regscale-cli 6.20.7.0__py3-none-any.whl → 6.20.9.0__py3-none-any.whl

regscale/integrations/commercial/synqly/ticketing.py

@@ -52,13 +52,6 @@ def sync_freshdesk(regscale_id: int, regscale_module: str, name: str, subject: s
 @ticketing.command(name="sync_jira")
 @regscale_id()
 @regscale_module()
-@click.option(
-    "--issue_type",
-    type=click.STRING,
-    help="jira issue type",
-    required=True,
-    prompt="jira issue type",
-)
 @click.option(
     "--project",
     type=click.STRING,
@@ -66,6 +59,12 @@ def sync_freshdesk(regscale_id: int, regscale_module: str, name: str, subject: s
     required=True,
     prompt="jira project",
 )
+@click.option(
+    "--default_issue_type",
+    type=click.STRING,
+    help="Default Issue Type for the integration. If provided, the issue_type field becomes optional in ticket creation requests.",
+    required=False,
+)
 @click.option(
     "--default_project",
     type=click.STRING,
@@ -80,7 +79,12 @@ def sync_freshdesk(regscale_id: int, regscale_module: str, name: str, subject: s
     default=True,
 )
 def sync_jira(
-    regscale_id: int, regscale_module: str, issue_type: str, project: str, default_project: str, sync_attachments: bool
+    regscale_id: int,
+    regscale_module: str,
+    project: str,
+    default_issue_type: str,
+    default_project: str,
+    sync_attachments: bool,
 ) -> None:
     """Sync Ticketing data between Jira and RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Ticketing
@@ -89,8 +93,8 @@ def sync_jira(
     ticketing_jira.run_sync(
         regscale_id=regscale_id,
         regscale_module=regscale_module,
-        issue_type=issue_type,
         project=project,
+        default_issue_type=default_issue_type,
         default_project=default_project,
         sync_attachments=sync_attachments,
     )
@@ -157,12 +161,20 @@ def sync_servicenow(regscale_id: int, regscale_module: str, issue_type: str, def
     required=True,
     prompt="servicenow_sir issue type",
 )
-def sync_servicenow_sir(regscale_id: int, regscale_module: str, issue_type: str) -> None:
+@click.option(
+    "--default_project",
+    type=click.STRING,
+    help="Default Project for the integration. This maps to the custom table for tickets. This table should be derived from Security Incident table. Defaults to the security incident table if not specified.",
+    required=False,
+)
+def sync_servicenow_sir(regscale_id: int, regscale_module: str, issue_type: str, default_project: str) -> None:
     """Sync Ticketing data between Servicenow Sir and RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Ticketing
 
     ticketing_servicenow_sir = Ticketing("servicenow_sir")
-    ticketing_servicenow_sir.run_sync(regscale_id=regscale_id, regscale_module=regscale_module, issue_type=issue_type)
+    ticketing_servicenow_sir.run_sync(
+        regscale_id=regscale_id, regscale_module=regscale_module, issue_type=issue_type, default_project=default_project
+    )
 
 
 @ticketing.command(name="sync_torq")

regscale/integrations/commercial/veracode.py

@@ -28,10 +28,12 @@ FlatFileImporter.show_mapping(
     message="File path to the folder containing Veracode .xlsx files to process to RegScale.",
     prompt="File path for Veracode files",
     import_name="veracode",
+    support_component=True,
 )
 def import_veracode(
     folder_path: PathLike[str],
     regscale_ssp_id: int,
+    component_id: int,
     scan_date: datetime,
     mappings_path: Path,
     disable_mapping: bool,
@@ -43,9 +45,15 @@ def import_veracode(
     """
     Import scans, vulnerabilities and assets to RegScale from Veracode export files
     """
+    if not regscale_ssp_id and not component_id:
+        raise click.UsageError(
+            "You must provide either a --regscale_ssp_id or a --component_id to import Veracode scans."
+        )
+
     import_veracode_data(
         folder_path=folder_path,
-        regscale_ssp_id=regscale_ssp_id,
+        object_id=component_id if component_id else regscale_ssp_id,
+        is_component=bool(component_id),
         scan_date=scan_date,
         mappings_path=mappings_path,
         disable_mapping=disable_mapping,
@@ -58,7 +66,7 @@ def import_veracode(
 
 def import_veracode_data(
     folder_path: PathLike[str],
-    regscale_ssp_id: int,
+    object_id: int,
     scan_date: datetime,
     mappings_path: Path,
     s3_bucket: str,
@@ -66,11 +74,13 @@ def import_veracode_data(
     aws_profile: str,
     disable_mapping: Optional[bool] = False,
     upload_file: Optional[bool] = True,
+    is_component: Optional[bool] = False,
 ) -> None:
     """Import scans, vulnerabilities and assets to RegScale from Veracode export files"
 
     :param os.PathLike[str] folder_path: Path to the folder containing Veracode files
-    :param int regscale_ssp_id: RegScale SSP ID
+    :param int object_id: RegScale SSP ID or Component ID
+    :param bool is_component: Whether object_id is a component or not
     :param datetime scan_date: Scan date
     :param os.PathLike[str] mappings_path: Path to the header mapping file
     :param str s3_bucket: S3 bucket to download the files from
@@ -85,7 +95,7 @@ def import_veracode_data(
         import_name="Veracode",
         file_types=[".xml", ".xlsx", ".json"],
         folder_path=folder_path,
-        regscale_ssp_id=regscale_ssp_id,
+        object_id=object_id,
         scan_date=scan_date,
         mappings_path=mappings_path,
         disable_mapping=disable_mapping,
@@ -93,4 +103,5 @@ def import_veracode_data(
         s3_prefix=s3_prefix,
         aws_profile=aws_profile,
         upload_file=upload_file,
+        is_component=is_component,
     )

regscale/integrations/commercial/xray.py

@@ -80,7 +80,7 @@ def import_xray_files(
         import_name="XRay",
         file_types=".json",
         folder_path=folder_path,
-        regscale_ssp_id=regscale_ssp_id,
+        object_id=regscale_ssp_id,
         scan_date=scan_date,
         mappings_path=mappings_path,
         disable_mapping=disable_mapping,

regscale/integrations/public/cisa.py

@@ -171,7 +171,13 @@ def parse_html(page_url: str, app: Application) -> list:
         control["items"] = len(articles)
         control["page"] += 1
         # check if max threads <= 20 to prevent IP ban from CISA
-        max_threads = min(app.config["maxThreads"], 20)
+        max_threads_config = app.config.get("maxThreads", 100)
+        if not isinstance(max_threads_config, int):
+            try:
+                max_threads_config = int(max_threads_config)
+            except (ValueError, TypeError):
+                max_threads_config = 100
+        max_threads = min(max_threads_config, 20)
         with ThreadPoolExecutor(max_workers=max_threads) as executor:
             futures = []
             for link in control["links"]:

regscale/integrations/public/nist_catalog.py

@@ -67,8 +67,14 @@ def sort_controls_by_id(catalog_id: int) -> None:
     api = Api()
     config = app.config
     # update api limits depending on maxThreads
-    api.pool_connections = max(api.pool_connections, config["maxThreads"])
-    api.pool_maxsize = max(api.pool_maxsize, config["maxThreads"])
+    max_threads = config.get("maxThreads", 100)
+    if not isinstance(max_threads, int):
+        try:
+            max_threads = int(max_threads)
+        except (ValueError, TypeError):
+            max_threads = 100
+    api.pool_connections = max(api.pool_connections, max_threads)
+    api.pool_maxsize = max(api.pool_maxsize, max_threads)
     security_control_count: int = 0
 
     # get all controls by catalog

regscale/integrations/scanner_integration.py

@@ -638,6 +638,9 @@ class ScannerIntegration(ABC):
         self.is_component: bool = is_component
         if self.is_component:
             self.component = regscale_models.Component.get_object(self.plan_id)
+            self.parent_module: str = regscale_models.Component.get_module_string()
+        else:
+            self.parent_module: str = regscale_models.SecurityPlan.get_module_string()
         self.components: ThreadSafeList[Any] = ThreadSafeList()
         self.asset_map_by_identifier: ThreadSafeDict[str, regscale_models.Asset] = ThreadSafeDict()
         self.software_to_create: ThreadSafeList[regscale_models.SoftwareInventory] = ThreadSafeList()
@@ -655,16 +658,17 @@ class ScannerIntegration(ABC):
         self.implementation_option_map: ThreadSafeDict[str, int] = ThreadSafeDict()
         self.control_implementation_map: ThreadSafeDict[int, regscale_models.ControlImplementation] = ThreadSafeDict()
 
-        self.control_implementation_id_map = regscale_models.ControlImplementation.get_control_label_map_by_plan(
-            plan_id=plan_id
+        self.control_implementation_id_map = regscale_models.ControlImplementation.get_control_label_map_by_parent(
+            parent_id=self.plan_id, parent_module=self.parent_module
         )
         self.control_map = {v: k for k, v in self.control_implementation_id_map.items()}
         self.existing_issue_ids_by_implementation_map = regscale_models.Issue.get_open_issues_ids_by_implementation_id(
-            plan_id=plan_id
+            plan_id=self.plan_id, is_component=self.is_component
         )  # GraphQL Call
-        self.control_id_to_implementation_map = regscale_models.ControlImplementation.get_control_id_map_by_plan(
-            plan_id=plan_id
+        self.control_id_to_implementation_map = regscale_models.ControlImplementation.get_control_id_map_by_parent(
+            parent_id=self.plan_id, parent_module=self.parent_module
         )
+
         self.cci_to_control_map: ThreadSafeDict[str, set[int]] = ThreadSafeDict()
         self._no_ccis: bool = False
         self.cci_to_control_map_lock: threading.Lock = threading.Lock()
@@ -800,11 +804,7 @@ class ScannerIntegration(ABC):
                 getattr(x, self.asset_identifier_field): x
                 for x in regscale_models.Asset.get_all_by_parent(
                     parent_id=self.plan_id,
-                    parent_module=(
-                        regscale_models.Component.get_module_string()
-                        if self.is_component
-                        else regscale_models.SecurityPlan.get_module_string()
-                    ),
+                    parent_module=self.parent_module,
                 )
             }
 
@@ -817,7 +817,7 @@ class ScannerIntegration(ABC):
         """
         all_issues = regscale_models.Issue.get_all_by_parent(
             parent_id=self.plan_id,
-            parent_module=regscale_models.SecurityPlan.get_module_string(),
+            parent_module=self.parent_module,
         )
         return {issue.integrationFindingId: issue for issue in all_issues}
 
@@ -1094,11 +1094,7 @@ class ScannerIntegration(ABC):
             otherTrackingNumber=asset.other_tracking_number or asset.identifier,
             assetOwnerId=asset.asset_owner_id or "Unknown",
             parentId=component.id if component else self.plan_id,
-            parentModule=(
-                regscale_models.Component.get_module_string()
-                if component or self.is_component
-                else regscale_models.SecurityPlan.get_module_string()
-            ),
+            parentModule=self.parent_module,
             assetType=asset.asset_type,
             dateLastUpdated=asset.date_last_updated or get_current_datetime(),
             status=asset.status,
@@ -1324,9 +1320,7 @@ class ScannerIntegration(ABC):
 
         :rtype: None
         """
-        regscale_models.Asset.get_all_by_parent(
-            parent_id=self.plan_id, parent_module=regscale_models.SecurityPlan.get_module_string()
-        )
+        regscale_models.Asset.get_all_by_parent(parent_id=self.plan_id, parent_module=self.parent_module)
 
     def _create_process_function(self, loading_assets: TaskID) -> Callable[[IntegrationAsset], bool]:
         """
@@ -1600,11 +1594,7 @@ class ScannerIntegration(ABC):
 
         # Update all fields
         issue.parentId = self.plan_id
-        issue.parentModule = (
-            regscale_models.Component.get_module_string()
-            if self.is_component
-            else regscale_models.SecurityPlan.get_module_string()
-        )
+        issue.parentModule = self.parent_module
         issue.vulnerabilityId = finding.vulnerability_id
         issue.title = issue_title
         issue.dateCreated = finding.date_created
@@ -2159,7 +2149,7 @@ class ScannerIntegration(ABC):
                 # Get all existing POAM IDs and find the maximum
                 issues: List[regscale_models.Issue] = regscale_models.Issue.get_all_by_parent(
                     parent_id=self.plan_id,
-                    parent_module=regscale_models.SecurityPlan.get_module_string(),
+                    parent_module=self.parent_module,
                 )
                 self._max_poam_id = max(
                     (
@@ -2184,11 +2174,7 @@ class ScannerIntegration(ABC):
         """
         scan_history = regscale_models.ScanHistory(
             parentId=self.plan_id,
-            parentModule=(
-                regscale_models.Component.get_module_string()
-                if self.is_component
-                else regscale_models.SecurityPlan.get_module_string()
-            ),
+            parentModule=self.parent_module,
             scanningTool=self.title,
             scanDate=self.scan_date if self.scan_date else get_current_datetime(),
             createdById=self.assessor_id,
@@ -2309,11 +2295,7 @@ class ScannerIntegration(ABC):
             description=finding.description,
             dateLastUpdated=finding.date_last_updated,
             parentId=self.plan_id,
-            parentModule=(
-                regscale_models.Component.get_module_string()
-                if self.is_component
-                else regscale_models.SecurityPlan.get_module_string()
-            ),
+            parentModule=self.parent_module,
             dns=asset.fqdn or "unknown",
             status=regscale_models.VulnerabilityStatus.Open,
             ipAddress=finding.ip_address or asset.ipAddress or "",
@@ -2424,7 +2406,7 @@ class ScannerIntegration(ABC):
 
         # Get all vulnerabilities for this security plan
         all_vulnerabilities: list[regscale_models.Vulnerability] = regscale_models.Vulnerability.get_all_by_parent(
-            parent_id=self.plan_id, parent_module=regscale_models.SecurityPlan.get_module_string()
+            parent_id=self.plan_id, parent_module=self.parent_module
         )
 
         # Pre-filter vulnerabilities that are not in current set

regscale/models/integration_models/cisa_kev_data.json

@@ -1,9 +1,54 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.07.22",
-    "dateReleased": "2025-07-22T17:01:26.7198Z",
-    "count": 1388,
+    "catalogVersion": "2025.07.28",
+    "dateReleased": "2025-07-28T14:00:14.6746Z",
+    "count": 1391,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2023-2533",
+            "vendorProject": "PaperCut",
+            "product": "NG\/MF",
+            "vulnerabilityName": "PaperCut NG\/MF Cross-Site Request Forgery (CSRF) Vulnerability",
+            "dateAdded": "2025-07-28",
+            "shortDescription": "PaperCut NG\/MF contains a cross-site request forgery (CSRF) vulnerability, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. ",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-18",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/www.papercut.com\/kb\/Main\/SecurityBulletinJune2023 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-2533",
+            "cwes": [
+                "CWE-352"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-20337",
+            "vendorProject": "Cisco",
+            "product": "Identity Services Engine",
+            "vulnerabilityName": "Cisco Identity Services Engine Injection Vulnerability",
+            "dateAdded": "2025-07-28",
+            "shortDescription": "Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-18",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ise-unauth-rce-ZAd2GnJ6 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-20337",
+            "cwes": [
+                "CWE-74"
+            ]
+        },
+        {
+            "cveID": "CVE-2025-20281",
+            "vendorProject": "Cisco",
+            "product": "Identity Services Engine",
+            "vulnerabilityName": "Cisco Identity Services Engine Injection Vulnerability",
+            "dateAdded": "2025-07-28",
+            "shortDescription": "Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-08-18",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-ise-unauth-rce-ZAd2GnJ6 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-20281",
+            "cwes": [
+                "CWE-74"
+            ]
+        },
         {
             "cveID": "CVE-2025-2775",
             "vendorProject": "SysAid",
@@ -73,7 +118,7 @@
             "shortDescription": "Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. The update for CVE-2025-53770 includes more robust protections than the update for CVE-2025-49704.",
             "requiredAction": "CISA recommends disconnecting public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS). For example, SharePoint Server 2013 and earlier versions are end-of-life and should be discontinued if still in use. For supported versions, please follow the mitigations according to CISA and vendor instructions. Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
             "dueDate": "2025-07-23",
-            "knownRansomwareCampaignUse": "Unknown",
+            "knownRansomwareCampaignUse": "Known",
             "notes": "CISA Mitigation Instructions: https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/07\/20\/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770; https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/22\/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities\/ ; https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49704 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-49704",
             "cwes": [
                 "CWE-94"
@@ -88,8 +133,8 @@
             "shortDescription": "Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. The update for CVE-2025-53771 includes more robust protections than the update for CVE-2025-49706.",
             "requiredAction": "CISA recommends disconnecting public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS). For example, SharePoint Server 2013 and earlier versions are end-of-life and should be discontinued if still in use. For supported versions, please follow the mitigations according to CISA and vendor instructions. Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
             "dueDate": "2025-07-23",
-            "knownRansomwareCampaignUse": "Unknown",
-            "notes": "CISA Mitigation Instructions: https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/07\/20\/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770; https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/22\/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities\/ ; https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49706 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-49706",
+            "knownRansomwareCampaignUse": "Known",
+            "notes": "CISA Mitigation Instructions: https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/07\/20\/microsoft-releases-guidance-exploitation-sharepoint-vulnerability-cve-2025-53770 ; https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/07\/22\/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities\/ ; https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49706 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-49706",
             "cwes": [
                 "CWE-287"
             ]

regscale/models/integration_models/flat_file_importer/__init__.py

@@ -1,14 +1,13 @@
 """Container Scan Abstract"""
 
 import ast
-import csv
 import json
 import logging
 import re
 import shutil
 from abc import ABC, abstractmethod
 from collections import namedtuple
-from datetime import datetime, timedelta
+from datetime import datetime
 from os import PathLike
 from typing import TYPE_CHECKING, Any, Callable, Generator, Iterator, List, Optional, Sequence, TextIO, Tuple, Union
 
@@ -18,7 +17,6 @@ if TYPE_CHECKING:
 from pathlib import Path
 
 import click
-import requests
 import xmltodict
 from openpyxl.reader.excel import load_workbook
 
@@ -32,11 +30,10 @@ from regscale.core.app.utils.app_utils import (
     get_current_datetime,
 )
 from regscale.core.app.utils.parser_utils import safe_datetime_str
-from regscale.core.app.utils.report_utils import ReportGenerator
 from regscale.integrations.scanner_integration import ScannerIntegration
 from regscale.models import IssueStatus, Metadata, regscale_models
 from regscale.models.app_models.mapping import Mapping
-from regscale.models.regscale_models import Asset, File, Issue, Vulnerability
+from regscale.models.regscale_models import Asset, File, Vulnerability
 
 logger = logging.getLogger(__name__)
 
@@ -74,6 +71,7 @@ class FlatFileIntegration(ScannerIntegration):
                 "Low": regscale_models.IssueSeverity.Low,
             }
         super().__init__(plan_id=plan_id, **kwargs)
+        self.is_component = kwargs.get("is_component", False)
 
     def set_asset_identifier_field(self, asset_identifier_field: str) -> None:
         """
@@ -130,10 +128,16 @@ class FlatFileImporter(ABC):
                 "Medium": regscale_models.IssueSeverity.Moderate,
                 "Low": regscale_models.IssueSeverity.Low,
             }
-        if "parent_id" not in kwargs and "regscale_ssp_id" in kwargs:
-            kwargs["parent_id"] = kwargs["regscale_ssp_id"]
-            kwargs["parent_module"] = "securityplans"
-            kwargs["plan_id"] = kwargs["regscale_ssp_id"]
+
+        # Set the parent_id, parent_module, and plan_id if they are not provided
+        if "parent_id" not in kwargs and "object_id" in kwargs:
+            kwargs["parent_id"] = kwargs["object_id"]
+            kwargs["plan_id"] = kwargs["object_id"]
+        if kwargs.get("is_component", False):
+            kwargs["parent_module"] = regscale_models.Component.get_module_string()
+        else:
+            kwargs["parent_module"] = regscale_models.SecurityPlan.get_module_string()
+
         if "app" not in kwargs:
             kwargs["app"] = Application()
         # empty generator
@@ -156,7 +160,8 @@ class FlatFileImporter(ABC):
             "mapping",
             "ignore_validation",
             "header_line_number",
-            "regscale_ssp_id",
+            "is_component",
+            "object_id",
             "plan_id",
             "disable_mapping",
             "mappings_path",
@@ -188,7 +193,8 @@ class FlatFileImporter(ABC):
         }
         self.create_epoch = str(int(creation_date(self.attributes.file_path)))
         flat_int = FlatFileIntegration(
-            plan_id=self.attributes.plan_id or self.attributes.regscale_ssp_id or self.attributes.parent_id,
+            plan_id=self.attributes.plan_id or self.attributes.object_id or self.attributes.parent_id,
+            is_component=self.attributes.is_component,
             asset_identifier_field=self.asset_identifier_field,
             finding_severity_map=self.finding_severity_map,
         )
@@ -206,13 +212,15 @@ class FlatFileImporter(ABC):
         elif isinstance(self.data["vulns"], list):
             flat_int.num_findings_to_process = len(self.data["vulns"])
         flat_int.sync_assets(
-            plan_id=self.attributes.parent_id,
+            plan_id=self.attributes.plan_id,
+            is_component=self.attributes.is_component,
             integration_assets=self.integration_assets,
             title=self.attributes.name,
             asset_count=flat_int.num_assets_to_process,
         )
         flat_int.sync_findings(
-            plan_id=self.attributes.parent_id,
+            plan_id=self.attributes.plan_id,
+            is_component=self.attributes.is_component,
             integration_findings=self.integration_findings,
             title=self.attributes.name,
             finding_count=flat_int.num_findings_to_process,
@@ -319,7 +327,7 @@ class FlatFileImporter(ABC):
             asset_type=asset.assetType,
             asset_owner_id=asset.assetOwnerId,
             parent_id=self.attributes.parent_id,
-            parent_module=regscale_models.SecurityPlan.get_module_slug(),
+            parent_module=self.attributes.parent_module,
             asset_category=asset.assetCategory,
             date_last_updated=asset.dateLastUpdated,
             status=asset.status,
@@ -651,7 +659,7 @@ class FlatFileImporter(ABC):
         import_name: str,
         file_types: Union[str, list[str]],
         folder_path: PathLike[str],
-        regscale_ssp_id: int,
+        object_id: int,
         scan_date: datetime,
         mappings_path: Union[PathLike[str], Path],
         disable_mapping: bool,
@@ -668,7 +676,7 @@ class FlatFileImporter(ABC):
         :param str import_name: The name of the import type
         :param Union[str, list[str]] file_types: The file types to glob and import, e.g. ".csv" or [".csv", ".xlsx"]
         :param PathLike[str] folder_path: The folder path to import from
-        :param int regscale_ssp_id: The RegScale SSP ID
+        :param int object_id: The RegScale SSP ID
         :param datetime scan_date: The date of the scan
         :param Union[PathLike[str], Path] mappings_path: The path to the mappings file
         :param bool disable_mapping: Whether to disable custom mappings
@@ -685,9 +693,16 @@ class FlatFileImporter(ABC):
         if s3_bucket:
             download_from_s3(s3_bucket, s3_prefix, folder_path, aws_profile)
         app = Application()
-        if not validate_regscale_object(regscale_ssp_id, "securityplans"):
-            app.logger.warning("SSP #%i is not a valid RegScale Security Plan.", regscale_ssp_id)
+
+        # Validate the parent_id is a valid RegScale object
+        is_component = kwargs.get("is_component", False)
+        if is_component and not validate_regscale_object(object_id, "components"):
+            app.logger.warning("Component #%i is not a valid RegScale Component.", object_id)
+            return
+        elif not is_component and not validate_regscale_object(object_id, "securityplans"):
+            app.logger.warning("SSP #%i is not a valid RegScale Security Plan.", object_id)
             return
+
         if not scan_date or not FlatFileImporter.check_date_format(scan_date):
             scan_date = datetime.now()
         if isinstance(file_types, str):
@@ -705,7 +720,7 @@ class FlatFileImporter(ABC):
                 import_type(
                     name=import_name,
                     file_path=str(file),
-                    regscale_ssp_id=regscale_ssp_id,
+                    object_id=object_id,
                     scan_date=scan_date,
                     mappings_path=mappings_path,
                     disable_mapping=disable_mapping,

regscale/models/integration_models/send_reminders.py

@@ -554,8 +554,14 @@ class SendReminders:
         )
 
         # update api pool limits to max_thread count from init.yaml
-        api.pool_connections = config["maxThreads"]
-        api.pool_maxsize = config["maxThreads"]
+        max_threads = config.get("maxThreads", 100)
+        if not isinstance(max_threads, int):
+            try:
+                max_threads = int(max_threads)
+            except (ValueError, TypeError):
+                max_threads = 100
+        api.pool_connections = max_threads
+        api.pool_maxsize = max_threads
 
         # get assigned threads
         for i in range(len(threads)):