regscale-cli 6.20.2.0__py3-none-any.whl → 6.20.3.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.20.2.0"
+__version__ = "6.20.3.0"

regscale/integrations/commercial/__init__.py

@@ -57,6 +57,19 @@ def aws():
 show_mapping(aws, "aws_inspector")
 
 
+@click.group(
+    cls=LazyGroup,
+    lazy_subcommands={
+        "sync_assets": "regscale.integrations.commercial.axonius.axonius_integration.sync_assets",
+        "sync_findings": "regscale.integrations.commercial.axonius.axonius_integration.sync_findings",
+    },
+    name="axonius",
+)
+def axonius():
+    """Axonius Integration"""
+    pass
+
+
 @click.group(
     cls=LazyGroup,
     lazy_subcommands={

regscale/integrations/commercial/axonius/axonius_integration.py

@@ -0,0 +1,70 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Axonius integration for RegScale CLI to sync assets"""
+
+# Standard python imports
+import click
+from regscale.core.app.utils.parser_utils import safe_datetime_str
+from regscale.core.app.api import Api
+from regscale.core.app.logz import create_logger
+from regscale.core.app.utils.app_utils import (
+    check_file_path,
+    check_license,
+    compute_hashes_in_directory,
+    convert_datetime_to_regscale_string,
+    create_progress_object,
+    error_and_exit,
+    get_current_datetime,
+    save_data_to,
+)
+from regscale.core.app.utils.regscale_utils import verify_provided_module
+from regscale.models import regscale_id, regscale_module
+from regscale.models.regscale_models.file import File
+from regscale.models.regscale_models.issue import Issue
+from regscale.models.regscale_models.task import Task
+from regscale.utils.threading.threadhandler import create_threads, thread_assignment
+from regscale.models import regscale_ssp_id
+
+import pandas as pd
+import requests
+import datetime
+from datetime import date
+import warnings
+import json
+from urllib.parse import urljoin
+
+warnings.filterwarnings("ignore")
+
+
+####################################################################################################
+#
+# SYNC ASSETS WITH AXONIUS
+# AXONIUS API Docs: https://developer.axonius.com/docs/overview
+#
+####################################################################################################
+
+
+# Create group to handle Axonius integration
+@click.group()
+def axonius():
+    """Sync assets between Axonius and RegScale."""
+
+
+@axonius.command(name="sync_assets")
+@regscale_ssp_id()
+def sync_assets(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius into RegScale."""
+    from regscale.models.integration_models.axonius_models.connectors.assets import AxoniusIntegration
+
+    scanner = AxoniusIntegration(plan_id=regscale_ssp_id)
+    scanner.sync_assets(plan_id=regscale_ssp_id)
+
+
+@axonius.command(name="sync_findings")
+@regscale_ssp_id()
+def sync_findings(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius into RegScale."""
+    from regscale.models.integration_models.axonius_models.connectors.assets import AxoniusIntegration
+
+    scanner = AxoniusIntegration(plan_id=regscale_ssp_id)
+    scanner.sync_findings(plan_id=regscale_ssp_id)

regscale/integrations/commercial/jira.py

@@ -297,10 +297,6 @@ def sync_regscale_and_jira(
                     len(update_counter),
                     output_str,
                 )
-                if sync_tasks_only:
-                    # set the updated flag to True for the tasks that were updated, to prevent them from being updated again during the sync_regscale_objects_to_jira function
-                    for task in regscale_objects_to_update:
-                        task.extra_data["updated"] = True
     else:
         logger.info("No %s(s) need to be updated in RegScale.", output_str)
 
@@ -540,14 +536,10 @@ def process_tasks_for_sync(
     close_tasks = []
     for jira_issue in jira_issues:
         task = create_regscale_task_from_jira(config, jira_issue, parent_id, parent_module)
-        if task not in existing_tasks:
-            insert_tasks.append(task)
-        else:
-            existing_task = next(
-                (t for t in existing_tasks if t == task and not t.extra_data.get("updated", False)), None
-            )
+        existing_task = next((t for t in existing_tasks if t == task and not t.extra_data.get("updated", False)), None)
+        if existing_task:
             task.id = existing_task.id
-            if (jira_issue.fields.status.name.lower() == "done" and task.status not in closed_statuses) or (
+            if (jira_issue.fields.status.name.lower() == "done" and existing_task.status not in closed_statuses) or (
                 task.status in closed_statuses and task != existing_task
             ):
                 task.status = "Closed"
@@ -556,6 +548,8 @@ def process_tasks_for_sync(
                 close_tasks.append(task)
             elif task != existing_task:
                 update_tasks.append(task)
+        else:
+            insert_tasks.append(task)
         progress.update(progress_task, advance=1)
     return insert_tasks, update_tasks, close_tasks
 
@@ -617,7 +611,7 @@ def create_and_update_regscale_tasks(
                 }
                 for _ in as_completed(task_futures):
                     progress.update(progress_task, advance=1)
-    return len(insert_tasks), len(update_tasks), len(close_tasks)
+    return len(insert_tasks), len(update_tasks) + len(update_counter), len(close_tasks)
 
 
 def task_and_attachments_sync(

regscale/integrations/commercial/synqly/assets.py

@@ -23,6 +23,16 @@ def sync_armis_centrix(regscale_ssp_id: int) -> None:
     assets_armis_centrix.run_sync(regscale_ssp_id=regscale_ssp_id)
 
 
+@assets.command(name="sync_axonius")
+@regscale_ssp_id()
+def sync_axonius(regscale_ssp_id: int) -> None:
+    """Sync Assets from Axonius to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Assets
+
+    assets_axonius = Assets("axonius")
+    assets_axonius.run_sync(regscale_ssp_id=regscale_ssp_id)
+
+
 @assets.command(name="sync_crowdstrike")
 @regscale_ssp_id()
 @click.option(

regscale/integrations/commercial/wizv2/constants.py

@@ -136,6 +136,10 @@ INVENTORY_QUERY = """
       projects {
         id
       }
+      technologies {
+        name
+        deploymentModel
+      }
       properties
       firstSeen
       lastSeen

regscale/integrations/commercial/wizv2/scanner.py

@@ -5,7 +5,7 @@ import json
 import logging
 import os
 import re
-from typing import Any, Dict, Iterator, List, Optional
+from typing import Any, Dict, Iterator, List, Optional, Union
 
 from regscale.core.app.utils.app_utils import check_file_path, get_current_datetime
 from regscale.core.utils import get_base_protocol_from_port
@@ -60,7 +60,13 @@ class WizVulnerabilityIntegration(ScannerIntegration):
     wiz_token = None
 
     @staticmethod
-    def get_variables():
+    def get_variables() -> Dict[str, Any]:
+        """
+        Returns default variables for first and filterBy for Wiz GraphQL queries.
+
+        :return: Default variables for Wiz queries
+        :rtype: Dict[str, Any]
+        """
         return {
             "first": 100,
             "filterBy": {},
@@ -115,7 +121,6 @@ class WizVulnerabilityIntegration(ScannerIntegration):
                 topic_key=wiz_vulnerability_type["topic_key"],
                 file_path=wiz_vulnerability_type["file_path"],
             )
-            self.num_findings_to_process += len(nodes)
             yield from self.parse_findings(nodes, wiz_vulnerability_type["type"])
         logger.info("Finished fetching Wiz findings.")
 
@@ -131,8 +136,8 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         :rtype: Iterator[IntegrationFinding]
         """
         for node in nodes:
-            finding = self.parse_finding(node, vulnerability_type)
-            if finding:
+            if finding := self.parse_finding(node, vulnerability_type):
+                self.num_findings_to_process += 1
                 yield finding
 
     @classmethod
@@ -232,17 +237,24 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         self.num_assets_to_process = len(nodes)
 
         for node in nodes:
-            asset = self.parse_asset(node)
-            if asset:
+            if asset := self.parse_asset(node):
                 yield asset
 
     @staticmethod
-    def get_filter_by(filter_by_override, wiz_project_id):
+    def get_filter_by(filter_by_override: Union[str, Dict[str, Any]], wiz_project_id: str) -> Dict[str, Any]:
+        """
+        Constructs the filter_by dictionary for fetching assets
+
+        :param Union[str, Dict[str, Any]] filter_by_override: Override for the filter_by dictionary
+        :param str wiz_project_id: The Wiz project ID
+        :return: The filter_by dictionary
+        :rtype: Dict[str, Any]
+        """
         if filter_by_override:
             return json.loads(filter_by_override) if isinstance(filter_by_override, str) else filter_by_override
         filter_by = {"project": wiz_project_id}
         if WizVariables.wizLastInventoryPull and not WizVariables.wizFullPullLimitHours:
-            filter_by["updatedAt"] = {"after": WizVariables.wizLastInventoryPull}
+            filter_by["updatedAt"] = {"after": WizVariables.wizLastInventoryPull}  # type: ignore
         return filter_by
 
     def parse_asset(self, node: Dict[str, Any]) -> Optional[IntegrationAsset]:
@@ -278,6 +290,14 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             software_name = self.get_software_name(software_name_dict, wiz_entity_properties, node)
             software_vendor = self.get_software_vendor(software_name_dict, wiz_entity_properties, node)
 
+        if WizVariables.useWizHardwareAssetTypes and node.get("graphEntity", {}).get("technologies", []):
+            technologies = node.get("graphEntity", {}).get("technologies", [])
+            deployment_models: set[str] = {
+                tech.get("deploymentModel") for tech in technologies if tech.get("deploymentModel")
+            }
+        else:
+            deployment_models = set()
+
         return IntegrationAsset(
             name=name,
             external_id=node.get("name"),
@@ -288,7 +308,7 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             asset_owner_id=ScannerVariables.userId,
             parent_id=self.plan_id,
             parent_module=regscale_models.SecurityPlan.get_module_slug(),
-            asset_category=map_category(node.get("type", "")),
+            asset_category=map_category(deployment_models or node.get("type", "")),
             date_last_updated=wiz_entity.get("lastSeen", ""),
             management_type=handle_management_type(wiz_entity_properties),
             status=self.map_wiz_status(wiz_entity_properties.get("status")),
@@ -326,7 +346,14 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         )
 
     @staticmethod
-    def get_ports_and_protocols(wiz_entity_properties):
+    def get_ports_and_protocols(wiz_entity_properties: dict) -> List[Dict[str, Union[int, str]]]:
+        """
+        Extracts ports and protocols from Wiz entity properties using the "portStart","portEnd", and "protocol" keys.
+
+        :param dict wiz_entity_properties: Dictionary containing Wiz entity properties
+        :return: A list of dictionaries containing start_port, end_port, and protocol
+        :rtype: List[Dict[str, Union[int, str]]]
+        """
         start_port = wiz_entity_properties.get("portStart")
         if start_port:
             end_port = wiz_entity_properties.get("portEnd") or start_port
@@ -337,19 +364,45 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         return []
 
     @staticmethod
-    def get_software_vendor(software_name_dict, wiz_entity_properties, node):
+    def get_software_vendor(software_name_dict: dict, wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software vendor from the software name dictionary or Wiz entity properties.
+
+        :param dict software_name_dict: Dictionary containing software name and vendor
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software vendor
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return software_name_dict.get("software_vendor") or wiz_entity_properties.get("cloudPlatform")
         return None
 
     @staticmethod
-    def get_software_version(wiz_entity_properties, node):
+    def get_software_version(wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software version from the Wiz entity properties or handles it based on the node type.
+
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software version
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return handle_software_version(wiz_entity_properties, map_category(node.get("type"))) or "1.0"
         return None
 
     @staticmethod
-    def get_software_name(software_name_dict, wiz_entity_properties, node):
+    def get_software_name(software_name_dict: dict, wiz_entity_properties: dict, node: dict) -> Optional[str]:
+        """
+        Gets the software name from the software name dictionary or Wiz entity properties.
+
+        :param dict software_name_dict: Dictionary containing software name and vendor
+        :param dict wiz_entity_properties: Properties of the Wiz entity
+        :param dict node: Node dictionary
+        :return: Software name
+        :rtype: Optional[str]
+        """
         if map_category(node.get("type")) == regscale_models.AssetCategory.Software:
             return software_name_dict.get("software_name") or wiz_entity_properties.get("nativeType")
         return None

regscale/integrations/commercial/wizv2/utils.py

@@ -10,7 +10,7 @@ import logging
 import time
 import traceback
 from contextlib import closing
-from typing import Dict, List, Any, Optional
+from typing import Dict, List, Any, Optional, Union
 from zipfile import ZipFile
 
 import cachetools
@@ -111,22 +111,36 @@ def create_asset_type(asset_type: str) -> str:
     return asset_type
 
 
-def map_category(asset_string: str) -> regscale_models.AssetCategory:
+def map_category(asset_string: Union[set[str], str]) -> regscale_models.AssetCategory:
     """
-    category mapper
+    Map the asset category based on the asset string. If the asset string is not found in the wizHardwareAssetTypes or
+    in the AssetCategory enum, it will be mapped to "Software"
 
-    :param str asset_string:
-    :return: Category
+    :param Union[set[str], str] asset_string: Set of strings from the Wiz asset's technologies.deploymentModel or
+     the node's type
+    :return: RegScale AssetCategory
     :rtype: regscale_models.AssetCategory
     """
     try:
-        if asset_string in ["CONTAINER_IMAGE"]:
-            return regscale_models.AssetCategory.Software
-        return getattr(regscale_models.AssetCategory, asset_string)
+        if isinstance(asset_string, set):
+            hardware_count = sum(
+                asset.lower() == type.lower() for type in WizVariables.wizHardwareAssetTypes for asset in asset_string
+            )
+            software_count = len(asset_string) - hardware_count
+            return (
+                regscale_models.AssetCategory.Hardware
+                if hardware_count > software_count
+                else regscale_models.AssetCategory.Software
+            )
+        if asset_string in WizVariables.wizHardwareAssetTypes:
+            return regscale_models.AssetCategory.Hardware
+        elif asset_category := getattr(regscale_models.AssetCategory, asset_string):
+            return asset_category
+        return regscale_models.AssetCategory.Software
     except (KeyError, AttributeError) as ex:
         # why map AssetCategory of everything is software?
-        logger.debug("Unable to find %s in AssetType enum \n", ex)
-        return regscale_models.AssetCategory.Hardware
+        logger.debug("Unable to find %s in AssetType enum. Defaulting to Software\n", ex)
+        return regscale_models.AssetCategory.Software
 
 
 def convert_first_seen_to_days(first_seen: str) -> int:

regscale/integrations/commercial/wizv2/variables.py

@@ -37,3 +37,10 @@ class WizVariables(metaclass=RsVariablesMeta):
     wizClientId: RsVariableType(str, "", sensitive=True)  # type: ignore
     wizClientSecret: RsVariableType(str, "", sensitive=True)  # type: ignore
     wizLastInventoryPull: RsVariableType(str, "2022-01-01T00:00:00Z", required=False)  # type: ignore
+    useWizHardwareAssetTypes: RsVariableType(bool, False, required=False)  # type: ignore
+    wizHardwareAssetTypes: RsVariableType(
+        list,
+        '["SERVER_APPLICATION", "CLIENT_APPLICATION", "VIRTUAL_APPLIANCE"]',
+        default=["SERVER_APPLICATION", "CLIENT_APPLICATION", "VIRTUAL_APPLIANCE"],
+        required=False,
+    )  # type: ignore

regscale/integrations/public/fedramp/fedramp_cis_crm.py

@@ -22,7 +22,7 @@ from regscale.core.app.utils.app_utils import create_progress_object, error_and_
 from regscale.core.utils.graphql import GraphQLQuery
 from regscale.integrations.public.fedramp.parts_mapper import PartMapper
 from regscale.integrations.public.fedramp.ssp_logger import SSPLogger
-from regscale.models import ControlObjective, ImplementationObjective, Parameter, Profile
+from regscale.models import ControlObjective, ImplementationObjective, ImportValidater, Parameter, Profile
 from regscale.models.regscale_models import (
     ControlImplementation,
     File,
@@ -39,6 +39,7 @@ if TYPE_CHECKING:
     import pandas as pd
 
 from functools import lru_cache
+from tempfile import gettempdir
 
 T = TypeVar("T")
 
@@ -278,8 +279,8 @@ def map_origination(control_id: str, cis_data: dict) -> dict:
         for origination_str, bool_key in origination_mapping.items():
             if origination_str in control_origination:
                 result[bool_key] = True
-
-        result["record_text"] += control_origination
+        if control_origination not in result["record_text"]:
+            result["record_text"] += control_origination
 
     return result
 
@@ -351,6 +352,9 @@ def update_imp_objective(
     for objective in objectives:
         current_pair = (objective.id, imp.id)
         if current_pair not in existing_pairs:
+            if objective.securityControlId != imp.controlID:
+                # This is a bad match, do not save.
+                continue
             imp_obj = ImplementationObjective(
                 id=0,
                 uuid="",
@@ -437,6 +441,7 @@ def parse_control_details(
     control_imp.bServiceProviderSystemSpecific = origination_bool["bServiceProviderSystemSpecific"]
     control_imp.bServiceProviderHybrid = origination_bool["bServiceProviderHybrid"]
     control_imp.bConfiguredByCustomer = origination_bool["bConfiguredByCustomer"]
+    control_imp.bShared = origination_bool["bShared"]
     control_imp.bProvidedByCustomer = origination_bool["bProvidedByCustomer"]
     control_imp.responsibility = get_responsibility(origination_bool)
     logger.debug(f"Control Implementation Responsibility: {control_imp.responsibility}")
@@ -822,7 +827,6 @@ def parse_crm_worksheet(file_path: click.Path, crm_sheet_name: str, version: Lit
     :return: Formatted CRM content
     :rtype: dict
     """
-    pd = get_pandas()
     logger.info("Parsing CRM worksheet...")
     formatted_crm = {}
 
@@ -832,13 +836,19 @@ def parse_crm_worksheet(file_path: click.Path, crm_sheet_name: str, version: Lit
     # Value for rev4
     skip_rows = 3
 
-    original_data = pd.read_excel(
-        str(file_path),
-        sheet_name=crm_sheet_name,
+    validator = ImportValidater(
+        file_path=file_path,
+        disable_mapping=True,
+        required_headers=[],
+        mapping_file_path=gettempdir(),
+        prompt=False,
+        ignore_unnamed=True,
+        worksheet_name=crm_sheet_name,
+        warn_extra_headers=False,
     )
 
     # find index of row where the first column == Control ID
-    skip_rows = determine_skip_row(original_df=original_data, text_to_find=CONTROL_ID, original_skip=skip_rows)
+    skip_rows = determine_skip_row(original_df=validator.data, text_to_find=CONTROL_ID, original_skip=skip_rows)
 
     logger.debug(f"Skipping {skip_rows} rows in CRM worksheet")
 
@@ -850,13 +860,43 @@ def parse_crm_worksheet(file_path: click.Path, crm_sheet_name: str, version: Lit
     ]
 
     try:
+        # Verify that the columns are in the dataframe
+        header_row = validator.data.iloc[skip_rows - 1 :].iloc[0]
+
+        # Check if we have enough columns
+        if len(header_row) < len(usecols):
+            error_and_exit(
+                f"Not enough columns found in CRM worksheet. Expected {len(usecols)} columns but found {len(header_row)}."
+            )
+
+        # Verify each required column exists in the correct position
+        missing_columns = []
+        for i, expected_col in enumerate(usecols):
+            if header_row.iloc[i] != expected_col:
+                missing_columns.append(
+                    f"Expected '{expected_col}' at position {i + 1} but found '{header_row.iloc[i]}'"
+                )
+
+        if missing_columns:
+            error_msg = "Required columns not found in the CRM worksheet:\n" + "\n".join(missing_columns)
+            error_and_exit(error_msg)
+
+        logger.debug("Verified all required columns exist in CRM worksheet")
+
         # Reindex the dataframe and skip some rows
-        data = original_data.iloc[skip_rows:].reset_index(drop=True)
+        data = validator.data.iloc[skip_rows:]
+
+        # Keep only the first three columns
+        data = data.iloc[:, :3]
+
+        # Rename the columns to match usecols
         data.columns = usecols
+        logger.debug(f"Kept only required columns: {', '.join(usecols)}")
+
     except KeyError as e:
         error_and_exit(f"KeyError: {e} - One or more columns specified in usecols are not found in the dataframe.")
     except Exception as e:
-        error_and_exit(f"An error occurred: {e}")
+        error_and_exit(f"An error occurred while processing CRM worksheet: {str(e)}")
     # Filter rows where "Can Be Inherited from CSP" is not equal to "No"
     exclude_no = data[data[CAN_BE_INHERITED_CSP] != "No"]
 
@@ -896,10 +936,21 @@ def parse_cis_worksheet(file_path: click.Path, cis_sheet_name: str) -> dict:
     pd = get_pandas()
     logger.info("Parsing CIS worksheet...")
     skip_rows = 2
-    # Parse the worksheet named 'CIS GovCloud U.S.+DoD (H)', skipping the initial rows
-    original_cis = pd.read_excel(file_path, sheet_name=cis_sheet_name)
 
-    skip_rows = determine_skip_row(original_df=original_cis, text_to_find=CONTROL_ID, original_skip=skip_rows)
+    validator = ImportValidater(
+        file_path=file_path,
+        disable_mapping=True,
+        required_headers=[],
+        mapping_file_path=gettempdir(),
+        prompt=False,
+        ignore_unnamed=True,
+        worksheet_name=cis_sheet_name,
+        warn_extra_headers=False,
+    )
+    skip_rows = determine_skip_row(original_df=validator.data, text_to_find=CONTROL_ID, original_skip=skip_rows)
+
+    # Parse the worksheet named 'CIS GovCloud U.S.+DoD (H)', skipping the initial rows
+    original_cis = validator.data
 
     cis_df = original_cis.iloc[skip_rows:].reset_index(drop=True)
 
@@ -912,6 +963,9 @@ def parse_cis_worksheet(file_path: click.Path, cis_sheet_name: str) -> dict:
     # Reset the index
     cis_df.reset_index(drop=True, inplace=True)
 
+    # Only keep the first 13 columns
+    cis_df = cis_df.iloc[:, :13]
+
     # Rename columns to standardize names
     cis_df.columns = [
         CONTROL_ID,

regscale/integrations/scanner_integration.py

@@ -425,6 +425,8 @@ class IntegrationFinding:
     operational_requirements: Optional[str] = None
     deviation_rationale: Optional[str] = None
     is_cwe: bool = False
+    affected_controls: Optional[str] = None
+    identification: Optional[str] = "Vulnerability Assessment"
 
     poam_comments: Optional[str] = None
     vulnerability_id: Optional[int] = None
@@ -1613,7 +1615,7 @@ class ScannerIntegration(ABC):
         issue.severityLevel = finding.severity
         issue.issueOwnerId = self.assessor_id
         issue.securityPlanId = self.plan_id if not self.is_component else None
-        issue.identification = "Vulnerability Assessment"
+        issue.identification = finding.identification
         issue.dateFirstDetected = finding.first_seen
         issue.dueDate = finding.due_date
         issue.description = description
@@ -1631,6 +1633,7 @@ class ScannerIntegration(ABC):
         # Get control implementation ID for CCI if it exists
         # Only add CCI control ID if it exists
         cci_control_ids = [control_id] if control_id is not None else []
+        issue.affectedControls = finding.affected_controls
 
         issue.controlImplementationIds = list(set(finding._control_implementation_ids + cci_control_ids))  # noqa
         issue.isPoam = is_poam
@@ -1793,7 +1796,10 @@ class ScannerIntegration(ABC):
         :return: True if the issue should be a POAM, False otherwise
         :rtype: bool
         """
-        if ScannerVariables.vulnerabilityCreation.lower() == "poamcreation":
+        if (
+            ScannerVariables.vulnerabilityCreation.lower() == "poamcreation"
+            or ScannerVariables.complianceCreation.lower() == "poam"
+        ):
             return True
         if finding.due_date < get_current_datetime():
             return True

regscale/integrations/variables.py

@@ -25,3 +25,4 @@ class ScannerVariables(metaclass=RsVariablesMeta):
     issueDueDates: RsVariableType(dict, "dueDates", default="{'high': 60, 'moderate': 120, 'low': 364}", required=False)  # type: ignore # noqa: F722,F821
     maxRetries: RsVariableType(int, "3", default=3, required=False)  # type: ignore
     timeout: RsVariableType(int, "60", default=60, required=False)  # type: ignore
+    complianceCreation: RsVariableType(str, "Assessment|Issue|POAM", default="Assessment", required=False)  # type: ignore # noqa: F722,F821

regscale/models/app_models/import_validater.py

@@ -58,6 +58,7 @@ class ImportValidater:
         skip_rows: Optional[int] = None,
         prompt: bool = True,
         ignore_unnamed: bool = False,
+        warn_extra_headers: bool = True,
     ):
         self.ignore_unnamed = ignore_unnamed
         self.prompt = prompt
@@ -74,6 +75,7 @@ class ImportValidater:
         self.keys = keys
         self.worksheet_name = worksheet_name
         self.skip_rows = skip_rows
+        self.warn_extra_headers = warn_extra_headers
         if self.file_type not in self._supported_types:
             raise ValidationException(
                 f"Unsupported file type: {self.file_type}, supported types are: {', '.join(self._supported_types)}",
@@ -148,7 +150,7 @@ class ImportValidater:
                 raise ValidationException(
                     f"{', '.join([f'`{header}`' for header in missing_headers])} header(s) not found in {self.file_path}"
                 )
-            if extra_headers:
+            if extra_headers and self.warn_extra_headers:
                 logger.warning("Extra headers found in the file: %s", ", ".join(extra_headers))
 
         if self.disable_mapping:

regscale/models/integration_models/axonius_models/connectors/__init__.py

@@ -0,0 +1,3 @@
+"""
+File that contains all connectors for the Axonius API.
+"""