regscale-cli 6.25.1.0__py3-none-any.whl → 6.27.0.0__py3-none-any.whl

regscale/integrations/commercial/qualys/__init__.py

@@ -34,9 +34,8 @@ from regscale.integrations.commercial.qualys.scanner import QualysTotalCloudJSON
 from regscale.integrations.commercial.qualys.variables import QualysVariables
 from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
 from regscale.integrations.variables import ScannerVariables
-from regscale.models import Asset, Issue, Search, regscale_models
-from regscale.models.app_models.click import NotRequiredIf, regscale_ssp_id, save_output_to, ssp_or_component_id
-from regscale.models.integration_models.ecr_models.data import Finding
+from regscale.models import Asset, Issue, Search, regscale_models, IssueStatus, IssueSeverity
+from regscale.models.app_models.click import NotRequiredIf, save_output_to, ssp_or_component_id
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
 from regscale.models.integration_models.qualys import (
     Qualys,
@@ -2116,7 +2115,7 @@ def lookup_asset(asset_list: list, asset_id: str = None) -> list[Asset]:
     return list(set(asset_list)) or []
 
 
-def map_qualys_severity_to_regscale(severity: int) -> tuple[str, str]:
+def map_qualys_severity_to_regscale(severity: int) -> tuple[IssueSeverity, str]:
     """
     Map Qualys vulnerability severity to RegScale Issue severity
 
@@ -2125,12 +2124,12 @@ def map_qualys_severity_to_regscale(severity: int) -> tuple[str, str]:
     :rtype: tuple[str, str]
     """
     if severity <= 2:
-        return "III - Low - Other Weakness", "low"
+        return IssueSeverity.Low, "low"
     if severity == 3:
-        return "II - Moderate - Reportable Condition", "moderate"
+        return IssueSeverity.Moderate, "moderate"
     if severity > 3:
-        return "I - High - Significant Deficiency", "high"
-    return "IV - Not Assigned", "low"
+        return IssueSeverity.High, "high"
+    return IssueSeverity.NotAssigned, "low"
 
 
 def create_regscale_issue_from_vuln(

regscale/integrations/commercial/qualys/scanner.py

@@ -4,6 +4,7 @@ Qualys Total Cloud scanner integration class using JSONLScannerIntegration.
 
 import logging
 import os
+import threading
 import time
 import traceback
 import xml.etree.ElementTree as ET
@@ -1554,17 +1555,21 @@ class QualysTotalCloudJSONLIntegration(JSONLScannerIntegration):
 
         return vulnerability_id
 
-    def set_severity_count_for_scan(self, severity: str, scan_history: regscale_models.ScanHistory) -> None:
+    def set_severity_count_for_scan(
+        self, severity: str, scan_history: regscale_models.ScanHistory, lock: Optional[threading.RLock] = None
+    ) -> None:
         """
         Override parent method to ensure Qualys scan history severity counts are properly updated.
         This ensures that the vulnerability counts are accurately reflected in the scan history.
 
         :param str severity: Severity of the vulnerability
         :param regscale_models.ScanHistory scan_history: Scan history object
+        :param Optional[threading.RLock] lock: Thread lock for synchronization
         :rtype: None
         """
-        # Use parent method to update severity counts
-        super().set_severity_count_for_scan(severity, scan_history)
+        # Use parent method to update severity counts with thread-safe locking
+        # Pass lock if provided, otherwise use our instance lock
+        super().set_severity_count_for_scan(severity, scan_history, lock or self.scan_history_lock)
 
     def create_scan_history(self) -> regscale_models.ScanHistory:
         """

regscale/integrations/commercial/sicura/api.py

@@ -356,7 +356,7 @@ class SicuraAPI:
         try:
             response = self._make_request(
                 "GET",
-                "/backend/api/jaeger/v1/nodes",
+                "/api/jaeger/v1/nodes",
                 params={
                     "verbose": "true",
                     "attributes": "platforms,scannable_profiles,most_recent_scan",
@@ -425,7 +425,7 @@ class SicuraAPI:
                 "scanAttributes": {"platform": platform, "profile": profile},
             }
 
-            result = self._make_request("POST", "/backend/api/jaeger/v1/tasks/", data=payload)
+            result = self._make_request("POST", "/api/jaeger/v1/tasks/", data=payload)
 
             if result:
                 logger.info(f"Successfully created scan task with ID: {result}")
@@ -448,7 +448,7 @@ class SicuraAPI:
         """
         try:
             response = self._make_request(
-                "GET", "/backend/api/jaeger/v1/jobs", params={"verbose": "true", self.FILTER_TASK_ID: task_id}
+                "GET", "/api/jaeger/v1/jobs", params={"verbose": "true", self.FILTER_TASK_ID: task_id}
             )
 
             # Handle 404 or empty response
@@ -503,7 +503,7 @@ class SicuraAPI:
             if profile:
                 params["profile"] = profile
 
-            response = self._make_request("GET", "/backend/api/jaeger/v1/nodes", params=params)
+            response = self._make_request("GET", "/api/jaeger/v1/nodes", params=params)
 
             # Handle 404 or empty response
             if not response or (isinstance(response, list) and not response):
@@ -524,16 +524,17 @@ class SicuraAPI:
                     return None  # Return None if no scans available
 
                 # Calculate summary stats
-                pass_count = sum(1 for scan in device.get("scans", []) if scan.get("result") == "pass")
-                fail_count = sum(1 for scan in device.get("scans", []) if scan.get("result") == "fail")
-                total_count = len(device.get("scans", []))
+                scan_results = device.get("scans", {}).get("results", [])
+                pass_count = sum(1 for scan in scan_results if scan.get("result") == "pass")
+                fail_count = sum(1 for scan in scan_results if scan.get("result") == "fail")
+                total_count = len(scan_results)
 
                 # Create the raw result data
                 result_data = {
                     "device_id": device.get("id"),
                     "fqdn": device.get("fqdn"),
                     "ip_address": device.get("ip_address"),
-                    "scans": device.get("scans", []),
+                    "scans": scan_results,
                     "summary": {
                         "total": total_count,
                         "pass": pass_count,
@@ -638,7 +639,7 @@ class SicuraAPI:
             if ip_address:
                 params[self.FILTER_IP_ADDRESS] = ip_address
 
-            response = self._make_request("GET", "/backend/api/jaeger/v1/node_templates/", params=params)
+            response = self._make_request("GET", "/api/jaeger/v1/node_templates/", params=params)
 
             # Handle 404 or empty response
             if not response or (isinstance(response, dict) and "detail" in response):
@@ -670,7 +671,7 @@ class SicuraAPI:
             # Use PUT method with the correct endpoint and payload
             result = self._make_request(
                 "PUT",
-                f"/backend/api/jaeger/v1/node_templates/{device_id}",
+                f"/api/jaeger/v1/node_templates/{device_id}",
                 params={"verbose": "true", "include_controls": "true", "action": "promote"},
             )
 
@@ -697,7 +698,7 @@ class SicuraAPI:
             # Use PUT method with the correct endpoint and payload
             result = self._make_request(
                 "PUT",
-                f"/backend/api/jaeger/v1/node_templates/{device_id}",
+                f"/api/jaeger/v1/node_templates/{device_id}",
                 params={"verbose": "true", "include_controls": "true", "action": "reject"},
             )
 
@@ -721,7 +722,7 @@ class SicuraAPI:
         :rtype: bool
         """
         try:
-            result = self._make_request("DELETE", f"/backend/api/jaeger/v1/nodes/{device_id}")
+            result = self._make_request("DELETE", f"/api/jaeger/v1/nodes/{device_id}")
 
             # For DELETE operations, an empty result typically indicates success
             if result is None or result == "" or (isinstance(result, dict) and not result):
@@ -854,7 +855,7 @@ class SicuraAPI:
         }
 
         logger.info(f"Creating enforcement task for device {device_id} with {len(ce_names)} CE names")
-        result = self._make_request("POST", "/backend/api/jaeger/v1/tasks/", data=payload)
+        result = self._make_request("POST", "/api/jaeger/v1/tasks/", data=payload)
 
         if result:
             logger.info(f"Successfully created enforcement task with ID: {result}")

regscale/integrations/commercial/sicura/commands.py

@@ -46,7 +46,13 @@ def sync_assets(regscale_id: int):
 
 @sicura.command(name="sync_findings")
 @regscale_id(help="RegScale will create and update findings as children of this record.")
-def sync_findings(regscale_id: int):
+@click.option(
+    "--trigger_scan",
+    "-s",
+    is_flag=True,
+    help="Trigger a new scan on Sicura assets before syncing.",
+)
+def sync_findings(regscale_id: int, trigger_scan: bool):
     """
     Sync Sicura findings to RegScale.
 
@@ -60,7 +66,7 @@ def sync_findings(regscale_id: int):
         )
 
         # Using import_findings method which handles the synchronization
-        integration.sync_findings(plan_id=regscale_id)
+        integration.sync_findings(plan_id=regscale_id, trigger_scan=trigger_scan)
 
         logger.info("[bold green]Finding synchronization complete.")
 

regscale/integrations/commercial/sicura/scanner.py

@@ -74,6 +74,10 @@ class SicuraIntegration(ScannerIntegration):
             logger.warning("No devices found in Sicura")
             return
 
+        if kwargs.pop("trigger_scan", False):
+            logger.info(f"Triggering scans on Sicura {len(devices)} devices...")
+            self.trigger_scans(devices)
+
         self.num_findings_to_process = 0
         findings_count = 0
 
@@ -206,7 +210,8 @@ class SicuraIntegration(ScannerIntegration):
                 mitigation=mitigation,
             )
 
-    def _extract_scan_data(self, scan: Any) -> dict:
+    @staticmethod
+    def _extract_scan_data(scan: Any) -> dict:
         """
         Extract scan data from the scan object
 
@@ -235,7 +240,8 @@ class SicuraIntegration(ScannerIntegration):
                 "controls": scan.controls if hasattr(scan, "controls") else {},
             }
 
-    def _extract_control_refs(self, controls: dict) -> tuple:
+    @staticmethod
+    def _extract_control_refs(controls: dict) -> tuple:
         """
         Extract CCI and SRG references from controls
 
@@ -353,8 +359,9 @@ class SicuraIntegration(ScannerIntegration):
             baseline=platform,
         )
 
+    @staticmethod
     def _create_results_text(
-        self, title, ce_name, result, description, state, state_reason, cci_ref, srg_refs, is_cci_finding
+        title, ce_name, result, description, state, state_reason, cci_ref, srg_refs, is_cci_finding
     ) -> str:
         """
         Create the results text for a finding
@@ -401,42 +408,6 @@ class SicuraIntegration(ScannerIntegration):
         :rtype: Iterator[IntegrationAsset]
         """
         logger.info("Fetching assets from Sicura...")
-
-        # Get all devices
-        pending_devices = self.api.get_pending_devices()
-        for pending_device in pending_devices:
-            print(f"Pending device: {pending_device}")
-            self.api.accept_pending_device(pending_device.id)
-            task_id = self.api.create_scan_task(
-                device_id=pending_device.id,
-                platform=pending_device.platform,
-                profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
-            )
-            if task_id:
-                self.api.wait_for_scan_results(
-                    task_id=task_id,
-                    fqdn=pending_device.fqdn,
-                    platform=pending_device.platform,
-                    profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
-                )
-            else:
-                logger.warning(f"Failed to create scan task for device {pending_device.fqdn}")
-                continue  # Continue to next device if creating scan task failed
-
-            task_id = self.api.create_scan_task(
-                device_id=pending_device.id, platform=pending_device.platform, profile=SicuraProfile.LEVEL_1_SERVER
-            )
-            if task_id:
-                self.api.wait_for_scan_results(
-                    task_id=task_id,
-                    fqdn=pending_device.fqdn,
-                    platform=pending_device.platform,
-                    profile=SicuraProfile.LEVEL_1_SERVER,
-                )
-            else:
-                logger.warning(f"Failed to create scan task for device {pending_device.fqdn}")
-                # No continue needed here as we're at the end of the loop iteration
-
         devices = self.api.get_devices()
 
         if not devices:
@@ -479,3 +450,42 @@ class SicuraIntegration(ScannerIntegration):
             )
 
             self.asset_progress.update(loading_devices, advance=1)
+
+    def trigger_and_wait_for_scan(self, device: Device) -> None:
+        """
+        Trigger a scan and wait for the results
+
+        :param Device device: The device to trigger a scan for
+        :return: None
+        """
+        task_id = self.api.create_scan_task(
+            device_id=device.id,
+            platform=device.platforms,
+            profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+        )
+        if task_id:
+            self.api.wait_for_scan_results(
+                task_id=task_id,
+                fqdn=device.fqdn,
+                platform=device.platforms,
+                profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+            )
+        else:
+            logger.warning(f"Failed to create scan task for device {device.fqdn}")
+
+    def trigger_scans(self, devices: list[Device]) -> None:
+        """
+        Trigger scans for a list of devices
+
+        :param list[Device] devices: The devices to trigger scans for
+        :return: None
+        """
+        if len(devices) > 1:
+            from regscale.utils.threading import ThreadManager
+
+            # use multithreading to trigger scans for multiple devices
+            thread_manager = ThreadManager(max_workers=10)
+            thread_manager.submit_tasks_from_list(self.trigger_and_wait_for_scan, devices)
+            thread_manager.execute_and_verify()
+        else:
+            self.trigger_and_wait_for_scan(devices[0])

regscale/integrations/commercial/stigv2/ckl_parser.py

@@ -82,15 +82,15 @@ class STIGInfo(BaseModel):
     """Data model for STIG Information with optional and required attributes."""
 
     version: str
-    classification: str
+    classification: Optional[str] = None
     customname: Optional[str] = None
     stigid: str
     description: Optional[str] = None
     filename: Optional[str] = None
     releaseinfo: str
     title: str
-    uuid: str
-    notice: str
+    uuid: Optional[str] = None
+    notice: Optional[str] = None
     source: Optional[str] = None
 
 
@@ -115,10 +115,10 @@ class Vuln(BaseModel):
     check_content: Optional[str] = None
     fix_text: str
     check_content_ref: Optional[str] = None
-    weight: str
+    weight: Optional[str] = None
     stigref: Optional[str] = None
     targetkey: Optional[str] = None
-    stig_uuid: str
+    stig_uuid: Optional[str] = None
     vuln_discuss: Optional[str] = None
     ia_controls: Optional[str] = None
     class_: Optional[str] = None

regscale/integrations/commercial/synqly/assets.py

@@ -74,6 +74,23 @@ def sync_axonius(regscale_ssp_id: int, filter: str) -> None:
     assets_axonius.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
 
 
+@assets.command(name="sync_claroty_xdome")
+@regscale_ssp_id()
+@click.option(
+    "--filter",
+    help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
+    required=False,
+    type=str,
+    default=None,
+)
+def sync_claroty_xdome(regscale_ssp_id: int, filter: str) -> None:
+    """Sync Assets from Claroty Xdome to RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Assets
+
+    assets_claroty_xdome = Assets("claroty_xdome")
+    assets_claroty_xdome.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
+
+
 @assets.command(name="sync_crowdstrike")
 @regscale_ssp_id()
 @click.option(

regscale/integrations/commercial/synqly/vulnerabilities.py

@@ -44,8 +44,9 @@ def build_query(provider, validate, list_fields):
 @vulnerabilities.command(name="sync_crowdstrike")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -78,7 +79,12 @@ def build_query(provider, validate, list_fields):
     required=False,
 )
 def sync_crowdstrike(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str, url: str
+    regscale_ssp_id: int,
+    minimum_severity_filter: str,
+    scan_date: datetime,
+    all_scans: bool,
+    asset_filter: str,
+    url: str,
 ) -> None:
     """Sync Vulnerabilities from Crowdstrike to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -86,7 +92,7 @@ def sync_crowdstrike(
     vulnerabilities_crowdstrike = Vulnerabilities("crowdstrike")
     vulnerabilities_crowdstrike.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -97,8 +103,9 @@ def sync_crowdstrike(
 @vulnerabilities.command(name="sync_nucleus")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -121,7 +128,7 @@ def sync_crowdstrike(
     default=None,
 )
 def sync_nucleus(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
+    regscale_ssp_id: int, minimum_severity_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
 ) -> None:
     """Sync Vulnerabilities from Nucleus to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -129,7 +136,7 @@ def sync_nucleus(
     vulnerabilities_nucleus = Vulnerabilities("nucleus")
     vulnerabilities_nucleus.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -139,8 +146,9 @@ def sync_nucleus(
 @vulnerabilities.command(name="sync_qualys_cloud")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -167,7 +175,7 @@ def sync_nucleus(
     default=None,
 )
 def sync_qualys_cloud(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
+    regscale_ssp_id: int, minimum_severity_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
 ) -> None:
     """Sync Vulnerabilities from Qualys Cloud to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -175,7 +183,7 @@ def sync_qualys_cloud(
     vulnerabilities_qualys_cloud = Vulnerabilities("qualys_cloud")
     vulnerabilities_qualys_cloud.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -185,8 +193,9 @@ def sync_qualys_cloud(
 @vulnerabilities.command(name="sync_rapid7_insight_cloud")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -213,7 +222,7 @@ def sync_qualys_cloud(
     default=None,
 )
 def sync_rapid7_insight_cloud(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
+    regscale_ssp_id: int, minimum_severity_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
 ) -> None:
     """Sync Vulnerabilities from Rapid7 Insight Cloud to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -221,7 +230,7 @@ def sync_rapid7_insight_cloud(
     vulnerabilities_rapid7_insight_cloud = Vulnerabilities("rapid7_insight_cloud")
     vulnerabilities_rapid7_insight_cloud.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -231,8 +240,9 @@ def sync_rapid7_insight_cloud(
 @vulnerabilities.command(name="sync_servicenow_vr")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -259,7 +269,7 @@ def sync_rapid7_insight_cloud(
     default=None,
 )
 def sync_servicenow_vr(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
+    regscale_ssp_id: int, minimum_severity_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
 ) -> None:
     """Sync Vulnerabilities from Servicenow Vr to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -267,7 +277,7 @@ def sync_servicenow_vr(
     vulnerabilities_servicenow_vr = Vulnerabilities("servicenow_vr")
     vulnerabilities_servicenow_vr.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -277,8 +287,9 @@ def sync_servicenow_vr(
 @vulnerabilities.command(name="sync_tanium_cloud")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -305,7 +316,7 @@ def sync_servicenow_vr(
     default=None,
 )
 def sync_tanium_cloud(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
+    regscale_ssp_id: int, minimum_severity_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str
 ) -> None:
     """Sync Vulnerabilities from Tanium Cloud to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -313,7 +324,7 @@ def sync_tanium_cloud(
     vulnerabilities_tanium_cloud = Vulnerabilities("tanium_cloud")
     vulnerabilities_tanium_cloud.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],
@@ -323,8 +334,9 @@ def sync_tanium_cloud(
 @vulnerabilities.command(name="sync_tenable_cloud")
 @regscale_ssp_id()
 @click.option(
-    "--vuln_filter",
-    help="Filter the vulnerabilities for the selected severity. (Options: critical, high, medium, low, info)",
+    "--minimum_severity_filter",
+    "-s",
+    help="Minimum severity of the vulnerabilities to sync. (Options: critical, high, medium, low, info), e.g. providing high will sync all vulnerabilities with a severity of high and critical.",
     required=False,
     type=click.Choice(["critical", "high", "medium", "low", "info"]),
     default=None,
@@ -357,7 +369,12 @@ def sync_tanium_cloud(
     required=False,
 )
 def sync_tenable_cloud(
-    regscale_ssp_id: int, vuln_filter: str, scan_date: datetime, all_scans: bool, asset_filter: str, url: str
+    regscale_ssp_id: int,
+    minimum_severity_filter: str,
+    scan_date: datetime,
+    all_scans: bool,
+    asset_filter: str,
+    url: str,
 ) -> None:
     """Sync Vulnerabilities from Tenable Cloud to RegScale."""
     from regscale.models.integration_models.synqly_models.connectors import Vulnerabilities
@@ -365,7 +382,7 @@ def sync_tenable_cloud(
     vulnerabilities_tenable_cloud = Vulnerabilities("tenable_cloud")
     vulnerabilities_tenable_cloud.run_sync(
         regscale_ssp_id=regscale_ssp_id,
-        vuln_filter=vuln_filter,
+        minimum_severity_filter=minimum_severity_filter,
         scan_date=scan_date,
         all_scans=all_scans,
         filter=asset_filter.split(";") if asset_filter else [],