto/Prisma integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Rapid7/Nexpose integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Logic to wiz integration to add assessments to implementations from the data returned from Wiz
Changed
- Bugfixes:
- Compliance report could have passing and failing control ids for the same control
- Added logic to prevent crashes during Crowdstrike integration when unable to find techniques
- Issue not allowing you to run the regscale-cli container as a flask api server with
regscale-rest
entry point - Improved testing for Sicura integration
- KeyError with tag_values in the Nessus integration when no tag key is present
- Update batch insert and update methods with improved batch functionality to Asset model
- Refactored DAGs to match expected format for RegScale Automation panel
- Refactored CLI to allow pulling config from platform if running in an Airflow container
[5.26.0] - 2023-12-20
Added
- N/A
Changed
- Bugfixes:
- Error during asset creation in the STIG integration
regscale sicura sync_nodes
only worked with a record that had existing assets- False negative during
regscale validate_token
when the user was not an administrator regscale sicura sync_nodes
didn't verify providedregscale_module
before proceeding- False positive of
differences.txt
being created when no differences found duringregscale assessments
- Updated error message when using a CLI command with an invalid token in the
init.yaml
[5.25.0] - 2023-12-15
Added
- Support for ingesting Burp Suite scan results into RegScale using
regscale burp
- Ability to sync compliance posture for Crowdstrike with CSF and NIST 800-53R5 frameworks via
regscale crowdstrike sync_compliance
- Sicura integration to sync nodes and scans into RegScale as Assets and Security Checks via
regscale sicura
Changed
- Refactored
regscale assessments
for better performance and maintainability - Bugfix: Changed approach on concatenating urls in
regscale catalog update
- Bugfix: Incorrectly parsing userId from service account token when using
regscale login --token
- Bugfix: Ensure the compliance score data is populating correctly
regscale tenable io sync_compliance_controls
[5.24.0] - 2023-11-29
Added
- Total Available Ram to the
env_info
command - TenableNessusId and BurpId to the Issues data model
- Internal notification during release workflow
Changed
- Fixed Bug causing control implementations to error during creation whilst using FedRAMP docx import
- Added progress bars to the
regscale catalog update
command for real time feedback during the process
[5.23.1] - 2023-11-14
Added
regscale env_info
command to display the current environment information running the RegScale CLI
Changed
- Optimized CISA integration and data presentation
- Rewrote the update catalog command to be more efficient and granular
- Bugfixes:
- Added default timeout of 60 for all API requests
- Add scan file as artifact to SSP
- Fixed issue in Plugin integration model with a non Optional field
- Improved error handling during the Wiz integration
[5.23.0] - 2023-11-08
Added
tenable nessus
Tenable Nessus support added to RegScale. Imports Nessus scans and assets to RegScale and creates issues if significant vulnerabilities are found
Changed
- Bugfixes:
- Code cleanup during Wiz integration that caused GraphQL errors and inconsistencies
- Added more checks when analyzing data from Wiz to prevent duplicate issues in RegScale
[5.22.0] - 2023-11-01
Added
- N/A
Changed
- Bugfixes:
- Fixed issue where uploaded files to RegScale via CLI was missing the Upload Date
- Fixed issue causing FedRAMP docx not working until a version selection was made
[5.21.1] - 2023-10-31
Added
regscale-dev make-docs
command to create Sphinx documentation for the RegScale CLI
Changed
- Bugfix: Fixed issue causing FedRAMP docx import to fail during system role parsing
[5.21.0] - 2023-10-24
Added
regscale-dev analyze
command to analyze the maintainability, tech debt, and other metrics of the RegScale-CLI codebasesend reminders
dag in airflow to sends reminder email for any Assessments, Issues, Tasks, Data Calls, Security Plans, and Workflows for the users that have email notifications enabled
Changed
- Color for
regscale control_editor
to gray regscale-dev calculate-start-time
now defaults to a0
instead of aNone
if the regex is not met- Wiz issues are now merged by the issue type, the individual Wiz ID's will show up in the issue description
[5.20.2] - 2023-10-18
Added
- Added two new fields to asset data model to match RegScale asset data model
- Diagram Level
- Location
Changed
- N/A
[5.20.1] - 2023-10-12
Added
- Ability to add Control Owner during
regscale control_editor
- Highlighted columns in Excel workbook indicating editable data when using
regscale control_editor
Changed
- Bugfix: Fixed errors causing Wiz to crash when fetching all items
[5.20.0] - 2023-10-10
Added
- Logic to parse date during license validation to support different date formats
Changed
regscale init
now defaults to passed domain and will also log in with a token if passed and skip-prompts is passed- Updated Airflow to version 2.7
- Bugfix: Fixed issue with
regscale-dev calculate-start-time
on different linux distributions - Bugfix: Improved error handling when using
regscale-rest
uploader pages - [BETA] Regscale-CLI REST Server Docker image
- Bugfix: Fixed console log during Jira integration always showing a 0 when updaing issues in RegScale
[5.19.0] - 2023-10-02
Added
- STIG Uploader page that supports single .ckl and .zip file uploads in
regscale-rest
- FedRAMP Rev4 .docx SSP uploader in
regscale-rest
Changed
- Bugfix: Fixed issue causing
regscale-rest
not to load .html templates - Bugfix: Fixed issues in Tenable integration causing unexpected crashes
- Bugfix: STIG crashes, optimization and ability to recursively search directory for .ckl files if not found at provided parent directory
- Bugfix: Fixed multiple crash points experienced during FedRAMP Rev 4 .docx SSP import in
fedramp load-fedramp-docx
[5.18.2] - 2023-09-26
Added
- Support for Tenable.io to existing Tenable integration
- New data model for Risks
regscale-dev
Click command for testing the speed and performance of the RegScale CLIregscale[airflow-sqlserver]
extra to allow for SQL Server integration with Airflow, while not requiring it for airflow
Changed
- Bugfix: Removed bugs causing
regscale migrations
to fail while optimizing the workflow - Improved AWS integration performance
- Bugfix: Removed creation of duplicate assets and checklists
[5.18.1] - 2023-09-21
Added
- N/A
Changed
- Removed
|
operator to prevent crashes while using the CLI with Python 3.9
[5.18.0] - 2023-09-20
Added
- Add [airflow-azure] extra for managing Azure Airflow deployments
- Logic to
nist sort_control_ids
command to retry failed controls
Changed
- Optimized:
regscale nist sort_control_ids
command to iterate all controls one time while sorting the control ids instead of multiple loops - Enhancement: Save wiz json data to RegScale properties instead of dumping to description field
- Wiz Enhancements:
- Save wiz json data to RegScale properties instead of dumping to description field
- Refactoring code for readability and bugfixes
- GitHub Workflows related to airflow
- Bugfix: Fixed issue while processing system roles in
regscale fedramp load-fedramp-docx
[5.17.1] - 2023-09-13
Added
- Description for the
regscale upload_file
command - [BETA] Added Crowdstrike integration to pull incidents from Crowdstrike as incidents and assets in RegScale
Changed
- Removed remaining getAll calls from STIG integration
- Bugfixes in STIG integration
- Bugfix in the FedRAMP parse .docx command
[5.17.0] - 2023-09-13
Added
- Added
regscale upload_file
to upload a file to RegScale that will parse embedded base64 tags and upload them as well - Added functionality to
SecurityPlan
class to create new ssp from an SSP model - Added ability to upload files via requests to RegScale-CLI REST API
- Added a File Upload GUI to the RegScale-CLI REST API
- Added log message when validating token
Changed
- Improved url normalizing to support domain without trailing slash in init.yaml
- Replaced all getAll calls in the CLI because of their removal in RegScale
- Bugfix: Fixed errors encountered during FedRAMP .docx importing to RegScale
- Bugfix: Unable to authenticate with Wiz
[5.15.0] - 2023-08-22
Added
- Airflow DAG to reset init.yaml if needed
Changed
- Updated DAG setup method to correct for a bug
- Streamlined Airflow Dockerfile for cloud deployment
- Fixed a merge error artifact in Dockerfile.ironbank
- Added handling in airflow_init.sh to create database if it does not exist
- DAG docstring updates for knowing required params on platform
- Expanded DAG timeout execution to 3 hours
regscale init
modified to properly set domain from env or if passed- Added helpful console outputs and instructions when running API client via
regscale-rest
- Refactored
regscale catalog update
for a better and faster user experience - Bugfixes: updated multiple bugs encountered during the catalog update
[5.14.1] - 2023-08-18
Added
- Better error handling when logging into RegScale
- Parsing userId from the token when logging in with a token and now saves it to init.yaml
- Added mfa_token parameter to the
regscale init
command
Changed
- Bugfix: If using
regscale login
with environment variables, the domain will now be saved to init.yaml to prevent future errors during a workflow - Removed
REGSCALE_USERNAME
occurrences to useREGSCALE_USER
instead
[5.14.0] - 2023-08-15
Added
- Added SonarCloud integration along with Airflow DAG to pull in SonarCloud issues
Changed
- Fixed issue for Airflow DAGs that were not running due to incorrect config template
- Various bugfixes for catalog updater
[5.13.1] - 2023-08-10
Added
- Additional logging for interactions with Salesforce when uploading attachments
- Airflow DAGs to separate CISA operations into separate DAGs
- Added Dependabot to scan GitHub repo via CLI, DAGs, and REST API
Changed
- Bugfix: corrected issue in ReadMe.io version workflow that preventing the version to be updated during release
- Temporarily removed SQL Server integration until dependency conflict is resolved
- Bugfix: Fixed issue in Salesforce integration causing duplicate attachments in Salesforce & updated console outputs during task
[5.13.0] - 2023-08-08
Added
- [BETA] Functionality to update existing catalogs in RegScale via CLI command
- [BETA] Added Salesforce integration to sync Cases in Salesforce and Issues in RegScale along with attachments
- Airflow DAGs to pull in Recommendations, Alerts from Microsoft Defender 365 and Alerts from Defender for Cloud
- Added sql server integration
- Added workflow model and workflow helper functions
Changed
- Bugfix: fixed dags that were experiencing issues during execution
- Updated FedRAMP integration to include more information in SSP in RegScale
- Refactored data models of RegScale objects to use Pydantic
[5.12.1] - 2023-08-02
Added
- N/A
Changed
- Removed duplicate workflow that updates changelog in ReadMe.io
- Bugfix: Jira workflow now uploads attachments when creating new issues in RegScale
- Refactored
delete_file
function inregscale assessments
integration to prevent trying to delete an entire directory
[5.12.0] - 2023-08-02
Added
- Added the ability to pull
REGSCALE_USERNAME
,REGSCALE_PASSWORD
andREGSCALE_DOMAIN
from the environment variables to streamlineregscale login
andregscale init
commands- Added an optional param to
regscale login
:domain
- if the environment or param options are not populated for
--domain
orREGSCALE_DOMAIN
,regscale login
will parsedomain
frominit.yaml
- If
REGSCALE_USERNAME
,REGSCALE_PASSWORD
environment variables are not populated, theregscale login
will revert back to prompting the user for username & password
- Added an optional param to
- Added Wiz issues and inventory Dags for running wiz through the airflow pipeline
- Added attachment syncing in the Jira integration to sync issue's attachments between RegScale and Jira
Changed
- Updated Dockerfile to install all dependencies unless
--build-arg="EXTRA=<extra>"
is specified, this allows the container to run AirFlow, Flask API Server and defaults to the CLI - Changed the flask server to run on port "0.0.0.0" instead of "localhost"/"127.0.0.1" so it can be bound to a local port while running in a Docker container
- Refactored CLI to use the RegScaleAuth pydantic class for Platform authentication
- Refactored login command to check provided token's validity before saving to init.yaml
- Fix Typo in servicenow integration.
- Bugfix: fixed keyError possibility with wizIssuesReportId
- Bugfix: None properties causing index error in Wiz integration
- Removed dynamically created dags from Airflow
- Updated Jira integration to be bidirectional, issues can be created in RegScale from a Jira board
[5.11.0] - 2023-07-19
Added
- Airflow Documentation and default configurations as well as a
yesterday()
function for scheduling yesterday - Airflow image is pushed to Dockerhub
- Airflow DAGs for Tenable, GitLab & Wiz integrations
Changed
- Bugfix: fixed issue when trying to login with a
token
instead ofusername
&password
- Bugfix: fixed error when trying to run CLI flask application
- Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.
[5.10.0] - 2023-07-12
Added
regscale version
command to quickly print the version of RegScale-CLI installed- File monitoring tools for development, along with
watchdog
dev dependency and adev
submodule for development help - Added file utilities to print contents
Changed
- [BETA]
regscale-rest
command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml - Fixed issue with GitLab url variable naming
- Bugfix: Implemented logic to fix AWS integration
[5.9.0] - 2023-07-05
Added
- N/A
Changed
- Fixed missing commands for GitLab integration
- Added support for the new DOD catalog
- Fixed bug with SSP level option id's not being set properly in
STIG
integration - Replaced
click.argument
withclick.option
inregscale oscal component
[5.8.0] - 2023-06-27
Added
regscale[server]
extra capable of runningregscale-server
, which launches a REST API- this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
- if no params on the command, then
GET
method is assumed. - This will work with the current init.yaml if ran in the same directory
- This can also work with the future AppConfig.
- POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
- Evidence Build_Package Command for FEDRamp go to market audit process
- GitLab integration to pull issues into RegSCale with or without links from description
Changed
- Updated error handling for Wiz when invalid credentials provided
- Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
- Refactored catalog utils, replaced
export
verbiage todownload
- Refactored and fixed bugs in test_poam_editor.py for better test execution
[5.7.0] - 2023-06-21
Added
- jwt-token parameter for regscale login command
- Timeout parameter for
get_all_from_module
function inregscale.core.utils.app_utils.py
Changed
- regscale login command to use a jwt-token parameter
- Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
- Updated and refactored Assessment Editor CLI feature and testing coverage
- Changed starlette version from 0.26.1 to 0.27.0
- Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
- Fixed bug for OSCAL components being updating in RegScale
[5.6.1] - 2023-06-07
Added
- N/A
Changed
- Fixed bug with Wiz issues and assets
[5.6.0] - 2023-06-07
Added
- Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
- Azure Intune Support
- Query devices from Intune and sync with RegScale
- If a device is not compliant, a RegScale issue will be created
- Added Azure tests
Changed
- Removed duplicate workflow for updating changelog in ReadMe.io
- Fixed issue with Intune integration where assets and issues could be duplicated.
- Fixed incorrect string on click parent id description.
- Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
- Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.
[5.5.0] - 2023-05-31
Added
AppConfig
class example with basic auth- Workflow to automatically update the
CHANGELOG (CLI)
on ReadMe.io when a new release is created - Workflow to automatically update the version on ReadMe.io when a new release is created
Changed
- N/A
[5.X.X] - 2023-07-XX
Added
- Airflow Documentation and default configurations as well as a
yesterday()
function for scheduling yesterday - Airflow image is pushed to Dockerhub
- Airflow DAGs for Tenable, GitLab & Wiz integrations
Changed
- Bugfix: fixed issue when trying to login with a
token
instead ofusername
&password
- Bugfix: fixed error when trying to run CLI flask application
- Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.
[5.10.0] - 2023-07-12
Added
regscale version
command to quickly print the version of RegScale-CLI installed- File monitoring tools for development, along with
watchdog
dev dependency and adev
submodule for development help - Added file utilities to print contents
Changed
- [BETA]
regscale-rest
command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml - Fixed issue with GitLab url variable naming
- Bugfix: Implemented logic to fix AWS integration
[5.9.0] - 2023-07-05
Added
- N/A
Changed
- Fixed missing commands for GitLab integration
- Added support for the new DOD catalog
- Fixed bug with SSP level option id's not being set properly in
STIG
integration - Replaced
click.argument
withclick.option
inregscale oscal component
[5.8.0] - 2023-06-27
Added
regscale[server]
extra capable of runningregscale-server
, which launches a REST API- this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
- if no params on the command, then
GET
method is assumed. - This will work with the current init.yaml if ran in the same directory
- This can also work with the future AppConfig.
- POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
- Evidence Build_Package Command for FEDRamp go to market audit process
- GitLab integration to pull issues into RegSCale with or without links from description
Changed
- Updated error handling for Wiz when invalid credentials provided
- Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
- Refactored catalog utils, replaced
export
verbiage todownload
- Refactored and fixed bugs in test_poam_editor.py for better test execution
[5.7.0] - 2023-06-21
Added
- jwt-token parameter for regscale login command
- Timeout parameter for
get_all_from_module
function inregscale.core.utils.app_utils.py
Changed
- regscale login command to use a jwt-token parameter
- Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
- Updated and refactored Assessment Editor CLI feature and testing coverage
- Changed starlette version from 0.26.1 to 0.27.0
- Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
- Fixed bug for OSCAL components being updating in RegScale
[5.6.1] - 2023-06-07
Added
- N/A
Changed
- Fixed bug with Wiz issues and assets
[5.6.0] - 2023-06-07
Added
- Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
- Azure Intune Support
- Query devices from Intune and sync with RegScale
- If a device is not compliant, a RegScale issue will be created
- Added Azure tests
Changed
- Removed duplicate workflow for updating changelog in ReadMe.io
- Fixed issue with Intune integration where assets and issues could be duplicated.
- Fixed incorrect string on click parent id description.
- Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
- Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.
[5.5.0] - 2023-05-31
Added
AppConfig
class example with basic auth- Workflow to automatically update the
CHANGELOG (CLI)
on ReadMe.io when a new release is created - Workflow to automatically update the version on ReadMe.io when a new release is created
Changed
- N/A
[5.4.0] - 2023-05-25
Added
- AppConfig and Providers class to be implemented with new platform config endpoint
- RegScaleAuth class that can be used with
RegScaleAuth.authenticate()
to return a RegScaleAuth object authenticated via env vars.- includes
.refresh()
to refresh a new token .token
property returns auth_token secret value,.username
is RegScale user and.password
is RegScale password as aSecretStr
.- domain is retrieved from
REGSCALE_DOMAIN
and it can be 'dev' for dev.regscale.io or 'yourcompany.regscale.io'
- includes
- generate_regscale_domain_url(domain: str) will generate an f-string to {REGSCALE_DOMAIN}.regscale.io with no default it raises an error
regscale.core.static.regex
<- precompiled regexes for use elsewhereregscale.core.utils.urls
<-generate_regscale_domain_url
AppConfig
class example with basic auth- modified the GitHub tests workflow to test the RegScale submodule and all the tests therein
- add tests for new methods
Changed
- Updated requests to 2.31.0
- Refactored send_reminders, compare_files, emass, nist_catalog, jira, qualys, okta and service now integrations for SDK
usage - Fixed bug during Okta token generation
[5.3.1] - 2023-05-18
Added
- N/A
Changed
- Updated control sort Id to verify any previous sort Ids are correct before updating them
[5.3.0] - 2023-05-17
Added
- N/A
Changed
- Updated UBI docker image to use newer version with less vulnerabilities
- Refactored and optimized uploading file to RegScale via CLI
[5.2.1] - 2023-05-12
Added
- Additional checks and validations to the STIG integration
- Install options for Airflow and Ansible
- Option to process FedRAMP catalogs in OSCAL integration
Changed
- Fixed bug in FedRAMP integration
[5.2.0] - 2023-05-10
Added
- N/A
Changed
- Revamped Fedramp testing and improved testing for FedRAMP integration
- Improved testing for CISA integration
- Changed version for Cryptography dependency to prevent conflict with OpenSSL
[5.1.0] - 2023-05-04
Added
- Testing for Wiz integration
- AWS Security Hub integration & tests
- Sync findings from AWS security hub to a RegScale security plan
- SSP implementations will update and issues will be created if desired
Changed
- Completely refactored the CLI for better performance and maintainability
- Removed unused dependencies from requirements.txt
- Updated docker build process to remove setuptools after install, this removes a moderate vulnerability for the Python
3.9 image - Updated handling of GraphQL query timeout errors and increased GraphQL query timeout on the API Graph call
[5.0.0] - 2023-04-25
Added
- N/A
Changed
- Bug Fix: Fixed docker hub release workflow and removed critical vulnerability in docker image
- Updated testing coverage to include testing for the Qualys integration & catalog functionality
[4.26.1] - 2023-04-20
Added
- N/A
Changed
- Bug Fix: Fixed control implementations duplicating during OSCAL import
- Updated Catalog tools to pull data from cloud storage instead of a local file for easier maintenance
- Updated Wiz functionality to properly link to assets along with Checks and Remediation info in the POAM tab of the
issue
[4.26.0] - 2023-04-19
Added
- Added catalog command to allow users to export, compare and diagnose catalogs
Changed
- Bug Fix: Added verify flag to download_file function to prevent errors during download
- Bug Fix: Correctly upload components and update changed component control implementations
- Moved testing artifacts to Azure blob
- Implemented more tests during update to ensure application integrity
[4.25.1] - 2023-04-13
Added
- Added STIG integration to pull assets, issues and security checklists data into RegScale and update implementations
from STIG Checklist rules. - Added at STIG test
- Added command to
get_template
for the eMASS Control Template in the eMASS integration
Changed
- Update workflow test yaml
- Bug fix: Fixed error handling when fetching assets when no assets were associated to the provided record
- Changed
query_vuln
command in Qualys integration tosync_qualys
to better reflect the function of the command - Updated final output message to include # of rows not populated during
populate_controls
in eMASS integration - Bug fix: updated SBOM workflow to leverage secrets
- Bug fix: Fixed issues encountered during the test_evidence.py
[4.25.0] - 2023-04-12
Added
- Added Qualys integration to pull assets & vulnerabilities data into RegScale from Qualys
Changed
- Bug fix: Fixed issue in evidence.py integration
- Bug fix: Fixed issue in api.py causing errors during Wiz workflow
- Enhancement: Updated logic and performance throughout the CLI
[4.24.1] - 2023-04-06
Added
- N/A
Changed
- Bug fix: Fixed issue causing docker build to script to hang during build process
- Bug fix: Changed setup.py to parse requirements.txt to prevent version conflicts
- Bug fix: removed | operand in Api.py to support Python 3.9
[4.24.0] - 2023-04-05
Added
- N/A
Changed
- Bug fix: Update objective filter to ensure Rev 5 enhancement objectives are populating.
- Updated domain for tests to use the correct DEV instance
- Changed test catalog for test_oscal.py to a smaller catalog to speed up testing
[4.23.0] - 2023-03-28
Added
- N/A
Changed
- Upgrade upload_sbom.py to prevent false negatives and better log status code of unsuccessful API call
- Bug fix: Update CISA Alerts integration to handle updated CISA.gov website
[4.22] - 2023-03-23
Added
- Add copyright notice to ssp_management.py
Changed
- Bug fix: Enforce Path type for input and output in oscal cli wrapper
- Bug fix: Update Tenable integration
- Refactor assessment editor
[4.20.1] - 2023-03-11
Added
- New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
- Added generation of Red Hat Universal Baseline Image (UBI) dockerfile
Changed
- Update build process to also generate Red Hat Universal Baseline Image (UBI)
[4.20.0] - 2023-03-07
Added
- New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
[4.20.0] - 2023-03-08
Changed
- Provide helpful Alien Vault error on failed API key
- Revised populating eMASS SSP spreadsheet assessment fields to highlight cells missing data and adding comments of what
needed to be done by the user - Updated Wiz integration: import SecurityChecks and Recommended Actions to RegScale Issues; concatenate imported
securityChecks with updated Wiz control IDs; update default Wiz report age - Updated missing docstrings and missing function typing
[4.19.2] - 2023-03-03
Changed
- Bug Fix: Implemented logic to get the correct sort id for older catalogs in nist sort_control_ids
[4.19.0] - 2023-03-01
Added
- New [BETA] Alien Vault OTX threat integration to pull pulse information into RegScale
- New [BETA] Update an eMASS controls formatted workbook with controls with assessments from RegScale with the provided
SSP ID
Changed
- Security: Removed credentials used for testing integrations replacing with GitHub action secrets
- Bug Fix: Control Editor problem preventing spreadsheet generation
- Refactored Control Editor to use GraphQL
[4.18.2] - 2023-02-24
Changed
- Bug Fix: Improve FedRAMP import with better handling of exceptions.
[4.18.1] - 2023-02-23
Changed
- Bug Fix: Correct parsing of FedRAMP OSCAL catalogues
- Updated GraphQL query and logic for send_reminders function
- Updated docstrings for reformat_str_date function
- Corrected typo in CHANGELOG
[4.18.0] - 2023-02-22
Added
- New support for OSCAL 1.0.4 and the Austrailian ISM catalog
- New support for editing assessments in a spreadsheet external to RegScale
- Add --obj_to_control option to oscal command to convert 800-53 objectives to controls during catalogue import
- Add --new_catalog_name option to oscal command to define catalogue name during import
Changed
- Bug Fix: Correct parsing of NIST 800-53 Rev 5 objectives and parameters
- Improve outputs of OSCAL import to be clearer and more concise during the workflow
- Update package testing instructions in README
- Update docker tag to "latest"
[4.17.2] - 2023-02-20
Changed
- Revised order of Python libraries
[4.17.0] - 2023-02-15
Changed
- Bug Fix: Updated logs & console output for encrypt/decrypt and fixed bug causing user to set their password twice for
the first time
[4.16.2] - 2023-02-09
Changed
- Bug Fix: Fixed bug in GraphQL function when normalizing the provided URL
[4.16.1] - 2023-02-09
Changed
- Bug Fix: Refactored evidence CLI to prevent code from executing prematurely
[4.16.0] - 2023-02-08
Added
- New Microsoft 365 Defender to pull alerts from Microsoft 365 into RegScale
- New GitHub NPM audit scan integration to create assessments and related issues in RegScale from NPM audit scan of main
branch - New sort CLI to batch sort in natural order NIST controls
- Added better error handling to api.graph
- Added additional links to readme.io docs
- Added links to internal CLI developer standards and GraphQL documentation
Changed
- Bug Fix: Fix failed jiraId keyError
- Bug Fix: Fix OSCAL import test
- Bug Fix: Change click sequence to fix broken test_evidence imports
- Improve OSCAL CLI to load Australian ISM catalog
- Change threaded process terminal output to prevent excessive threaded pool warnings
- Improve testing of evidence CLI
- Update cryptography library
[4.15.2] - 2023-02-3
Changed
- Changed default mapping of control status from imported FedRAMP SSP to Not Implemented
[4.15.1] - 2023-02-1
Changed
- Bug Fix: Fix the CLI looking for file dump path that does not exist
- Bug Fix: Fix the list of acceptable file types was too limited for FedRAMP documents
- Bug Fix: Update build script to properly handle all sections of version
[4.15.0] - 2023-01-31
Added
- Added check for maxThreads to prevent users from being IP-banned by CISA
Changed
- Bug Fix: Fix incorrect login credentials error message
- Fixed typos throughout the application and duplicate periods within console
- Improved Wiz integration to prevent duplicate record creation and other enhancements
[4.14.0] - 2023-01-24
Added
- New GitHub Dependabot integration to import Depandabot found package vulnerabilities into RegScale
- Added special data migration script to support many to may inheritance
Changed
- Bug Fix: Errors between RegScale-CLI and RegScale with Tenable methods
- Bug Fix: Cognito log in error
[4.13.0] - 2023-01-19
RegScale-CLI 4.13.0 adds new integrations, and refactors the application
for greater long term extensibility
The big leap in version number synchronizes RegScale-CLI version with RegScale version.
IMPORTANT: init.yaml parameter names changed in 4.13.0.
Certain init.yaml
parameters changed in 4.13.0 to standardize parameter names to camelCase.
RegScale-CLI automatically adds in new and missing parameters and leaves existing parameters in place.
Be sure to check and update your existing init.yaml
parameters.
Method 1 – move, generate, diff, and manually edit
# move init.yaml to backup
mv init.yaml init-bak.yaml
# generate fresh init.yaml
regscale init
# diff backup to fresh to see changes
diff init-bak.yaml init.yaml
# manually edit init.yaml to copy values from params back up to new params in fresh init.yaml
Method 2 – add new and manually edit
# run regscale to add in new/missing params
regscale about
# manually edit init.yaml to copy values around from old params into new params
Added
- New Okta integration to pull different users from Okta core API
- New FedRAMP SSP docx import to RegScale support
- New Azure Microsoft Defender for Cloud to pull alerts from Azure into RegScale
- New initialization workflow for setting up RegScale CLI
- Added workflows to reminder command
- Added bulk control editing via Excel
- Added persistent CHANGELOG file for releases
- Added Microsoft Defender for Cloud (DFC) integration that will create issues in RegScale for DFC alerts
Changed
- Removed support for Python 3.8 to support Python typing
- Bug Fix: Include missing requirements
- Bug Fix: Replaced built in tuple for Python 3.8 crashes
- Bug Fix: Minor bug fixes for functions throughout the application
- Bug Fix: Standardize to Python Yaml "pyaml" package to correct packaging issue
- Bug Fix: Automatically create directory "static" required by Python Fitz package
- Renamed platform to admin_actions
- Sync CLI version number to RegScale version number
- Application refactor, restructure and standardization
- Improved speed performance of Jira, Migrations, Wiz and OSCAL integrations with multithreading
- Fixed typos in Doc Strings and standardized Doc String and user feedback usage of periods
[1.3.8] - 2023-01-10
Added
- N/A
Changed
- Bug Fix: Correct oscal_cli_path default
[1.3.7] - 2022-12-22
Added
- N/A
Changed
- Bug Fix: replaced tuple with Tuple to fix crash in Python 3.8
[1.3.6] - 2022-12-19
Added
- N/A
Changed
- Bug Fix: Added missing keys to init.yaml