regscale-cli 6.20.1.1__py3-none-any.whl → 6.20.3.0__py3-none-any.whl

regscale/integrations/commercial/opentext/commands.py

@@ -27,9 +27,10 @@ def web_inspect():
 
 @web_inspect.command(name="import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
-    prompt="File path for Grype files",
-    import_name="grype",
+    message="File path to the folder containing OpenText WebInspect .xml files to process to RegScale.",
+    prompt="File path for OpenText WebInspect files",
+    import_name="opentext",
+    support_component=True,
 )
 @click.option(
     "--destination",
@@ -41,7 +42,7 @@ def web_inspect():
 @click.option(
     "--file_pattern",
     "-fp",
-    help="[Optional] File pattern to match (e.g., '*.json')",
+    help="[Optional] File pattern to match (e.g., '*.xml')",
     required=False,
 )
 def import_scans(
@@ -49,6 +50,7 @@ def import_scans(
     file_pattern: str,
     folder_path: Path,
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -63,8 +65,15 @@ def import_scans(
     # Use the new WebInspectIntegration class to sync assets and findings
     if s3_bucket and not folder_path:
         folder_path = s3_bucket
+
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError(
+            "You must provide either a --regscale_ssp_id or a --component_id to import OpenText scans."
+        )
+
     wi = WebInspectIntegration(
-        plan_id=regscale_ssp_id,
+        plan_id=component_id if component_id else regscale_ssp_id,
+        is_component=True if component_id else False,
         file_path=str(folder_path) if folder_path else None,
         s3_bucket=s3_bucket,
         s3_prefix=s3_prefix,

regscale/integrations/commercial/opentext/scanner.py

@@ -48,6 +48,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
         kwargs["read_files_only"] = True
         self.disable_mapping = kwargs["disable_mapping"] = True
         self.set_scan_date(kwargs.get("scan_date"))
+        self.is_component = kwargs.get("is_component", False)
         # logger.debug(f"scan_date: {self.scan_date}"
         super().__init__(*args, **kwargs)
         logger.debug(f"WebInspectIntegration initialized with scan date: {self.scan_date}")
@@ -400,7 +401,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
                 asset_type="Other",
                 asset_category="Hardware",
                 parent_id=self.plan_id,
-                parent_module="securityplans",
+                parent_module="securityplans" if not self.is_component else "components",
             )
 
         # Get the host from the first issue
@@ -416,7 +417,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
             asset_type="Other",
             asset_category="Hardware",
             parent_id=self.plan_id,
-            parent_module="securityplans",
+            parent_module="securityplans" if not self.is_component else "components",
             fqdn=url,
         )
 

regscale/integrations/commercial/qualys/__init__.py

@@ -718,7 +718,7 @@ def export_past_scans(save_output_to: Path, days: int, export: bool = True):
 
 @qualys.command(name="import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing Aqua .csv files to process to RegScale.",
+    message="File path to the folder containing Qualys .csv files to process to RegScale.",
     prompt="File path for Qualys files",
     import_name="qualys",
 )
@@ -740,7 +740,7 @@ def import_scans(
     aws_profile: str,
     upload_file: bool,
 ):
-    """Import scans from Qualys"""
+    """Import .csv scans from Qualys"""
     import_qualys_scans(
         folder_path=folder_path,
         regscale_ssp_id=regscale_ssp_id,
@@ -801,7 +801,7 @@ def import_qualys_scans(
 
 @qualys.command(name="import_policy_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing policy .csv files to process to RegScale.",
+    message="File path to the folder containing Qualys policy .csv files to process to RegScale.",
     prompt="File path for Qualys files",
     import_name="qualys_policy_scan",
 )

regscale/integrations/commercial/stigv2/click_commands.py

@@ -7,7 +7,7 @@ RegScale STIG Integration
 import click
 
 from regscale.integrations.commercial.stigv2.stig_integration import StigIntegration
-from regscale.models.app_models.click import NotRequiredIf
+from regscale.models.app_models.click import ssp_or_component_id
 
 
 @click.group(name="stigv2")
@@ -16,24 +16,7 @@ def stigv2():
 
 
 @stigv2.command(name="sync_findings")
-@click.option(
-    "-p",
-    "--regscale_ssp_id",
-    type=click.INT,
-    help="The ID number from RegScale of the System Security Plan",
-    prompt="Enter RegScale System Security Plan ID",
-    cls=NotRequiredIf,
-    not_required_if=["component_id"],
-)
-@click.option(
-    "-c",
-    "--component_id",
-    type=click.INT,
-    help="The ID number from RegScale of the Component",
-    prompt="Enter RegScale Component ID",
-    cls=NotRequiredIf,
-    not_required_if=["regscale_ssp_id"],
-)
+@ssp_or_component_id()
 @click.option(
     "-d",
     "--stig_directory",
@@ -46,28 +29,14 @@ def sync_findings(regscale_ssp_id, component_id, stig_directory):
     """Sync GCP Findings to RegScale."""
     if component_id:
         StigIntegration.sync_findings(plan_id=component_id, path=stig_directory, is_component=True)
-    else:
+    elif regscale_ssp_id:
         StigIntegration.sync_findings(plan_id=regscale_ssp_id, path=stig_directory, is_component=False)
+    else:
+        raise click.UsageError("Either --regscale_ssp_id or --component_id must be provided.")
 
 
 @stigv2.command(name="sync_assets")
-@click.option(
-    "-p",
-    "--regscale_ssp_id",
-    type=click.INT,
-    help="The ID number from RegScale of the System Security Plan to sync assets to.",
-    cls=NotRequiredIf,
-    not_required_if=["component_id"],
-)
-@click.option(
-    "-c",
-    "--component_id",
-    type=click.INT,
-    help="The ID number from RegScale of the Component to sync assets to.",
-    cls=NotRequiredIf,
-    not_required_if=["regscale_ssp_id"],
-    default=None,
-)
+@ssp_or_component_id()
 @click.option(
     "-d",
     "--stig_directory",

regscale/integrations/commercial/synqly/assets.py

@@ -23,6 +23,16 @@ def sync_armis_centrix(regscale_ssp_id: int) -> None:
     assets_armis_centrix.run_sync(regscale_ssp_id=regscale_ssp_id)
 
 
+@assets.command(name="sync_axonius")
+@regscale_ssp_id()
+def sync_axonius(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Assets
+
+    assets_axonius = Assets("axonius")
+    assets_axonius.run_sync(regscale_ssp_id=regscale_ssp_id)
+
+
 @assets.command(name="sync_crowdstrike")
 @regscale_ssp_id()
 @click.option(

regscale/integrations/commercial/tenablev2/commands.py

@@ -30,7 +30,7 @@ from regscale.integrations.commercial.tenablev2.jsonl_scanner import TenableSCJs
 from regscale.integrations.commercial.tenablev2.sc_scanner import SCIntegration
 from regscale.integrations.commercial.tenablev2.variables import TenableVariables
 from regscale.models import regscale_id, regscale_ssp_id
-from regscale.models.app_models.click import file_types, hidden_file_path, save_output_to
+from regscale.models.app_models.click import file_types, hidden_file_path, save_output_to, ssp_or_component_id
 from regscale.models.regscale_models import SecurityPlan
 
 logger = logging.getLogger("regscale")
@@ -468,7 +468,7 @@ def get_queries() -> list:
     prompt="Enter Tenable query ID",
     required=True,
 )
-@regscale_ssp_id()
+@ssp_or_component_id()
 @click.option(
     "--scan_date",
     "-sd",
@@ -476,7 +476,7 @@ def get_queries() -> list:
     help="The scan date of the file.",
     required=False,
 )
-def query_vuln(query_id: int, regscale_ssp_id: int, scan_date: datetime = None):
+def query_vuln(query_id: int, regscale_ssp_id: int, component_id: int, scan_date: datetime = None):
     """Query Tenable SC vulnerabilities and sync assets to RegScale."""
     try:
         # Validate license
@@ -485,7 +485,15 @@ def query_vuln(query_id: int, regscale_ssp_id: int, scan_date: datetime = None):
         console.print("[bold]Starting Tenable SC vulnerability query...[/bold]")
 
         # Use the SCIntegration class method to fetch vulnerabilities by query ID
-        sc_integration = SCIntegration(plan_id=regscale_ssp_id, scan_date=scan_date)
+        if component_id:
+            sc_integration = SCIntegration(plan_id=component_id, scan_date=scan_date, is_component=True)
+        elif regscale_ssp_id:
+            sc_integration = SCIntegration(plan_id=regscale_ssp_id, scan_date=scan_date)
+        else:
+            raise click.UsageError(
+                "You must provide either a --regscale_ssp_id or a --component_id to query Tenable vulnerabilities."
+            )
+
         sc_integration.fetch_vulns_query(query_id=query_id)
 
         console.print("[bold green]Tenable SC vulnerability query complete.[/bold green]")

regscale/integrations/commercial/tenablev2/sc_scanner.py

@@ -61,9 +61,20 @@ class SCIntegration(ScannerIntegration):
         super().__init__(*args, **kwargs)
         self.scan_date = kwargs.get("scan_date")
         self.plan_id = kwargs.get("plan_id")
+        self.is_component = kwargs.get("is_component", False) is True
         self.client = None
         self.closed_count = 0
-        self.batch_size = kwargs.get("batch_size", 1000)  # Default to 1000 if not provided
+        self.batch_size = kwargs.get("batch_size", 1000)
+        if self.is_component:
+            from regscale.validation.record import validate_regscale_object
+
+            if validate_regscale_object(
+                parent_id=self.plan_id, parent_module=regscale_models.Component.get_module_string()
+            ):
+                component = regscale_models.Component.get_object(self.plan_id)
+                self.component_title = component.title
+        else:
+            self.component_title = None
 
     def authenticate(self) -> None:
         """Authenticate to Tenable SC."""
@@ -255,6 +266,13 @@ class SCIntegration(ScannerIntegration):
             status="Active (On Network)" if asset.family.type else "Off-Network",
             asset_type="Other",
             asset_category="Hardware",
+            parent_id=self.plan_id,
+            parent_module=(
+                regscale_models.Component.get_module_string()
+                if self.is_component
+                else regscale_models.SecurityPlan.get_module_string()
+            ),
+            component_names=[self.component_title],
         )
 
     def is_empty(self, file_path: Path) -> bool:
@@ -337,6 +355,7 @@ class SCIntegration(ScannerIntegration):
                 plan_id=self.plan_id,
                 integration_assets=(asset for sublist in iterables[0] for asset in sublist),
                 asset_count=assets_count,
+                is_component=self.is_component,
             )
 
             # Sync findings
@@ -344,6 +363,7 @@ class SCIntegration(ScannerIntegration):
                 plan_id=self.plan_id,
                 integration_findings=(finding for sublist in iterables[1] for finding in sublist),
                 finding_count=findings_count,
+                is_component=self.is_component,
             )
 
             logger.info(f"Successfully synced {assets_count} assets and {findings_count} findings")

regscale/integrations/commercial/tenablev2/sync_compliance.py

@@ -55,6 +55,9 @@ def sync_compliance_data(ssp_id: int, catalog_id: int, framework: str, offline:
     failing_controls: Dict = dict()
     for findings in compliance_data:
         asset_check = AssetCheck(**findings)
+        if not asset_check.reference:
+            logger.warning(f"Asset check {asset_check.check_name} has no references, skipping.")
+            continue
         for ref in asset_check.reference:
             if ref.framework not in framework_controls:
                 framework_controls[ref.framework] = []

regscale/integrations/commercial/trivy/commands.py

@@ -19,9 +19,10 @@ def trivy():
 
 @trivy.command("import_scans")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
-    prompt="File path for Grype files",
-    import_name="grype",
+    message="File path to the folder containing Trivy .json files to process to RegScale.",
+    prompt="File path for Trivy files",
+    import_name="trivy",
+    support_component=True,
 )
 @click.option(
     "--destination",
@@ -41,6 +42,7 @@ def import_scans(
     file_pattern: str,
     folder_path: Path,
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -56,8 +58,13 @@ def import_scans(
 
     if s3_bucket and not folder_path:
         folder_path = s3_bucket
+
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError("You must provide either a --regscale_ssp_id or a --component_id to import Trivy scans.")
+
     ti = TrivyIntegration(
-        plan_id=regscale_ssp_id,
+        plan_id=component_id if component_id else regscale_ssp_id,
+        is_component=True if component_id else False,
         file_path=str(folder_path) if folder_path else None,
         s3_bucket=s3_bucket,
         s3_prefix=s3_prefix,

regscale/integrations/commercial/trivy/scanner.py

@@ -53,6 +53,7 @@ class TrivyIntegration(JSONLScannerIntegration):
         self.scan_date = kwargs.get("scan_date") if "scan_date" in kwargs else None
         if self.scan_date:
             self.scan_date = self.clean_scan_date(self.scan_date)
+        self.is_component = kwargs.get("is_component", False)
         super().__init__(*args, **kwargs)
 
     def is_valid_file(self, data: Any, file_path: Union[Path, str]) -> Tuple[bool, Optional[Dict[str, Any]]]:
@@ -128,7 +129,7 @@ class TrivyIntegration(JSONLScannerIntegration):
             notes=f"{os.path.basename(file_path_str)}",
             other_tracking_number=artifact_name,
             parent_id=self.plan_id,
-            parent_module="securityplans",
+            parent_module="securityplans" if not self.is_component else "components",
             fqdn=artifact_name,
         )
 

regscale/integrations/commercial/wizv2/constants.py

@@ -136,6 +136,10 @@ INVENTORY_QUERY = """
       projects {
         id
       }
+      technologies {
+        name
+        deploymentModel
+      }
       properties
       firstSeen
       lastSeen

regscale/integrations/commercial/wizv2/scanner.py

@@ -5,7 +5,7 @@ import json
 import logging
 import os
 import re
-from typing import Any, Dict, Iterator, List, Optional
+from typing import Any, Dict, Iterator, List, Optional, Union
 
 from regscale.core.app.utils.app_utils import check_file_path, get_current_datetime
 from regscale.core.utils import get_base_protocol_from_port
@@ -60,7 +60,13 @@ class WizVulnerabilityIntegration(ScannerIntegration):
     wiz_token = None
 
     @staticmethod
-    def get_variables():
+    def get_variables() -> Dict[str, Any]:
+        """
+        Returns default variables for first and filterBy for Wiz GraphQL queries.
+
+        :return: Default variables for Wiz queries
+        :rtype: Dict[str, Any]
+        """
         return {
             "first": 100,
             "filterBy": {},
@@ -115,7 +121,6 @@ class WizVulnerabilityIntegration(ScannerIntegration):
                 topic_key=wiz_vulnerability_type["topic_key"],
                 file_path=wiz_vulnerability_type["file_path"],
             )
-            self.num_findings_to_process += len(nodes)
             yield from self.parse_findings(nodes, wiz_vulnerability_type["type"])
         logger.info("Finished fetching Wiz findings.")
 
@@ -131,8 +136,8 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         :rtype: Iterator[IntegrationFinding]
         """
         for node in nodes:
-            finding = self.parse_finding(node, vulnerability_type)
-            if finding:
+            if finding := self.parse_finding(node, vulnerability_type):
+                self.num_findings_to_process += 1
                 yield finding
 
     @classmethod
@@ -232,17 +237,24 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         self.num_assets_to_process = len(nodes)
 
         for node in nodes:
-            asset = self.parse_asset(node)
-            if asset:
+            if asset := self.parse_asset(node):
                 yield asset
 
     @staticmethod
-    def get_filter_by(filter_by_override, wiz_project_id):
+    def get_filter_by(filter_by_override: Union[str, Dict[str, Any]], wiz_project_id: str) -> Dict[str, Any]:
+        """
+        Constructs the filter_by dictionary for fetching assets
+
+        :param Union[str, Dict[str, Any]] filter_by_override: Override for the filter_by dictionary
+        :param str wiz_project_id: The Wiz project ID
+        :return: The filter_by dictionary
+        :rtype: Dict[str, Any]
+        """
         if filter_by_override:
             return json.loads(filter_by_override) if isinstance(filter_by_override, str) else filter_by_override
         filter_by = {"project": wiz_project_id}
         if WizVariables.wizLastInventoryPull and not WizVariables.wizFullPullLimitHours:
-            filter_by["updatedAt"] = {"after": WizVariables.wizLastInventoryPull}
+            filter_by["updatedAt"] = {"after": WizVariables.wizLastInventoryPull}  # type: ignore
         return filter_by
 
     def parse_asset(self, node: Dict[str, Any]) -> Optional[IntegrationAsset]:
@@ -278,6 +290,14 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             software_name = self.get_software_name(software_name_dict, wiz_entity_properties, node)
             software_vendor = self.get_software_vendor(software_name_dict, wiz_entity_properties, node)
 
+        if WizVariables.useWizHardwareAssetTypes and node.get("graphEntity", {}).get("technologies", []):
+            technologies = node.get("graphEntity", {}).get("technologies", [])
+            deployment_models: set[str] = {
+                tech.get("deploymentModel") for tech in technologies if tech.get("deploymentModel")
+            }
+        else:
+            deployment_models = set()
+
         return IntegrationAsset(
             name=name,
             external_id=node.get("name"),
@@ -288,7 +308,7 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             asset_owner_id=ScannerVariables.userId,
             parent_id=self.plan_id,
             parent_module=regscale_models.SecurityPlan.get_module_slug(),
-            asset_category=map_category(node.get("type", "")),
+            asset_category=map_category(deployment_models or node.get("type", "")),
             date_last_updated=wiz_entity.get("lastSeen", ""),
             management_type=handle_management_type(wiz_entity_properties),
             status=self.map_wiz_status(wiz_entity_properties.get("status")),
@@ -326,7 +346,14 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         )
 
     @staticmethod
-    def get_ports_and_protocols(wiz_entity_properties):
+    def get_ports_and_protocols(wiz_entity_properties: dict) -> List[Dict[str, Union[int, str]]]:
+        """
+        Extracts ports and protocols from Wiz entity properties using the "portStart","portEnd", and "protocol" keys.
+
+        :param dict wiz_entity_properties: Dictionary containing Wiz entity properties
+        :return: A list of dictionaries containing start_port, end_port, and protocol
+        :rtype: List[Dict[str, Union[int, str]]]
+        """
         start_port = wiz_entity_properties.get("portStart")
         if start_port:
             end_port = wiz_entity_properties.get("portEnd") or start_port
@@ -337,19 +364,45 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         return []
 
     @staticmethod
-    def get_software_vendor(software_name_dict, wiz_entity_properties, node):
+    def get_software_vendor(software_name_dict: dict, wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software vendor from the software name dictionary or Wiz entity properties.
+
+        :param dict software_name_dict: Dictionary containing software name and vendor
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software vendor
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return software_name_dict.get("software_vendor") or wiz_entity_properties.get("cloudPlatform")
         return None
 
     @staticmethod
-    def get_software_version(wiz_entity_properties, node):
+    def get_software_version(wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software version from the Wiz entity properties or handles it based on the node type.
+
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software version
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return handle_software_version(wiz_entity_properties, map_category(node.get("type"))) or "1.0"
         return None
 
     @staticmethod
-    def get_software_name(software_name_dict, wiz_entity_properties, node):
+    def get_software_name(software_name_dict: dict, wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software name from the software name dictionary or Wiz entity properties.
+
+        :param dict software_name_dict: Dictionary containing software name and vendor
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software name
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return software_name_dict.get("software_name") or wiz_entity_properties.get("nativeType")
         return None

regscale/integrations/commercial/wizv2/utils.py

@@ -10,7 +10,7 @@ import logging
 import time
 import traceback
 from contextlib import closing
-from typing import Dict, List, Any, Optional
+from typing import Dict, List, Any, Optional, Union
 from zipfile import ZipFile
 
 import cachetools
@@ -111,22 +111,36 @@ def create_asset_type(asset_type: str) -> str:
     return asset_type
 
 
-def map_category(asset_string: str) -> regscale_models.AssetCategory:
+def map_category(asset_string: Union[set[str], str]) -> regscale_models.AssetCategory:
     """
-    category mapper
+    Map the asset category based on the asset string. If the asset string is not found in the wizHardwareAssetTypes or
+    in the AssetCategory enum, it will be mapped to "Software"
 
-    :param str asset_string:
-    :return: Category
+    :param Union[set[str], str] asset_string: Set of strings from the Wiz asset's technologies.deploymentModel or
+     the node's type
+    :return: RegScale AssetCategory
     :rtype: regscale_models.AssetCategory
     """
     try:
-        if asset_string in ["CONTAINER_IMAGE"]:
-            return regscale_models.AssetCategory.Software
-        return getattr(regscale_models.AssetCategory, asset_string)
+        if isinstance(asset_string, set):
+            hardware_count = sum(
+                asset.lower() == type.lower() for type in WizVariables.wizHardwareAssetTypes for asset in asset_string
+            )
+            software_count = len(asset_string) - hardware_count
+            return (
+                regscale_models.AssetCategory.Hardware
+                if hardware_count > software_count
+                else regscale_models.AssetCategory.Software
+            )
+        if asset_string in WizVariables.wizHardwareAssetTypes:
+            return regscale_models.AssetCategory.Hardware
+        elif asset_category := getattr(regscale_models.AssetCategory, asset_string):
+            return asset_category
+        return regscale_models.AssetCategory.Software
     except (KeyError, AttributeError) as ex:
         # why map AssetCategory of everything is software?
-        logger.debug("Unable to find %s in AssetType enum \n", ex)
-        return regscale_models.AssetCategory.Hardware
+        logger.debug("Unable to find %s in AssetType enum. Defaulting to Software\n", ex)
+        return regscale_models.AssetCategory.Software
 
 
 def convert_first_seen_to_days(first_seen: str) -> int:

regscale/integrations/commercial/wizv2/variables.py

@@ -37,3 +37,10 @@ class WizVariables(metaclass=RsVariablesMeta):
     wizClientId: RsVariableType(str, "", sensitive=True)  # type: ignore
     wizClientSecret: RsVariableType(str, "", sensitive=True)  # type: ignore
     wizLastInventoryPull: RsVariableType(str, "2022-01-01T00:00:00Z", required=False)  # type: ignore
+    useWizHardwareAssetTypes: RsVariableType(bool, False, required=False)  # type: ignore
+    wizHardwareAssetTypes: RsVariableType(
+        list,
+        '["SERVER_APPLICATION", "CLIENT_APPLICATION", "VIRTUAL_APPLIANCE"]',
+        default=["SERVER_APPLICATION", "CLIENT_APPLICATION", "VIRTUAL_APPLIANCE"],
+        required=False,
+    )  # type: ignore

regscale/integrations/jsonl_scanner_integration.py

@@ -61,6 +61,7 @@ class JSONLScannerIntegration(ScannerIntegration):
 
         # plan_id is required for all integrations
         super().__init__(**kwargs)
+        self.is_component = kwargs.get("is_component", False)
         # Extract S3-related kwargs
         self.s3_bucket = kwargs.get("s3_bucket", None)
         self.s3_prefix = kwargs.get("s3_prefix", "")
@@ -127,7 +128,11 @@ class JSONLScannerIntegration(ScannerIntegration):
         logger.info(f"Creating ScanHistory with scan_date: {scan_date}")
         scan_history = regscale_models.ScanHistory(
             parentId=self.plan_id,
-            parentModule=regscale_models.SecurityPlan.get_module_string(),
+            parentModule=(
+                regscale_models.Component.get_module_string()
+                if self.is_component
+                else regscale_models.SecurityPlan.get_module_string()
+            ),
             scanningTool=self.title,
             scanDate=scan_date,
             createdById=self.assessor_id,
@@ -1255,6 +1260,7 @@ class JSONLScannerIntegration(ScannerIntegration):
             use_jsonl_file=True,
             asset_count=total_assets,
             scan_date=self.scan_date,
+            is_component=self.is_component,
         )
 
         logger.info("Syncing %d findings to RegScale", total_findings)
@@ -1264,6 +1270,7 @@ class JSONLScannerIntegration(ScannerIntegration):
             use_jsonl_file=True,
             finding_count=total_findings,
             scan_date=self.scan_date,
+            is_component=self.is_component,
         )
 
         logger.info("Assets and findings sync complete")