PyPI - regscale-cli - Versions diffs - 6.16.0.0__py3-none-any.whl - Mend

regscale-cli 6.16.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (481) hide show

regscale/__init__.py +1 -0
regscale/airflow/__init__.py +9 -0
regscale/airflow/azure/__init__.py +9 -0
regscale/airflow/azure/cli.py +89 -0
regscale/airflow/azure/upload_dags.py +116 -0
regscale/airflow/click_dags.py +127 -0
regscale/airflow/click_mixins.py +82 -0
regscale/airflow/config.py +25 -0
regscale/airflow/factories/__init__.py +0 -0
regscale/airflow/factories/connections.py +58 -0
regscale/airflow/factories/workflows.py +78 -0
regscale/airflow/hierarchy.py +88 -0
regscale/airflow/operators/__init__.py +0 -0
regscale/airflow/operators/click.py +36 -0
regscale/airflow/sensors/__init__.py +0 -0
regscale/airflow/sensors/sql.py +107 -0
regscale/airflow/sessions/__init__.py +0 -0
regscale/airflow/sessions/sql/__init__.py +3 -0
regscale/airflow/sessions/sql/queries.py +64 -0
regscale/airflow/sessions/sql/sql_server_queries.py +248 -0
regscale/airflow/tasks/__init__.py +0 -0
regscale/airflow/tasks/branches.py +22 -0
regscale/airflow/tasks/cli.py +116 -0
regscale/airflow/tasks/click.py +73 -0
regscale/airflow/tasks/debugging.py +9 -0
regscale/airflow/tasks/groups.py +116 -0
regscale/airflow/tasks/init.py +60 -0
regscale/airflow/tasks/states.py +47 -0
regscale/airflow/tasks/workflows.py +36 -0
regscale/ansible/__init__.py +9 -0
regscale/core/__init__.py +0 -0
regscale/core/app/__init__.py +3 -0
regscale/core/app/api.py +571 -0
regscale/core/app/application.py +665 -0
regscale/core/app/internal/__init__.py +136 -0
regscale/core/app/internal/admin_actions.py +230 -0
regscale/core/app/internal/assessments_editor.py +873 -0
regscale/core/app/internal/catalog.py +316 -0
regscale/core/app/internal/comparison.py +459 -0
regscale/core/app/internal/control_editor.py +571 -0
regscale/core/app/internal/encrypt.py +79 -0
regscale/core/app/internal/evidence.py +1240 -0
regscale/core/app/internal/file_uploads.py +151 -0
regscale/core/app/internal/healthcheck.py +66 -0
regscale/core/app/internal/login.py +305 -0
regscale/core/app/internal/migrations.py +240 -0
regscale/core/app/internal/model_editor.py +1701 -0
regscale/core/app/internal/poam_editor.py +632 -0
regscale/core/app/internal/workflow.py +105 -0
regscale/core/app/logz.py +74 -0
regscale/core/app/utils/XMLIR.py +258 -0
regscale/core/app/utils/__init__.py +0 -0
regscale/core/app/utils/api_handler.py +358 -0
regscale/core/app/utils/app_utils.py +1110 -0
regscale/core/app/utils/catalog_utils/__init__.py +0 -0
regscale/core/app/utils/catalog_utils/common.py +91 -0
regscale/core/app/utils/catalog_utils/compare_catalog.py +193 -0
regscale/core/app/utils/catalog_utils/diagnostic_catalog.py +97 -0
regscale/core/app/utils/catalog_utils/download_catalog.py +103 -0
regscale/core/app/utils/catalog_utils/update_catalog.py +718 -0
regscale/core/app/utils/catalog_utils/update_catalog_v2.py +1378 -0
regscale/core/app/utils/catalog_utils/update_catalog_v3.py +1272 -0
regscale/core/app/utils/catalog_utils/update_plans.py +334 -0
regscale/core/app/utils/file_utils.py +238 -0
regscale/core/app/utils/parser_utils.py +81 -0
regscale/core/app/utils/pickle_file_handler.py +57 -0
regscale/core/app/utils/regscale_utils.py +319 -0
regscale/core/app/utils/report_utils.py +119 -0
regscale/core/app/utils/variables.py +226 -0
regscale/core/decorators.py +31 -0
regscale/core/lazy_group.py +65 -0
regscale/core/login.py +63 -0
regscale/core/server/__init__.py +0 -0
regscale/core/server/flask_api.py +473 -0
regscale/core/server/helpers.py +373 -0
regscale/core/server/rest.py +64 -0
regscale/core/server/static/css/bootstrap.css +6030 -0
regscale/core/server/static/css/bootstrap.min.css +6 -0
regscale/core/server/static/css/main.css +176 -0
regscale/core/server/static/images/regscale-cli.svg +49 -0
regscale/core/server/static/images/regscale.svg +38 -0
regscale/core/server/templates/base.html +74 -0
regscale/core/server/templates/index.html +43 -0
regscale/core/server/templates/login.html +28 -0
regscale/core/server/templates/make_base64.html +22 -0
regscale/core/server/templates/upload_STIG.html +109 -0
regscale/core/server/templates/upload_STIG_result.html +26 -0
regscale/core/server/templates/upload_ssp.html +144 -0
regscale/core/server/templates/upload_ssp_result.html +128 -0
regscale/core/static/__init__.py +0 -0
regscale/core/static/regex.py +14 -0
regscale/core/utils/__init__.py +117 -0
regscale/core/utils/click_utils.py +13 -0
regscale/core/utils/date.py +238 -0
regscale/core/utils/graphql.py +254 -0
regscale/core/utils/urls.py +23 -0
regscale/dev/__init__.py +6 -0
regscale/dev/analysis.py +454 -0
regscale/dev/cli.py +235 -0
regscale/dev/code_gen.py +492 -0
regscale/dev/dirs.py +69 -0
regscale/dev/docs.py +384 -0
regscale/dev/monitoring.py +26 -0
regscale/dev/profiling.py +216 -0
regscale/exceptions/__init__.py +4 -0
regscale/exceptions/license_exception.py +7 -0
regscale/exceptions/validation_exception.py +9 -0
regscale/integrations/__init__.py +1 -0
regscale/integrations/commercial/__init__.py +486 -0
regscale/integrations/commercial/ad.py +433 -0
regscale/integrations/commercial/amazon/__init__.py +0 -0
regscale/integrations/commercial/amazon/common.py +106 -0
regscale/integrations/commercial/aqua/__init__.py +0 -0
regscale/integrations/commercial/aqua/aqua.py +91 -0
regscale/integrations/commercial/aws/__init__.py +6 -0
regscale/integrations/commercial/aws/cli.py +322 -0
regscale/integrations/commercial/aws/inventory/__init__.py +110 -0
regscale/integrations/commercial/aws/inventory/base.py +64 -0
regscale/integrations/commercial/aws/inventory/resources/__init__.py +19 -0
regscale/integrations/commercial/aws/inventory/resources/compute.py +234 -0
regscale/integrations/commercial/aws/inventory/resources/containers.py +113 -0
regscale/integrations/commercial/aws/inventory/resources/database.py +101 -0
regscale/integrations/commercial/aws/inventory/resources/integration.py +237 -0
regscale/integrations/commercial/aws/inventory/resources/networking.py +253 -0
regscale/integrations/commercial/aws/inventory/resources/security.py +240 -0
regscale/integrations/commercial/aws/inventory/resources/storage.py +91 -0
regscale/integrations/commercial/aws/scanner.py +823 -0
regscale/integrations/commercial/azure/__init__.py +0 -0
regscale/integrations/commercial/azure/common.py +32 -0
regscale/integrations/commercial/azure/intune.py +488 -0
regscale/integrations/commercial/azure/scanner.py +49 -0
regscale/integrations/commercial/burp.py +78 -0
regscale/integrations/commercial/cpe.py +144 -0
regscale/integrations/commercial/crowdstrike.py +1117 -0
regscale/integrations/commercial/defender.py +1511 -0
regscale/integrations/commercial/dependabot.py +210 -0
regscale/integrations/commercial/durosuite/__init__.py +0 -0
regscale/integrations/commercial/durosuite/api.py +1546 -0
regscale/integrations/commercial/durosuite/process_devices.py +101 -0
regscale/integrations/commercial/durosuite/scanner.py +637 -0
regscale/integrations/commercial/durosuite/variables.py +21 -0
regscale/integrations/commercial/ecr.py +90 -0
regscale/integrations/commercial/gcp/__init__.py +237 -0
regscale/integrations/commercial/gcp/auth.py +96 -0
regscale/integrations/commercial/gcp/control_tests.py +238 -0
regscale/integrations/commercial/gcp/variables.py +18 -0
regscale/integrations/commercial/gitlab.py +332 -0
regscale/integrations/commercial/grype.py +165 -0
regscale/integrations/commercial/ibm.py +90 -0
regscale/integrations/commercial/import_all/__init__.py +0 -0
regscale/integrations/commercial/import_all/import_all_cmd.py +467 -0
regscale/integrations/commercial/import_all/scan_file_fingerprints.json +27 -0
regscale/integrations/commercial/jira.py +1046 -0
regscale/integrations/commercial/mappings/__init__.py +0 -0
regscale/integrations/commercial/mappings/csf_controls.json +713 -0
regscale/integrations/commercial/mappings/nist_800_53_r5_controls.json +1516 -0
regscale/integrations/commercial/nessus/__init__.py +0 -0
regscale/integrations/commercial/nessus/nessus_utils.py +429 -0
regscale/integrations/commercial/nessus/scanner.py +416 -0
regscale/integrations/commercial/nexpose.py +90 -0
regscale/integrations/commercial/okta.py +798 -0
regscale/integrations/commercial/opentext/__init__.py +0 -0
regscale/integrations/commercial/opentext/click.py +99 -0
regscale/integrations/commercial/opentext/scanner.py +143 -0
regscale/integrations/commercial/prisma.py +91 -0
regscale/integrations/commercial/qualys.py +1462 -0
regscale/integrations/commercial/salesforce.py +980 -0
regscale/integrations/commercial/sap/__init__.py +0 -0
regscale/integrations/commercial/sap/click.py +31 -0
regscale/integrations/commercial/sap/sysdig/__init__.py +0 -0
regscale/integrations/commercial/sap/sysdig/click.py +57 -0
regscale/integrations/commercial/sap/sysdig/sysdig_scanner.py +190 -0
regscale/integrations/commercial/sap/tenable/__init__.py +0 -0
regscale/integrations/commercial/sap/tenable/click.py +49 -0
regscale/integrations/commercial/sap/tenable/scanner.py +196 -0
regscale/integrations/commercial/servicenow.py +1756 -0
regscale/integrations/commercial/sicura/__init__.py +0 -0
regscale/integrations/commercial/sicura/api.py +855 -0
regscale/integrations/commercial/sicura/commands.py +73 -0
regscale/integrations/commercial/sicura/scanner.py +481 -0
regscale/integrations/commercial/sicura/variables.py +16 -0
regscale/integrations/commercial/snyk.py +90 -0
regscale/integrations/commercial/sonarcloud.py +260 -0
regscale/integrations/commercial/sqlserver.py +369 -0
regscale/integrations/commercial/stig_mapper_integration/__init__.py +0 -0
regscale/integrations/commercial/stig_mapper_integration/click_commands.py +38 -0
regscale/integrations/commercial/stig_mapper_integration/mapping_engine.py +353 -0
regscale/integrations/commercial/stigv2/__init__.py +0 -0
regscale/integrations/commercial/stigv2/ckl_parser.py +349 -0
regscale/integrations/commercial/stigv2/click_commands.py +95 -0
regscale/integrations/commercial/stigv2/stig_integration.py +202 -0
regscale/integrations/commercial/synqly/__init__.py +0 -0
regscale/integrations/commercial/synqly/assets.py +46 -0
regscale/integrations/commercial/synqly/ticketing.py +132 -0
regscale/integrations/commercial/synqly/vulnerabilities.py +223 -0
regscale/integrations/commercial/synqly_jira.py +840 -0
regscale/integrations/commercial/tenablev2/__init__.py +0 -0
regscale/integrations/commercial/tenablev2/authenticate.py +31 -0
regscale/integrations/commercial/tenablev2/click.py +1584 -0
regscale/integrations/commercial/tenablev2/scanner.py +504 -0
regscale/integrations/commercial/tenablev2/stig_parsers.py +140 -0
regscale/integrations/commercial/tenablev2/utils.py +78 -0
regscale/integrations/commercial/tenablev2/variables.py +17 -0
regscale/integrations/commercial/trivy.py +162 -0
regscale/integrations/commercial/veracode.py +96 -0
regscale/integrations/commercial/wizv2/WizDataMixin.py +97 -0
regscale/integrations/commercial/wizv2/__init__.py +0 -0
regscale/integrations/commercial/wizv2/click.py +429 -0
regscale/integrations/commercial/wizv2/constants.py +1001 -0
regscale/integrations/commercial/wizv2/issue.py +361 -0
regscale/integrations/commercial/wizv2/models.py +112 -0
regscale/integrations/commercial/wizv2/parsers.py +339 -0
regscale/integrations/commercial/wizv2/sbom.py +115 -0
regscale/integrations/commercial/wizv2/scanner.py +416 -0
regscale/integrations/commercial/wizv2/utils.py +796 -0
regscale/integrations/commercial/wizv2/variables.py +39 -0
regscale/integrations/commercial/wizv2/wiz_auth.py +159 -0
regscale/integrations/commercial/xray.py +91 -0
regscale/integrations/integration/__init__.py +2 -0
regscale/integrations/integration/integration.py +26 -0
regscale/integrations/integration/inventory.py +17 -0
regscale/integrations/integration/issue.py +100 -0
regscale/integrations/integration_override.py +149 -0
regscale/integrations/public/__init__.py +103 -0
regscale/integrations/public/cisa.py +641 -0
regscale/integrations/public/criticality_updater.py +70 -0
regscale/integrations/public/emass.py +411 -0
regscale/integrations/public/emass_slcm_import.py +697 -0
regscale/integrations/public/fedramp/__init__.py +0 -0
regscale/integrations/public/fedramp/appendix_parser.py +548 -0
regscale/integrations/public/fedramp/click.py +479 -0
regscale/integrations/public/fedramp/components.py +714 -0
regscale/integrations/public/fedramp/docx_parser.py +259 -0
regscale/integrations/public/fedramp/fedramp_cis_crm.py +1124 -0
regscale/integrations/public/fedramp/fedramp_common.py +3181 -0
regscale/integrations/public/fedramp/fedramp_docx.py +388 -0
regscale/integrations/public/fedramp/fedramp_five.py +2343 -0
regscale/integrations/public/fedramp/fedramp_traversal.py +138 -0
regscale/integrations/public/fedramp/import_fedramp_r4_ssp.py +279 -0
regscale/integrations/public/fedramp/import_workbook.py +495 -0
regscale/integrations/public/fedramp/inventory_items.py +244 -0
regscale/integrations/public/fedramp/mappings/__init__.py +0 -0
regscale/integrations/public/fedramp/mappings/fedramp_r4_parts.json +7388 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_params.json +8636 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_parts.json +9605 -0
regscale/integrations/public/fedramp/mappings/system_roles.py +34 -0
regscale/integrations/public/fedramp/mappings/user.py +175 -0
regscale/integrations/public/fedramp/mappings/values.py +141 -0
regscale/integrations/public/fedramp/markdown_parser.py +150 -0
regscale/integrations/public/fedramp/metadata.py +689 -0
regscale/integrations/public/fedramp/models/__init__.py +59 -0
regscale/integrations/public/fedramp/models/leveraged_auth_new.py +168 -0
regscale/integrations/public/fedramp/models/poam_importer.py +522 -0
regscale/integrations/public/fedramp/parts_mapper.py +107 -0
regscale/integrations/public/fedramp/poam/__init__.py +0 -0
regscale/integrations/public/fedramp/poam/scanner.py +851 -0
regscale/integrations/public/fedramp/properties.py +201 -0
regscale/integrations/public/fedramp/reporting.py +84 -0
regscale/integrations/public/fedramp/resources.py +496 -0
regscale/integrations/public/fedramp/rosetta.py +110 -0
regscale/integrations/public/fedramp/ssp_logger.py +87 -0
regscale/integrations/public/fedramp/system_characteristics.py +922 -0
regscale/integrations/public/fedramp/system_control_implementations.py +582 -0
regscale/integrations/public/fedramp/system_implementation.py +190 -0
regscale/integrations/public/fedramp/xml_utils.py +87 -0
regscale/integrations/public/nist_catalog.py +275 -0
regscale/integrations/public/oscal.py +1946 -0
regscale/integrations/public/otx.py +169 -0
regscale/integrations/scanner_integration.py +2692 -0
regscale/integrations/variables.py +25 -0
regscale/models/__init__.py +7 -0
regscale/models/app_models/__init__.py +5 -0
regscale/models/app_models/catalog_compare.py +213 -0
regscale/models/app_models/click.py +252 -0
regscale/models/app_models/datetime_encoder.py +21 -0
regscale/models/app_models/import_validater.py +321 -0
regscale/models/app_models/mapping.py +260 -0
regscale/models/app_models/pipeline.py +37 -0
regscale/models/click_models.py +413 -0
regscale/models/config.py +154 -0
regscale/models/email_style.css +67 -0
regscale/models/hierarchy.py +8 -0
regscale/models/inspect_models.py +79 -0
regscale/models/integration_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/inspector.py +262 -0
regscale/models/integration_models/amazon_models/inspector_scan.py +206 -0
regscale/models/integration_models/aqua.py +247 -0
regscale/models/integration_models/azure_alerts.py +255 -0
regscale/models/integration_models/base64.py +23 -0
regscale/models/integration_models/burp.py +433 -0
regscale/models/integration_models/burp_models.py +128 -0
regscale/models/integration_models/cisa_kev_data.json +19333 -0
regscale/models/integration_models/defender_data.py +93 -0
regscale/models/integration_models/defenderimport.py +143 -0
regscale/models/integration_models/drf.py +443 -0
regscale/models/integration_models/ecr_models/__init__.py +0 -0
regscale/models/integration_models/ecr_models/data.py +69 -0
regscale/models/integration_models/ecr_models/ecr.py +239 -0
regscale/models/integration_models/flat_file_importer.py +1079 -0
regscale/models/integration_models/grype_import.py +247 -0
regscale/models/integration_models/ibm.py +126 -0
regscale/models/integration_models/implementation_results.py +85 -0
regscale/models/integration_models/nexpose.py +140 -0
regscale/models/integration_models/prisma.py +202 -0
regscale/models/integration_models/qualys.py +720 -0
regscale/models/integration_models/qualys_scanner.py +160 -0
regscale/models/integration_models/sbom/__init__.py +0 -0
regscale/models/integration_models/sbom/cyclone_dx.py +139 -0
regscale/models/integration_models/send_reminders.py +620 -0
regscale/models/integration_models/snyk.py +155 -0
regscale/models/integration_models/synqly_models/__init__.py +0 -0
regscale/models/integration_models/synqly_models/capabilities.json +1 -0
regscale/models/integration_models/synqly_models/connector_types.py +22 -0
regscale/models/integration_models/synqly_models/connectors/__init__.py +7 -0
regscale/models/integration_models/synqly_models/connectors/assets.py +97 -0
regscale/models/integration_models/synqly_models/connectors/ticketing.py +583 -0
regscale/models/integration_models/synqly_models/connectors/vulnerabilities.py +169 -0
regscale/models/integration_models/synqly_models/ocsf_mapper.py +331 -0
regscale/models/integration_models/synqly_models/param.py +72 -0
regscale/models/integration_models/synqly_models/synqly_model.py +733 -0
regscale/models/integration_models/synqly_models/tenants.py +39 -0
regscale/models/integration_models/tenable_models/__init__.py +0 -0
regscale/models/integration_models/tenable_models/integration.py +187 -0
regscale/models/integration_models/tenable_models/models.py +513 -0
regscale/models/integration_models/trivy_import.py +231 -0
regscale/models/integration_models/veracode.py +217 -0
regscale/models/integration_models/xray.py +135 -0
regscale/models/locking.py +100 -0
regscale/models/platform.py +110 -0
regscale/models/regscale_models/__init__.py +67 -0
regscale/models/regscale_models/assessment.py +570 -0
regscale/models/regscale_models/assessment_plan.py +52 -0
regscale/models/regscale_models/asset.py +567 -0
regscale/models/regscale_models/asset_mapping.py +190 -0
regscale/models/regscale_models/case.py +42 -0
regscale/models/regscale_models/catalog.py +261 -0
regscale/models/regscale_models/cci.py +46 -0
regscale/models/regscale_models/change.py +167 -0
regscale/models/regscale_models/checklist.py +372 -0
regscale/models/regscale_models/comment.py +49 -0
regscale/models/regscale_models/compliance_settings.py +112 -0
regscale/models/regscale_models/component.py +412 -0
regscale/models/regscale_models/component_mapping.py +65 -0
regscale/models/regscale_models/control.py +38 -0
regscale/models/regscale_models/control_implementation.py +1128 -0
regscale/models/regscale_models/control_objective.py +261 -0
regscale/models/regscale_models/control_parameter.py +100 -0
regscale/models/regscale_models/control_test.py +34 -0
regscale/models/regscale_models/control_test_plan.py +75 -0
regscale/models/regscale_models/control_test_result.py +52 -0
regscale/models/regscale_models/custom_field.py +245 -0
regscale/models/regscale_models/data.py +109 -0
regscale/models/regscale_models/data_center.py +40 -0
regscale/models/regscale_models/deviation.py +203 -0
regscale/models/regscale_models/email.py +97 -0
regscale/models/regscale_models/evidence.py +47 -0
regscale/models/regscale_models/evidence_mapping.py +40 -0
regscale/models/regscale_models/facility.py +59 -0
regscale/models/regscale_models/file.py +382 -0
regscale/models/regscale_models/filetag.py +37 -0
regscale/models/regscale_models/form_field_value.py +94 -0
regscale/models/regscale_models/group.py +169 -0
regscale/models/regscale_models/implementation_objective.py +335 -0
regscale/models/regscale_models/implementation_option.py +275 -0
regscale/models/regscale_models/implementation_role.py +33 -0
regscale/models/regscale_models/incident.py +177 -0
regscale/models/regscale_models/interconnection.py +43 -0
regscale/models/regscale_models/issue.py +1176 -0
regscale/models/regscale_models/leveraged_authorization.py +125 -0
regscale/models/regscale_models/line_of_inquiry.py +52 -0
regscale/models/regscale_models/link.py +205 -0
regscale/models/regscale_models/meta_data.py +64 -0
regscale/models/regscale_models/mixins/__init__.py +0 -0
regscale/models/regscale_models/mixins/parent_cache.py +124 -0
regscale/models/regscale_models/module.py +224 -0
regscale/models/regscale_models/modules.py +191 -0
regscale/models/regscale_models/objective.py +14 -0
regscale/models/regscale_models/parameter.py +87 -0
regscale/models/regscale_models/ports_protocol.py +81 -0
regscale/models/regscale_models/privacy.py +89 -0
regscale/models/regscale_models/profile.py +50 -0
regscale/models/regscale_models/profile_link.py +68 -0
regscale/models/regscale_models/profile_mapping.py +124 -0
regscale/models/regscale_models/project.py +63 -0
regscale/models/regscale_models/property.py +278 -0
regscale/models/regscale_models/question.py +85 -0
regscale/models/regscale_models/questionnaire.py +87 -0
regscale/models/regscale_models/questionnaire_instance.py +177 -0
regscale/models/regscale_models/rbac.py +132 -0
regscale/models/regscale_models/reference.py +86 -0
regscale/models/regscale_models/regscale_model.py +1643 -0
regscale/models/regscale_models/requirement.py +29 -0
regscale/models/regscale_models/risk.py +274 -0
regscale/models/regscale_models/sbom.py +54 -0
regscale/models/regscale_models/scan_history.py +436 -0
regscale/models/regscale_models/search.py +53 -0
regscale/models/regscale_models/security_control.py +132 -0
regscale/models/regscale_models/security_plan.py +204 -0
regscale/models/regscale_models/software_inventory.py +159 -0
regscale/models/regscale_models/stake_holder.py +64 -0
regscale/models/regscale_models/stig.py +647 -0
regscale/models/regscale_models/supply_chain.py +152 -0
regscale/models/regscale_models/system_role.py +188 -0
regscale/models/regscale_models/system_role_external_assignment.py +40 -0
regscale/models/regscale_models/tag.py +37 -0
regscale/models/regscale_models/tag_mapping.py +19 -0
regscale/models/regscale_models/task.py +133 -0
regscale/models/regscale_models/threat.py +196 -0
regscale/models/regscale_models/user.py +175 -0
regscale/models/regscale_models/user_group.py +55 -0
regscale/models/regscale_models/vulnerability.py +242 -0
regscale/models/regscale_models/vulnerability_mapping.py +162 -0
regscale/models/regscale_models/workflow.py +55 -0
regscale/models/regscale_models/workflow_action.py +34 -0
regscale/models/regscale_models/workflow_instance.py +269 -0
regscale/models/regscale_models/workflow_instance_step.py +114 -0
regscale/models/regscale_models/workflow_template.py +58 -0
regscale/models/regscale_models/workflow_template_step.py +45 -0
regscale/regscale.py +815 -0
regscale/utils/__init__.py +7 -0
regscale/utils/b64conversion.py +14 -0
regscale/utils/click_utils.py +118 -0
regscale/utils/decorators.py +48 -0
regscale/utils/dict_utils.py +59 -0
regscale/utils/files.py +79 -0
regscale/utils/fxns.py +30 -0
regscale/utils/graphql_client.py +113 -0
regscale/utils/lists.py +16 -0
regscale/utils/numbers.py +12 -0
regscale/utils/shell.py +148 -0
regscale/utils/string.py +121 -0
regscale/utils/synqly_utils.py +165 -0
regscale/utils/threading/__init__.py +8 -0
regscale/utils/threading/threadhandler.py +131 -0
regscale/utils/threading/threadsafe_counter.py +47 -0
regscale/utils/threading/threadsafe_dict.py +242 -0
regscale/utils/threading/threadsafe_list.py +83 -0
regscale/utils/version.py +104 -0
regscale/validation/__init__.py +0 -0
regscale/validation/address.py +37 -0
regscale/validation/record.py +48 -0
regscale/visualization/__init__.py +5 -0
regscale/visualization/click.py +34 -0
regscale_cli-6.16.0.0.dist-info/LICENSE +21 -0
regscale_cli-6.16.0.0.dist-info/METADATA +659 -0
regscale_cli-6.16.0.0.dist-info/RECORD +481 -0
regscale_cli-6.16.0.0.dist-info/WHEEL +5 -0
regscale_cli-6.16.0.0.dist-info/entry_points.txt +6 -0
regscale_cli-6.16.0.0.dist-info/top_level.txt +2 -0
tests/fixtures/__init__.py +2 -0
tests/fixtures/api.py +87 -0
tests/fixtures/models.py +91 -0
tests/fixtures/test_fixture.py +144 -0
tests/mocks/__init__.py +0 -0
tests/mocks/objects.py +3 -0
tests/mocks/response.py +32 -0
tests/mocks/xml.py +13 -0
tests/regscale/__init__.py +0 -0
tests/regscale/core/__init__.py +0 -0
tests/regscale/core/test_api.py +232 -0
tests/regscale/core/test_app.py +406 -0
tests/regscale/core/test_login.py +37 -0
tests/regscale/core/test_logz.py +66 -0
tests/regscale/core/test_sbom_generator.py +87 -0
tests/regscale/core/test_validation_utils.py +163 -0
tests/regscale/core/test_version.py +78 -0
tests/regscale/models/__init__.py +0 -0
tests/regscale/models/test_asset.py +71 -0
tests/regscale/models/test_config.py +26 -0
tests/regscale/models/test_control_implementation.py +27 -0
tests/regscale/models/test_import.py +97 -0
tests/regscale/models/test_issue.py +36 -0
tests/regscale/models/test_mapping.py +52 -0
tests/regscale/models/test_platform.py +31 -0
tests/regscale/models/test_regscale_model.py +346 -0
tests/regscale/models/test_report.py +32 -0
tests/regscale/models/test_tenable_integrations.py +118 -0
tests/regscale/models/test_user_model.py +121 -0
tests/regscale/test_about.py +19 -0
tests/regscale/test_authorization.py +65 -0

regscale/integrations/commercial/tenablev2/scanner.py ADDED Viewed

@@ -0,0 +1,504 @@
+"""
+Module for Tenable vulnerability scanning integration.
+"""
+import datetime
+import json
+import linecache
+import logging
+from pathlib import Path
+from typing import Any, Dict, Iterator, List, Optional, Tuple
+from tenable.errors import TioExportsError
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.core.utils.date import datetime_obj
+from regscale.integrations.commercial.nessus.nessus_utils import get_min_cvss_score, validate_nessus_severity
+from regscale.integrations.commercial.tenablev2.authenticate import gen_tio
+from regscale.integrations.commercial.tenablev2.stig_parsers import parse_stig_output
+from regscale.integrations.commercial.tenablev2.utils import get_last_pull_epoch
+from regscale.integrations.commercial.tenablev2.variables import TenableVariables
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding, ScannerIntegration
+from regscale.integrations.variables import ScannerVariables
+from regscale.models import regscale_models
+logger = logging.getLogger("regscale")
+class TenableIntegration(ScannerIntegration):
+    """Integration class for Tenable vulnerability scanning."""
+    title: str = "Tenable"
+    asset_identifier_field: str = "tenableId"
+    finding_severity_map: Dict[str, regscale_models.IssueSeverity] = {
+        "critical": regscale_models.IssueSeverity.Critical,
+        "high": regscale_models.IssueSeverity.High,
+        "medium": regscale_models.IssueSeverity.Moderate,
+        "low": regscale_models.IssueSeverity.Low,
+    }
+    def __init__(self, plan_id: int, tenant_id: int = 1, tags: Optional[List[str]] = None, **kwargs):
+        """
+        Initialize the TenableIntegration.
+        :param int plan_id: The ID of the security plan
+        :param int tenant_id: The ID of the tenant, defaults to 1
+        """
+        super().__init__(plan_id, tenant_id)
+        self.client = None
+        self.tags = tags or []
+    def authenticate(self) -> None:
+        """Authenticate to Tenable."""
+        self.client = gen_tio()
+    def fetch_assets(self, *args: Any, **kwargs: Any) -> Iterator[IntegrationAsset]:
+        """
+        Fetches Tenable assets using the Tenable.io API
+        :yields: Iterator[IntegrationAsset]
+        """
+        tags: List[Tuple[str, str]] = kwargs.get("tags", [])
+        # Create artifacts directory if not exist
+        Path.mkdir(Path("./artifacts"), exist_ok=True, parents=True)
+        current_datetime = datetime.datetime.now().strftime("%Y%m%d%H")
+        cache_file = Path("./artifacts") / Path(f"tenable_assets_{self.plan_id}_{current_datetime}.json")
+        if (
+            cache_file.exists()
+            and (datetime.datetime.now() - datetime.datetime.fromtimestamp(cache_file.stat().st_mtime)).days < 1
+            and not self.is_empty(cache_file)
+        ):
+            logger.info("Loading assets from cache...")
+        else:
+            self.authenticate()
+            logger.info("Fetching Tenable assets...")
+            if not self.client:
+                raise ValueError("Client not authenticated")
+            tenable_last_updated = self.get_last_update_time()
+            assets_iterator = (
+                self.client.exports.assets(updated_at=int(tenable_last_updated.timestamp()), tags=tags)
+                if tags
+                else self.client.exports.assets(updated_at=int(tenable_last_updated.timestamp()))
+            )
+            i = 0
+            with open(cache_file, "w") as f:
+                try:
+                    for i, asset in enumerate(assets_iterator, 1):
+                        f.write(json.dumps(asset) + "\n")
+                        if i % 100 == 0:
+                            logger.info(f"Fetched {i} assets")
+                except TioExportsError as e:
+                    logger.error("Error fetching Tenable assets: %s", str(e))
+            logger.info(f"Total assets fetched: {i}")
+        # Count the number of lines in the file using linecache
+        self.num_assets_to_process = len(linecache.getlines(str(cache_file)))
+        logger.info(f"Total assets to process: {self.num_assets_to_process}")
+        # Process the assets
+        with open(cache_file, "r") as f:
+            for line in f:
+                asset = json.loads(line)
+                parsed_asset = self.parse_asset(asset)
+                yield parsed_asset
+    def get_last_update_time(self) -> datetime.datetime:
+        """
+        Get the last update time for Tenable assets.
+        :return: The last update time
+        :rtype: datetime.datetime
+        """
+        existing_assets: List[regscale_models.Asset] = regscale_models.Asset.get_all_by_parent(
+            parent_id=self.plan_id, parent_module="securityplans"
+        )
+        filtered_assets = [asset for asset in existing_assets if asset.tenableId and asset.dateLastUpdated]
+        if not filtered_assets:
+            return datetime.datetime.fromtimestamp(0)
+        return max(
+            datetime_obj(asset.dateLastUpdated) or datetime.datetime.fromtimestamp(0)
+            for asset in filtered_assets
+            if datetime_obj(asset.dateLastUpdated)
+        )
+    def parse_asset(self, node: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parses Tenable assets
+        :param Dict[str, Any] node: The Tenable asset to parse
+        :return: The parsed IntegrationAsset
+        :rtype: IntegrationAsset
+        """
+        system_types = node.get("system_types", [])
+        tenable_asset_type = system_types[0] if system_types else None
+        asset_type = self.map_tenable_to_regscale_asset_type(tenable_asset_type)
+        software_inventory = node.get("installed_software", [])
+        if software_inventory and isinstance(software_inventory[0], str):
+            software_inventory = [{"name": sw} for sw in software_inventory]
+        asset_id = node.get("id", "")
+        ipv4 = node.get("ipv4", "")
+        fqdn = node.get("fqdn", "")
+        if not asset_id:
+            asset_id = fqdn or ipv4
+        return IntegrationAsset(
+            name=self.get_asset_name(node),
+            external_id=node.get("uuid", ""),
+            identifier=asset_id,
+            asset_type=asset_type,
+            asset_owner_id=ScannerVariables.userId,
+            parent_id=self.plan_id,
+            parent_module=regscale_models.SecurityPlan.get_module_slug(),
+            asset_category=self.map_asset_category(tenable_asset_type),
+            date_last_updated=node.get("last_seen", ""),
+            status=self.map_tenable_status(node.get("terminated_at")),
+            ip_address=self.get_all_ip_addresses(node),
+            mac_address=self.get_all_mac_addresses(node),
+            fqdn=", ".join(node.get("fqdns", [])),
+            component_names=node.get("agent_names", []),
+            operating_system=", ".join(node.get("operating_systems", [])),
+            serial_number=node.get("bios_uuid", ""),
+            notes=self.generate_notes(node),
+            source_data=node,
+            software_inventory=software_inventory,
+            azure_identifier=node.get("azure_vm_id") or node.get("azure_resource_id", ""),
+            aws_identifier=node.get("aws_ec2_instance_id", ""),
+            google_identifier=node.get("gcp_instance_id", ""),
+            other_cloud_identifier=self.get_other_cloud_identifier(node),
+        )
+    @staticmethod
+    def get_asset_name(node: Dict[str, Any]) -> str:
+        """
+        Get the asset name from various possible sources
+        :param Dict[str, Any] node: The Tenable asset data
+        :return: The asset name
+        :rtype: str
+        """
+        for key in ["hostnames", "fqdns", "netbios_names", "ipv4s"]:
+            values = node.get(key, [])
+            if values and values[0]:
+                return values[0]
+        return "Unknown Asset"
+    @staticmethod
+    def _build_limited_string(items: set, char_limit: int = 450, tag: str = "Items") -> str:
+        """
+        Build a comma-separated string from items, respecting a character limit.
+        :param set items: Set of items to join
+        :param int char_limit: Maximum characters allowed (default: 450)
+        :return: Comma-separated string of items
+        :rtype: str
+        """
+        result = ""
+        for i, item in enumerate(items):
+            next_addition = item if i == 0 else ", " + item
+            if len(result) + len(next_addition) <= char_limit:
+                result += next_addition
+            else:
+                logger.warning("%s exceed character limit", tag)
+                break
+        return result
+    @staticmethod
+    def get_all_ip_addresses(ipv_node: Dict[str, Any]) -> str:
+        """
+        Get all IP addresses from both IPv4 and IPv6 nodes
+        :param Dict[str, Any] ipv_node: The IPv4 node
+        :return: Comma-separated string of IP addresses
+        :rtype: str
+        """
+        ip_addresses = set()
+        ip_addresses.update(ipv_node.get("ipv4s", []))
+        ip_addresses.update(ipv_node.get("ipv6s", []))
+        return TenableIntegration._build_limited_string(tag="IP Addresses", items=ip_addresses)
+    @staticmethod
+    def get_all_mac_addresses(node: Dict[str, Any]) -> str:
+        """
+        Get all MAC addresses from all network interfaces
+        :param Dict[str, Any] node: The Tenable asset data
+        :return: Comma-separated string of MAC addresses
+        :rtype: str
+        """
+        mac_addresses = set()
+        for interface in node.get("network_interfaces", []):
+            mac_addresses.update(interface.get("mac_addresses", []))
+        return TenableIntegration._build_limited_string(tag="MAC Addresses", items=mac_addresses)
+    @staticmethod
+    def generate_notes(node: Dict[str, Any]) -> str:
+        """
+        Generate notes from Tenable asset data
+        :param Dict[str, Any] node: The Tenable asset data
+        :return: Generated notes
+        :rtype: str
+        """
+        notes = []
+        if node.get("network_name"):
+            notes.append(f"Network: {node.get('network_name')}")
+        if node.get("acr_score") is not None:
+            notes.append(f"ACR Score: {node.get('acr_score')}")
+        if node.get("exposure_score") is not None:
+            notes.append(f"Exposure Score: {node.get('exposure_score')}")
+        if node.get("tags"):
+            tag_str = "; ".join([f"{tag.get('key', '')}: {tag.get('value', '')}" for tag in node.get("tags", [])])
+            notes.append(f"Tags: {tag_str}")
+        if node.get("sources"):
+            sources_str = "; ".join(
+                [
+                    f"{source.get('name', '')} (First seen: {source.get('first_seen', '')}, Last seen: {source.get('last_seen', '')})"
+                    for source in node.get("sources", [])
+                ]
+            )
+            notes.append(f"Sources: {sources_str}")
+        return "\n".join(notes)
+    @staticmethod
+    def get_other_cloud_identifier(node: Dict[str, Any]) -> Optional[str]:
+        """
+        Get other cloud identifier if present
+        :param Dict[str, Any] node: The Tenable asset data
+        :return: Other cloud identifier if present, None otherwise
+        :rtype: Optional[str]
+        """
+        if node.get("gcp_project_id"):
+            return f"GCP Project: {node.get('gcp_project_id')}"
+        if node.get("aws_vpc_id"):
+            return f"AWS VPC: {node.get('aws_vpc_id')}"
+        return None
+    @staticmethod
+    def map_asset_category(tenable_type: Optional[str]) -> str:
+        """
+        Map Tenable asset type to RegScale asset category.
+        :param Optional[str] tenable_type: The Tenable asset type
+        :return: Mapped asset category (either "Software" or "Hardware")
+        :rtype: regscale_models.AssetCategory
+        """
+        if not tenable_type:
+            return regscale_models.AssetCategory.Hardware  # Default to Hardware if type is unknown
+        # List of types that are typically considered software
+        software_types = ["application"]
+        return (
+            regscale_models.AssetCategory.Software
+            if tenable_type.lower() in software_types
+            else regscale_models.AssetCategory.Hardware
+        )
+    @staticmethod
+    def map_tenable_status(terminated_at: Optional[str]) -> str:
+        """
+        Map Tenable status to IntegrationAsset status
+        :param Optional[str] terminated_at: The terminated_at value from Tenable
+        :return: Mapped status
+        :rtype: str
+        """
+        return "Off-Network" if terminated_at else "Active (On Network)"
+    @staticmethod
+    def map_tenable_to_regscale_asset_type(tenable_type: Optional[str]) -> regscale_models.AssetType:
+        """
+        Map Tenable asset type to RegScale AssetType enum.
+        :param Optional[str] tenable_type: The Tenable asset type
+        :return: Mapped RegScale AssetType
+        :rtype: regscale_models.AssetType
+        """
+        if not tenable_type:
+            return regscale_models.AssetType.Other
+        tenable_to_regscale_map = {
+            "general-purpose": regscale_models.AssetType.Desktop,
+            "laptop": regscale_models.AssetType.Laptop,
+            "server": regscale_models.AssetType.PhysicalServer,
+            "hypervisor": regscale_models.AssetType.VM,
+            "mobile": regscale_models.AssetType.Phone,
+            "network": regscale_models.AssetType.NetworkRouter,
+            "firewall": regscale_models.AssetType.Firewall,
+            "tablet": regscale_models.AssetType.Tablet,
+            "switch": regscale_models.AssetType.NetworkSwitch,
+            "appliance": regscale_models.AssetType.Appliance,
+        }
+        return tenable_to_regscale_map.get(tenable_type.lower(), regscale_models.AssetType.Other)
+    def fetch_findings(self, *args: Any, **kwargs: Any) -> Iterator[IntegrationFinding]:
+        """
+        Fetches Tenable findings using the Tenable.io API
+        :yields: Iterator[IntegrationFinding]
+        """
+        plan_id: int = int(kwargs.get("plan_id", self.plan_id))
+        tags: List[Tuple[str, str]] = kwargs.get("tags", [])
+        Path.mkdir(Path("./artifacts"), exist_ok=True, parents=True)
+        current_datetime = datetime.datetime.now().strftime("%Y%m%d%H")
+        cache_file = Path("./artifacts") / Path(f"tenable_findings_{self.plan_id}_{current_datetime}.json")
+        if (
+            cache_file.exists()
+            and (datetime.datetime.now() - datetime.datetime.fromtimestamp(cache_file.stat().st_mtime)).days < 1
+            and not self.is_empty(cache_file)
+        ):
+            logger.info("Loading findings from cache...")
+        else:
+            logger.info("Fetching findings from Tenable...")
+            minimum_severity = validate_nessus_severity(TenableVariables.tenableMinimumSeverityFilter)
+            cvss2_min = get_min_cvss_score(minimum_severity)
+            latest_scan: int = get_last_pull_epoch(regscale_ssp_id=plan_id)
+            logger.info("Latest scan: %s", datetime.datetime.fromtimestamp(latest_scan))
+            self.authenticate()
+            if not self.client:
+                raise ValueError("Client not authenticated")
+            with open(cache_file, "w", encoding="utf-8") as f:
+                findings_iterator = (
+                    self.client.exports.vulns(
+                        vpr_score={"gte": cvss2_min}, since=latest_scan, state=["OPEN", "REOPENED"], tags=tags
+                    )
+                    if tags
+                    else self.client.exports.vulns(
+                        vpr_score={"gte": cvss2_min}, since=latest_scan, state=["OPEN", "REOPENED"]
+                    )
+                )
+                for i, line in enumerate(findings_iterator):
+                    f.write(json.dumps(line) + "\n")
+                    if i % 100 == 0:
+                        logger.info(f"Fetched {i} vulnerabilities")
+        # Count the number of lines in the file using linecache
+        self.num_findings_to_process = len(linecache.getlines(str(cache_file)))
+        logger.info(f"Total findings to process: {self.num_findings_to_process}")
+        with open(cache_file, "r") as f:
+            for line in f:
+                parsed_asset = self.parse_finding(json.loads(line))
+                if parsed_asset:
+                    yield parsed_asset
+    def parse_finding(self, vuln: Dict[str, Any]) -> Optional[IntegrationFinding]:
+        """
+        Parses a Tenable vulnerability into an IntegrationFinding object.
+        :param Dict[str, Any] vuln: The Tenable vulnerability to parse
+        :return: The parsed IntegrationFinding or None if parsing fails
+        :rtype: Optional[IntegrationFinding]
+        """
+        from regscale.core.app.application import Application
+        app = Application()
+        try:
+            # Extract relevant data from the vulnerability dict
+            asset = vuln.get("asset", {})
+            plugin = vuln.get("plugin", {})
+            plugin_output = vuln.get("output", "")
+            is_stig = "xccdf_mil.disa.stig_rule" in plugin_output
+            plugin_name = plugin.get("name", [])[0] if isinstance(plugin.get("name"), list) else plugin.get("name")
+            severity = vuln.get("severity", "info").lower()
+            severity_id = vuln.get("severity_id", 0)
+            # Determine if this is an informational item or a vulnerability
+            is_informational = severity == "info" or severity_id == 0
+            if is_informational and not is_stig:
+                logger.info(f"Ignoring Informational Vulnerability {plugin_name}")
+                return None
+            category = f"Tenable Vulnerability: {plugin.get('family', 'General')}"
+            issue_type = "Vulnerability"
+            severity_default = app.config.get("vulnerabilityMappingDefault", regscale_models.IssueSeverity.NotAssigned)
+            severity = self.finding_severity_map.get(severity, severity_default)
+            status = (
+                regscale_models.IssueStatus.Open if vuln.get("state") == "OPEN" else regscale_models.IssueStatus.Closed
+            )
+            # Mapping for severity strings to integers
+            severity_map = {"critical": 4, "high": 3, "medium": 2, "low": 1, "info": 0}
+            severity_int = severity_map.get(severity, 0)
+            identifier = plugin.get("cve", []) or [plugin.get("name", "")]
+            identifier = identifier[0] if isinstance(identifier, list) else identifier
+            asset_id = asset.get("uuid", "")
+            ipv4 = asset.get("ipv4", "")
+            fqdn = asset.get("fqdn", "")
+            if not asset_id:
+                asset_id = fqdn or ipv4
+            cve = plugin.get("cve", [])[0] if isinstance(plugin.get("cve"), list) else None
+            integration_finding = IntegrationFinding(
+                control_labels=[],
+                category=category,
+                title=f"{identifier}: {plugin.get('name', '')}",
+                issue_title=f"{identifier}: {plugin.get('name', '')}",
+                description=plugin.get("description", ""),
+                severity=severity,
+                status=status,
+                asset_identifier=asset_id,
+                external_id=str(plugin.get("id", "")),
+                first_seen=vuln.get("first_found", get_current_datetime()),
+                last_seen=vuln.get("last_found", get_current_datetime()),
+                remediation=plugin.get("solution", ""),
+                cvss_score=float(plugin.get("cvss3_base_score") or plugin.get("cvss_base_score") or 0),
+                cve=cve,
+                vulnerability_type=self.title,
+                plugin_id=str(plugin.get("id", "")),
+                plugin_name=plugin_name,
+                ip_address=asset.get("ipv4", ""),
+                dns=asset.get("fqdn", ""),
+                severity_int=severity_int,
+                issue_type=issue_type,
+                date_created=get_current_datetime(),
+                date_last_updated=get_current_datetime(),
+                gaps="",
+                observations=vuln.get("output", ""),
+                evidence=vuln.get("output", ""),
+                identified_risk=plugin.get("risk_factor", ""),
+                impact="",
+                recommendation_for_mitigation=plugin.get("solution", ""),
+                rule_id=str(plugin.get("id", "")),
+                rule_version=plugin.get("version", ""),
+                results=vuln.get("output", ""),
+                comments=None,
+                baseline="",
+                poam_comments=None,
+                vulnerable_asset=asset_id,
+                source_rule_id=str(plugin.get("id", "")),
+            )
+            if is_stig:
+                integration_finding = parse_stig_output(output=plugin_output, finding=integration_finding)
+            return integration_finding
+        except Exception as e:
+            logger.error("Error parsing Tenable finding: %s", str(e), exc_info=True)
+            return None
+    def is_empty(self, file_path: Path) -> bool:
+        """
+        Check if the file is empty.
+        :param Path file_path: The path to the file
+        :return: True if the file is empty, False otherwise
+        :rtype: bool
+        """
+        try:
+            return file_path.stat().st_size == 0
+        except FileNotFoundError:
+            return True

regscale/integrations/commercial/tenablev2/stig_parsers.py ADDED Viewed

@@ -0,0 +1,140 @@
+"""Functions for parsing STIG output from Tenable"""
+import logging
+import re
+from typing import Union
+from regscale.core.app.utils.app_utils import get_current_datetime
+from regscale.integrations.scanner_integration import IntegrationFinding, issue_due_date
+from regscale.models import regscale_models
+logger = logging.getLogger(__name__)
+def parse_stig_output(output: str, finding: IntegrationFinding) -> IntegrationFinding:
+    """
+    Parses STIG output and constructs a finding dictionary matching IntegrationFinding.
+    :param str output: The STIG output string to parse.
+    :param IntegrationFinding finding: The finding to update.
+    :return: An IntegrationFinding object containing the parsed finding information.
+    :rtype: IntegrationFinding
+    """
+    def _extract_field(pattern: str, text: str, flags: Union[int, re.RegexFlag] = 0, group: int = 1) -> str:
+        """
+        Extracts a field from a string using a regular expression
+        :param str pattern: The regular expression pattern to search for
+        :param str text: The string to search in
+        :param int flags: Optional regular expression flags, defaults to 0
+        :param int group: The group number to return from the match, defaults to 1
+        :return: The extracted field as a string. Empty string if no match was found
+        :rtype: str
+        """
+        match = re.search(pattern, text, flags)
+        return match.group(group).strip() if match else ""
+    # Extract fields
+    check_name_full = _extract_field(r"Check Name:\s*(.*?)\n", output, flags=re.DOTALL | re.MULTILINE)
+    check_name_parts = check_name_full.split(":", 1)
+    rule_id = check_name_parts[0].strip()
+    check_description = check_name_parts[1].strip() if len(check_name_parts) > 1 else ""
+    baseline = _extract_field(r"(.*?)\s+Target\s+(.*)", check_description, group=2)
+    if target_match := _extract_field(r"(.*?)\s+Target\s+(.*)", check_description):
+        check_description = check_description[: check_description.find(target_match) + len(target_match)].strip()
+    information = _extract_field(r"Information:\s*(.*?)\n", output, flags=re.DOTALL | re.MULTILINE)
+    vuln_discuss = _extract_field(r"VulnDiscussion='(.*?)'\s", output, flags=re.DOTALL | re.MULTILINE)
+    result = _extract_field(r"Result:\s*(.*?)(?:\n|$)", output, flags=re.IGNORECASE | re.DOTALL)
+    solution = _extract_field(r"Solution:\s*(.*?)\n\nReference Information:", output, flags=re.DOTALL | re.MULTILINE)
+    # Extract reference information
+    ref_info = _extract_field(r"Reference Information:\s*(.*)", output, flags=re.DOTALL | re.MULTILINE)
+    ref_dict = dict(item.split("|", 1) for item in ref_info.split(",") if "|" in item)
+    # Extract specific references
+    cci_ref = ref_dict.get("CCI", "CCI-000366")
+    severity = ref_dict.get("SEVERITY", "").lower()
+    oval_def = ref_dict.get("OVAL-DEF", "")
+    generated_date = ref_dict.get("GENERATED-DATE", "")
+    updated_date = ref_dict.get("UPDATED-DATE", "")
+    scan_date = ref_dict.get("SCAN-DATE", "")
+    rule_id_full = ref_dict.get("RULE-ID", "")
+    group_id = ref_dict.get("GROUP-ID", "")
+    vuln_num_match = re.search(r"SV-\d+r\d+_rule", rule_id)
+    vuln_num = vuln_num_match.group(0) if vuln_num_match else "unknown"
+    title = f"{vuln_num}: {check_description}"
+    issue_title = title
+    status_map = {
+        "PASSED": regscale_models.ChecklistStatus.PASS,
+        "FAILED": regscale_models.ChecklistStatus.FAIL,
+        "ERROR": regscale_models.ChecklistStatus.FAIL,
+        "NOT APPLICABLE": regscale_models.ChecklistStatus.NOT_APPLICABLE,
+        "NOT_APPLICABLE": regscale_models.ChecklistStatus.NOT_APPLICABLE,
+    }
+    result_key = result.upper().replace("_", " ").strip()
+    if result_key not in status_map:
+        logger.warning(f"Result '{result}' not found in status map")
+        status = regscale_models.ChecklistStatus.NOT_REVIEWED
+    else:
+        status = status_map[result_key]
+    # Map severity to IssueSeverity enum
+    priority = (severity or "").title()
+    severity_map = {
+        "critical": regscale_models.IssueSeverity.Critical,
+        "high": regscale_models.IssueSeverity.High,
+        "medium": regscale_models.IssueSeverity.Moderate,
+        "low": regscale_models.IssueSeverity.Low,
+    }
+    severity = severity_map.get(severity.lower(), regscale_models.IssueSeverity.NotAssigned)
+    results = (
+        f"Vulnerability Number: {vuln_num}, Severity: {severity.value}, "
+        f"Rule Title: {check_description}<br><br>"
+        f"Check Content: {information}<br><br>"
+        f"Vulnerability Discussion: {vuln_discuss}<br><br>"
+        f"Fix Text: {solution}<br><br>"
+        f"STIG Reference: {rule_id}"
+    )
+    current_datetime = get_current_datetime()
+    finding.title = title
+    finding.category = "STIG"
+    finding.plugin_id = cci_ref
+    finding.plugin_name = rule_id
+    finding.severity = severity
+    finding.description = f"{information}\n\nVulnerability Discussion: {vuln_discuss}\n\nSolution: {solution}"
+    finding.status = status
+    finding.priority = priority  # Set priority based on severity
+    finding.first_seen = current_datetime
+    finding.last_seen = current_datetime
+    finding.issue_title = issue_title
+    finding.issue_type = "Risk"
+    finding.date_created = generated_date
+    finding.date_last_updated = updated_date
+    finding.due_date = issue_due_date(severity, generated_date)
+    finding.external_id = f"{cci_ref}:{vuln_num}:{finding.asset_identifier}"
+    finding.recommendation_for_mitigation = solution
+    finding.cci_ref = cci_ref
+    finding.rule_id = rule_id
+    finding.results = results
+    finding.baseline = baseline
+    finding.vulnerability_number = vuln_num
+    finding.oval_def = oval_def
+    finding.scan_date = scan_date
+    finding.rule_id_full = rule_id_full
+    finding.group_id = group_id
+    # Future values
+    # finding.comments = ""
+    # finding.poam_comments = ""
+    # finding.rule_version = ""
+    return finding