regscale-cli 6.16.4.0__py3-none-any.whl → 6.17.0.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.16.4.0"
+__version__ = "6.17.0.0"

regscale/core/app/api.py

@@ -33,6 +33,7 @@ class Api:
     app: "Application"
     _retry_log: str = "Retrying request with new token."
     _no_res_text: str = "No response text available"
+    _ssl_warning_displayed: bool = False
 
     def __init__(
         self,
@@ -59,7 +60,9 @@ class Api:
         self.logger = logging.getLogger("regscale")
         self.verify = ScannerVariables.sslVerify
         if not self.verify:
-            self.logger.warning("SSL Verification has been disabled.")
+            if not Api._ssl_warning_displayed:
+                self.logger.warning("SSL Verification has been disabled.")
+                Api._ssl_warning_displayed = True
             r_session.verify = False
             disable_warnings(InsecureRequestWarning)
         if self.config and "timeout" in self.config:

regscale/core/app/utils/regscale_utils.py

@@ -6,6 +6,7 @@
 import json
 import os
 import re
+import warnings
 from typing import Any, Optional
 from urllib.parse import urljoin
 
@@ -17,8 +18,6 @@ from regscale.core.app.logz import create_logger
 from regscale.core.app.utils.app_utils import convert_to_string, error_and_exit, get_file_name, get_file_type
 from regscale.models import Data
 from regscale.models.regscale_models.modules import Modules
-import warnings
-
 
 logger = create_logger()
 
@@ -165,7 +164,7 @@ def get_all_from_module(api: Api, module: str, timeout: int = 300) -> list[dict]
     elif module == "risks":
         from regscale.models.regscale_models.risk import Risk
 
-        all_risks = Risk().fetch_all_risks(api.app)
+        all_risks = Risk().fetch_all_risks()
         regscale_data = [risk.dict() for risk in all_risks]
     else:
         logger.warning(

regscale/dev/code_gen.py

@@ -8,7 +8,7 @@ if TYPE_CHECKING:
 from regscale.models.integration_models.synqly_models.connector_types import ConnectorType
 from regscale.models.integration_models.synqly_models.param import Param
 
-SUPPORTED_CONNECTORS = [ConnectorType.Ticketing, ConnectorType.Vulnerabilities, ConnectorType.Assets]
+SUPPORTED_CONNECTORS = [ConnectorType.Ticketing, ConnectorType.Vulnerabilities, ConnectorType.Assets, ConnectorType.Edr]
 
 
 def generate_dags() -> None:
@@ -136,7 +136,10 @@ def _build_description(configs: dict[str, dict], connector: str) -> str:
             and "download_attachment" in capabilities
         ):
             sync_attachments.append(integration_name)
-    description = f"Sync {connector.capitalize()} data between {', '.join(integrations)} and RegScale data."
+    if connector.lower() == ConnectorType.Edr.lower():
+        description = f"Sync endpoints, apps, and alerts data between {', '.join(integrations)} and RegScale data."
+    else:
+        description = f"Sync {connector.capitalize()} data between {', '.join(integrations)} and RegScale data."
     if sync_attachments:
         description += f" You are also able to sync attachments between {', '.join(sync_attachments)} and RegScale."
     return description
@@ -395,14 +398,14 @@ def _build_all_params(integration_name: str, connector: str) -> tuple[list[str],
             "scan_date=scan_date",
             "all_scans=all_scans",
         ]
-    elif connector == ConnectorType.Assets:
-        click_options = ["@regscale_ssp_id()"]
-        function_params = ["regscale_ssp_id: int"]
-        function_kwargs = ["regscale_ssp_id=regscale_ssp_id"]
-    else:
+    elif connector == ConnectorType.Ticketing:
         click_options = ["@regscale_id()", "@regscale_module()"]
         function_params = ["regscale_id: int", "regscale_module: str"]
         function_kwargs = ["regscale_id=regscale_id", "regscale_module=regscale_module"]
+    else:
+        click_options = ["@regscale_ssp_id()"]
+        function_params = ["regscale_ssp_id: int"]
+        function_kwargs = ["regscale_ssp_id=regscale_ssp_id"]
     return click_options, function_params, function_kwargs
 
 

regscale/integrations/commercial/aws/inventory/base.py

@@ -1,7 +1,5 @@
 """Base classes for AWS resource collection."""
 
-import datetime
-import json
 import logging
 from typing import Any, Dict, TYPE_CHECKING
 

regscale/integrations/commercial/durosuite/api.py

@@ -13,6 +13,8 @@ from pydantic import BaseModel, Field
 from requests.exceptions import Timeout, ConnectionError as RequestsConnectionError
 
 logger = logging.getLogger("regscale")
+API_DEVICES = "/api/devices"
+API_GROUPS = "/api/groups"
 
 
 def retry_with_backoff(retries=3, backoff_in_seconds=1):
@@ -201,6 +203,8 @@ class DuroSuite:
         :return: Response data or None if request failed
         :rtype: Optional[Union[dict, str]]
         """
+        from regscale.integrations.variables import ScannerVariables
+
         url = urljoin(self.base_url, endpoint)
         headers = {}
         if self.api_key:
@@ -213,7 +217,14 @@ class DuroSuite:
 
         try:
             response = requests.request(
-                method, url, headers=headers, json=data, params=params, verify=True, timeout=60, files=files
+                method,
+                url,
+                headers=headers,
+                json=data,
+                params=params,
+                verify=ScannerVariables.sslVerify,
+                timeout=60,
+                files=files,
             )
 
             if response.status_code == 403:
@@ -229,7 +240,7 @@ class DuroSuite:
                 logger.error(f"Resource not found: {url}")
                 try:
                     return response.json()
-                except:  # noqa: E722
+                except requests.exceptions.JSONDecodeError:  # noqa: E722
                     response.raise_for_status()
             else:
                 response.raise_for_status()
@@ -455,7 +466,7 @@ class DuroSuite:
         :rtype: List[Device]
         """
         try:
-            response = self._make_request("GET", "/api/devices")
+            response = self._make_request("GET", API_DEVICES)
             # Handle 404 "No devices available" response
             if not response or (isinstance(response, dict) and "detail" in response):
                 logger.debug(f"No devices found: {response}")
@@ -473,7 +484,7 @@ class DuroSuite:
         :return: API response
         :rtype: Optional[Dict[str, Any]]
         """
-        return self._make_request("PUT", "/api/devices", params=device_data.model_dump())
+        return self._make_request("PUT", API_DEVICES, params=device_data.model_dump())
 
     def add_new_device(self, device_data: Dict[str, Any]) -> Optional[Device]:
         """
@@ -494,7 +505,7 @@ class DuroSuite:
             logger.debug(f"Creating device with data: {request_data}")
 
             # Create device first
-            response = self._make_request("POST", "/api/devices", data=request_data)
+            response = self._make_request("POST", API_DEVICES, data=request_data)
 
             if not response:
                 logger.error("Failed to create device - empty response")
@@ -516,7 +527,7 @@ class DuroSuite:
                     self._make_request("POST", "/api/devices/vars", data=var_data)
 
             # Get all devices and find our newly created one
-            all_devices = self._make_request("GET", "/api/devices")
+            all_devices = self._make_request("GET", API_DEVICES)
             if not all_devices:
                 logger.error("Failed to get devices list")
                 return None
@@ -636,7 +647,7 @@ class DuroSuite:
         :rtype: List[Group]
         """
         try:
-            response = self._make_request("GET", "/api/groups")
+            response = self._make_request("GET", API_GROUPS)
             if not response:
                 return []
 
@@ -670,7 +681,7 @@ class DuroSuite:
         :return: API response
         :rtype: Optional[Dict[str, Any]]
         """
-        return self._make_request("PUT", "/api/groups", params=group_data)
+        return self._make_request("PUT", API_GROUPS, params=group_data)
 
     def add_new_group(self, group_data: Dict[str, Any]) -> Optional[Group]:
         """
@@ -689,7 +700,7 @@ class DuroSuite:
 
             logger.debug(f"Creating group with data: {request_data}")
 
-            response = self._make_request("POST", "/api/groups", data=request_data)
+            response = self._make_request("POST", API_GROUPS, data=request_data)
 
             if not response:
                 logger.error("Failed to create group - empty response")

regscale/integrations/commercial/opentext/scanner.py

@@ -14,7 +14,7 @@ from typing import Any, Dict, List, Optional, Union, Tuple, cast, Iterator, Set
 
 from pathlib import Path
 
-from regscale.core.app.utils.app_utils import check_license
+from regscale.core.app.utils.app_utils import check_license, get_current_datetime
 from regscale.core.app.utils.file_utils import find_files, read_file
 from regscale.integrations.jsonl_scanner_integration import JSONLScannerIntegration
 from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding, issue_due_date
@@ -486,7 +486,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
             severity = IssueSeverity.High
 
         if self.scan_date is None:
-            self.scan_date = self.file_date
+            self.scan_date = self.file_date or get_current_datetime()
 
         title = item.get("Name", "")
         plugin_id = item.get("VulnerabilityID", "")

regscale/integrations/commercial/sap/sysdig/sysdig_scanner.py

@@ -1,19 +1,20 @@
 import csv
 import logging
-from typing import Any, Dict, Iterator, Tuple
+from typing import Any, Dict, Iterator, Tuple, Optional
 
 from regscale.core.app.utils.app_utils import get_current_datetime
-from regscale.core.app.utils.parser_utils import safe_datetime_str, safe_float
+from regscale.core.app.utils.parser_utils import safe_float
 from regscale.integrations.scanner_integration import (
     IntegrationAsset,
     IntegrationFinding,
     ScannerIntegration,
-    issue_due_date,
 )
 from regscale.integrations.variables import ScannerVariables
 from regscale.models import regscale_models
 
 logger = logging.getLogger("regscale")
+IMAGE_NAME = "Image name"
+IMAGE_TAG = "Image tag"
 
 
 class SAPConcurSysDigScanner(ScannerIntegration):
@@ -26,40 +27,59 @@ class SAPConcurSysDigScanner(ScannerIntegration):
         "low": regscale_models.IssueSeverity.Low,
     }
 
-    def parse_assets(self, asset: Dict[str, Any]) -> IntegrationAsset:
+    def parse_assets(self, asset: Dict[str, Any]) -> Optional[IntegrationAsset]:
         """
         Parse a single asset from the vulnerability data.
 
         :param Dict[str, Any] asset: A dictionary containing the asset data
-        :return: An IntegrationAsset object with parsed data
-        :rtype: IntegrationAsset
+        :return: An IntegrationAsset object with parsed data, or None if the asset doesn't have an identifier or name
+        :rtype: Optional[IntegrationAsset]
         """
         name = (
-            asset.get("Image name", None) + ":" + asset.get("Image tag", None)
-            if (asset.get("Image name") and asset.get("Image tag"))
+            asset.get(IMAGE_NAME, None) + ":" + asset.get(IMAGE_TAG, None)
+            if (asset.get(IMAGE_NAME) and asset.get(IMAGE_TAG))
             else None
         )
-        return IntegrationAsset(
-            name=name,
-            identifier=name
+        identifier = (
+            name
             or asset.get("Container name")
             or asset.get("Cluster name")
             or asset.get("Pod")
-            or asset.get("Namespace"),
+            or asset.get("Namespace")
+        )
+        if name is None or identifier is None:
+            return None
+        return IntegrationAsset(
+            name=name,
+            identifier=identifier,
             asset_type="Other",  # Sysdig primarily concerns itself with containers
             asset_category=regscale_models.AssetCategory.Hardware,
             asset_owner_id=ScannerVariables.userId,
-            status="Active (On Network)",
+            status=regscale_models.AssetStatus.Active,
             mac_address="",
             fqdn="",
             ip_address="",
-            operating_system="",
+            operating_system=None,
             aws_identifier="",
             vlan_id="",
             location="",
             software_inventory=[],
         )
 
+    @staticmethod
+    def _get_row_count(**kwargs) -> int:
+        """
+        Get the number of rows in the CSV file.
+
+        :param kwargs: Arbitrary keyword arguments
+        :return: The number of rows in the CSV file
+        :rtype: int
+        """
+        if path := kwargs.get("path"):
+            with open(path, "r", newline="") as csvfile:
+                reader = csv.DictReader(csvfile)
+                return sum(1 for _ in reader)
+
     def fetch_assets(self, *args: Tuple, **kwargs: dict) -> Iterator[IntegrationAsset]:
         """
         Fetch assets from a CSV file and yield IntegrationAsset objects.
@@ -74,12 +94,12 @@ class SAPConcurSysDigScanner(ScannerIntegration):
             raise ValueError("Path is required")
 
         logger.info(f"Fetching assets from {path}")
-        self.num_assets_to_process = 0
+        self.num_assets_to_process = self._get_row_count(path=path)
         with open(path, "r", newline="") as csvfile:
             reader = csv.DictReader(csvfile)
             for row in reader:
-                self.num_assets_to_process += 1
-                yield self.parse_assets(row)
+                if asset := self.parse_assets(row):
+                    yield asset
 
     def fetch_findings(self, *args: Tuple, **kwargs: dict) -> Iterator[IntegrationFinding]:
         """
@@ -96,11 +116,10 @@ class SAPConcurSysDigScanner(ScannerIntegration):
 
         logger.info(f"Fetching findings from {path}")
 
-        self.num_findings_to_process = 0
+        self.num_findings_to_process = self._get_row_count(path=path)
         with open(path, "r", newline="") as csvfile:
             reader = csv.DictReader(csvfile)
             for row in reader:
-                self.num_findings_to_process += 1
                 yield from self.parse_findings(finding=row, kwargs=kwargs)
 
     def parse_findings(self, finding: Dict[str, Any], **kwargs: dict) -> Iterator[IntegrationFinding]:
@@ -136,8 +155,8 @@ class SAPConcurSysDigScanner(ScannerIntegration):
         :rtype: IntegrationFinding
         """
         asset_name = (
-            finding.get("Image name", None) + ":" + finding.get("Image tag", None)
-            if (finding.get("Image name") and finding.get("Image tag"))
+            finding.get(IMAGE_NAME, None) + ":" + finding.get(IMAGE_TAG, None)
+            if (finding.get(IMAGE_NAME) and finding.get(IMAGE_TAG))
             else None
         )
         asset_id = (

regscale/integrations/commercial/sap/tenable/scanner.py

@@ -1,7 +1,12 @@
+"""
+SAP Concur flat file Scanner Integration
+"""
+
 import csv
 import logging
-from typing import Any, Dict, Iterator, Tuple
+from typing import Any, Dict, Iterator, Optional, Tuple
 
+from regscale.core.app.utils.app_utils import error_and_exit
 from regscale.core.app.utils.parser_utils import safe_datetime_str, safe_float, safe_int
 from regscale.integrations.scanner_integration import (
     IntegrationAsset,
@@ -18,6 +23,7 @@ IP_ADDRESS_ANONYMIZED = "IP Address (Anonymized)"
 DNS_NAME = "DNS Name"
 LAST_OBSERVED = "Last Observed"
 CVSS_V3_BASE_SCORE = "CVSS V3 Base Score"
+FIRST_DISCOVERD = "First Discovered"
 
 
 class SAPConcurScanner(ScannerIntegration):
@@ -31,23 +37,30 @@ class SAPConcurScanner(ScannerIntegration):
     }
 
     @staticmethod
-    def parse_assets(asset: Dict[str, Any]) -> IntegrationAsset:
+    def parse_assets(asset: Dict[str, Any]) -> Optional[IntegrationAsset]:
         """
         Parse a single asset from the vulnerability data.
 
         :param Dict[str, Any] asset: A dictionary containing the asset data
-        :return: An IntegrationAsset object with parsed data
-        :rtype: IntegrationAsset
+        :return: An IntegrationAsset object with parsed data, or None if the asset doesn't have an identifier or name
+        :rtype: Optional[IntegrationAsset]
         """
+        from regscale.models import AssetStatus
+
         ip_address = asset.get(IP_ADDRESS_ANONYMIZED, "")
         external_id = asset.get("Host ID") or ip_address  # Use Host ID if available, otherwise use IP address
+        name = asset.get(DNS_NAME) or ip_address  # Use Host Name if available, otherwise use IP address
+
+        if not name or not external_id:
+            logger.debug("Skipping asset due to missing name or external_id: %s", asset)
+            return None
 
         return IntegrationAsset(
             name=asset.get(DNS_NAME) or ip_address,
             identifier=external_id,
             asset_type="Server",
             asset_category="Infrastructure",
-            status="Active (On Network)",
+            status=AssetStatus.Active,
             date_last_updated=safe_datetime_str(asset.get(LAST_OBSERVED)),
             ip_address=ip_address,
             mac_address=asset.get("MAC Address"),
@@ -75,6 +88,20 @@ class SAPConcurScanner(ScannerIntegration):
             notes=f"NetBIOS Name: {asset.get('NetBIOS Name', '')}, Repository: {asset.get('Repository', '')}",
         )
 
+    @staticmethod
+    def _get_row_count(**kwargs) -> int:
+        """
+        Get the number of rows in the CSV file.
+
+        :param kwargs: Arbitrary keyword arguments
+        :return: The number of rows in the CSV file
+        :rtype: int
+        """
+        if path := kwargs.get("path"):
+            with open(path, "r", newline="") as csvfile:
+                reader = csv.DictReader(csvfile)
+                return sum(1 for _ in reader)
+
     def fetch_assets(self, *args: Tuple, **kwargs: dict) -> Iterator[IntegrationAsset]:
         """
         Fetch assets from a CSV file and yield IntegrationAsset objects.
@@ -86,15 +113,15 @@ class SAPConcurScanner(ScannerIntegration):
         """
         path: str = kwargs.get("path", "")
         if not path:
-            raise ValueError("Path is required")
+            error_and_exit("Path is required")
 
         logger.info(f"Fetching assets from {path}")
-        self.num_assets_to_process = 0
+        self.num_assets_to_process = self._get_row_count(path=path)
         with open(path, "r", newline="") as csvfile:
             reader = csv.DictReader(csvfile)
             for row in reader:
-                self.num_assets_to_process += 1
-                yield self.parse_assets(row)
+                if asset := self.parse_assets(row):
+                    yield asset
 
     def fetch_findings(self, *args: Tuple, **kwargs: dict) -> Iterator[IntegrationFinding]:
         """
@@ -107,15 +134,14 @@ class SAPConcurScanner(ScannerIntegration):
         """
         path: str = kwargs.get("path", "")
         if not path:
-            raise ValueError("Path is required")
+            error_and_exit("Path is required")
 
         logger.info(f"Fetching findings from {path}")
 
-        self.num_findings_to_process = 0
+        self.num_findings_to_process = self._get_row_count(path=path)
         with open(path, "r", newline="") as csvfile:
             reader = csv.DictReader(csvfile)
             for row in reader:
-                self.num_assets_to_process += 1
                 yield from self.parse_findings(row)
 
     def parse_findings(self, finding: Dict[str, Any]) -> Iterator[IntegrationFinding]:
@@ -159,7 +185,7 @@ class SAPConcurScanner(ScannerIntegration):
             description=finding.get("Description", ""),
             status=regscale_models.IssueStatus.Open,
             priority=finding.get("Vulnerability Priority Rating", "Medium"),
-            first_seen=safe_datetime_str(finding.get("First Discovered")),
+            first_seen=safe_datetime_str(finding.get(FIRST_DISCOVERD)),
             last_seen=safe_datetime_str(finding.get(LAST_OBSERVED)),
             cve=cve,
             cvss_v3_score=safe_float(finding.get(CVSS_V3_BASE_SCORE)),
@@ -169,9 +195,9 @@ class SAPConcurScanner(ScannerIntegration):
             dns=finding.get(DNS_NAME),
             issue_title=f"Vulnerability {finding.get('Plugin Name')} found",
             issue_type="Risk",
-            date_created=safe_datetime_str(finding.get("First Discovered")),
+            date_created=safe_datetime_str(finding.get(FIRST_DISCOVERD)),
             date_last_updated=safe_datetime_str(finding.get(LAST_OBSERVED)),
-            due_date=issue_due_date(severity=severity, created_date=safe_datetime_str(finding.get("First Discovered"))),
+            due_date=issue_due_date(severity=severity, created_date=safe_datetime_str(finding.get(FIRST_DISCOVERD))),
             external_id=finding.get("Plugin"),
             gaps="",
             observations="",

regscale/integrations/commercial/sicura/api.py

@@ -13,6 +13,8 @@ from urllib.parse import urljoin, urlencode
 import requests
 from pydantic import BaseModel, Field, RootModel
 from requests.exceptions import Timeout, ConnectionError as RequestsConnectionError
+from urllib3 import disable_warnings
+from urllib3.exceptions import InsecureRequestWarning
 
 from regscale.integrations.commercial.sicura.variables import SicuraVariables
 
@@ -207,9 +209,15 @@ class SicuraAPI:
         Initialize Sicura API client.
 
         """
+        from regscale.integrations.variables import ScannerVariables
+
         self.base_url = SicuraVariables.sicuraURL.rstrip("/")
         self.session = requests.Session()
-        self.csrf_token = None
+        self.verify = ScannerVariables.sslVerify
+        if not self.verify:
+            logger.warning("SSL Verification has been disabled for Sicura API requests.")
+            self.session.verify = False
+            disable_warnings(InsecureRequestWarning)
 
     @retry_with_backoff(retries=3, backoff_in_seconds=1)
     def _make_request(

regscale/integrations/commercial/synqly/edr.py

@@ -0,0 +1,84 @@
+# flake8: noqa E501
+# pylint: disable=line-too-long
+
+"""Edr connector commands for the RegScale CLI"""
+
+import click
+from regscale.models import regscale_ssp_id
+
+
+@click.group()
+def edr() -> None:
+    """Edr connector commands for the RegScale CLI"""
+    pass
+
+
+@edr.command(name="sync_crowdstrike")
+@regscale_ssp_id()
+@click.option(
+    "--url",
+    type=click.STRING,
+    help="The root domain where your CrowdStrike Falcon tenant is located.",
+    required=False,
+)
+def sync_crowdstrike(regscale_ssp_id: int, url: str) -> None:
+    """Sync Edr from Crowdstrike to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Edr
+
+    edr_crowdstrike = Edr("crowdstrike")
+    edr_crowdstrike.run_sync(regscale_ssp_id=regscale_ssp_id, url=url)
+
+
+@edr.command(name="sync_defender")
+@regscale_ssp_id()
+def sync_defender(regscale_ssp_id: int) -> None:
+    """Sync Edr from Defender to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Edr
+
+    edr_defender = Edr("defender")
+    edr_defender.run_sync(regscale_ssp_id=regscale_ssp_id)
+
+
+@edr.command(name="sync_malwarebytes")
+@regscale_ssp_id()
+@click.option(
+    "--url",
+    type=click.STRING,
+    help="URL for the Malwarebytes EDR Provider",
+    required=False,
+)
+def sync_malwarebytes(regscale_ssp_id: int, url: str) -> None:
+    """Sync Edr from Malwarebytes to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Edr
+
+    edr_malwarebytes = Edr("malwarebytes")
+    edr_malwarebytes.run_sync(regscale_ssp_id=regscale_ssp_id, url=url)
+
+
+@edr.command(name="sync_sentinelone")
+@regscale_ssp_id()
+def sync_sentinelone(regscale_ssp_id: int) -> None:
+    """Sync Edr from Sentinelone to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Edr
+
+    edr_sentinelone = Edr("sentinelone")
+    edr_sentinelone.run_sync(regscale_ssp_id=regscale_ssp_id)
+
+
+@edr.command(name="sync_sophos")
+@regscale_ssp_id()
+@click.option(
+    "--url",
+    type=click.STRING,
+    help="Optional root domain where your Sophos tenant is located.",
+    required=False,
+)
+def sync_sophos(regscale_ssp_id: int, url: str) -> None:
+    """Sync Edr from Sophos to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Edr
+
+    edr_sophos = Edr("sophos")
+    edr_sophos.run_sync(regscale_ssp_id=regscale_ssp_id, url=url)
+
+
+# pylint: enable=line-too-long

regscale/integrations/commercial/tenablev2/click.py

@@ -46,6 +46,7 @@ from regscale.core.app.utils.app_utils import (
     check_license,
     create_progress_object,
     epoch_to_datetime,
+    error_and_exit,
     format_dict_to_html,
     get_current_datetime,
     regscale_string_to_epoch,
@@ -971,12 +972,13 @@ def gen_tsc(config: dict) -> "TenableSC":
     :return: Tenable client
     :rtype: "TenableSC"
     """
+    from restfly.errors import APIError
     from tenable.sc import TenableSC
 
     if not config:
         app = Application()
         config = app.config
-    return TenableSC(
+    res = TenableSC(
         url=config["tenableUrl"],
         access_key=config["tenableAccessKey"],
         secret_key=config["tenableSecretKey"],
@@ -984,6 +986,11 @@ def gen_tsc(config: dict) -> "TenableSC":
         product=REGSCALE_CLI,
         build=__version__,
     )
+    try:
+        res.status.status()
+    except APIError:
+        error_and_exit("Unable to authenticate with Tenable SC. Please check your credentials.", False)
+    return res
 
 
 def gen_tio(config: dict) -> "TenableIO":
@@ -995,9 +1002,10 @@ def gen_tio(config: dict) -> "TenableIO":
     :rtype: "TenableIO"
     """
 
+    from restfly.errors import UnauthorizedError
     from tenable.io import TenableIO
 
-    return TenableIO(
+    res = TenableIO(
         url=config["tenableUrl"],
         access_key=config["tenableAccessKey"],
         secret_key=config["tenableSecretKey"],
@@ -1006,6 +1014,16 @@ def gen_tio(config: dict) -> "TenableIO":
         build=__version__,
     )
 
+    try:
+        # Check a quick API to make sure we have access
+        res.scans.list(last_modified=datetime.now())
+    except UnauthorizedError:
+        error_and_exit(
+            "Unable to authenticate with Tenable Vulnerability Management (IO). Please check your credentials.", False
+        )
+
+    return res
+
 
 def get_controls(catalog_id: int) -> List[Dict]:
     """