regscale-cli 6.27.0.1__py3-none-any.whl → 6.27.2.0__py3-none-any.whl

regscale/_version.py

@@ -33,7 +33,7 @@ def get_version_from_pyproject() -> str:
                     return match.group(1)
     except Exception:
         pass
-    return "6.27.0.1"  # fallback version
+    return "6.27.2.0"  # fallback version
 
 
 __version__ = get_version_from_pyproject()

regscale/core/app/utils/app_utils.py

@@ -584,6 +584,42 @@ def check_supported_file_type(file: Path) -> None:
         raise RuntimeError(f"Unsupported file type: {file.suffix}")
 
 
+def _remove_nested_dicts_before_saving(data: Any) -> "pd.DataFrame":
+    """
+    Remove nested dictionaries before saving the data to a file.
+
+    :param Any data: The data to remove nested dictionaries from.
+    :return: A pandas DataFrame with the nested dictionaries removed.
+    :rtype: "pd.DataFrame"
+    """
+    import pandas as pd  # Optimize import performance
+
+    # Handle case where data is a single dict (not a list)
+    # This occurs with endpoints that return a single object with nested structures
+    if isinstance(data, dict) and not isinstance(data, list):
+        # Check if the dict contains nested dicts or lists of dicts (not simple lists)
+        has_nested_dicts = any(
+            isinstance(v, dict) or (isinstance(v, list) and v and isinstance(v[0], dict)) for v in data.values()
+        )
+        if has_nested_dicts:
+            # Use json_normalize to flatten nested dict structures
+            d_frame = pd.json_normalize(data)
+        else:
+            # Simple dict or dict with simple lists
+            # Check if all values are scalars (not lists) - if so, wrap in list for DataFrame
+            has_any_lists = any(isinstance(v, list) for v in data.values())
+            if has_any_lists:
+                # Dict with simple lists - can use DataFrame directly
+                d_frame = pd.DataFrame(data)
+            else:
+                # All scalar values - must wrap in list for DataFrame
+                d_frame = pd.DataFrame([data])
+    else:
+        # Handle list of dicts or other data structures
+        d_frame = pd.DataFrame(data)
+    return d_frame
+
+
 def save_to_csv(file: Path, data: Any, output_log: bool, transpose: bool = True) -> None:
     """
     Save data to a CSV file.
@@ -594,13 +630,12 @@ def save_to_csv(file: Path, data: Any, output_log: bool, transpose: bool = True)
     :param bool transpose: Whether to transpose the data, defaults to True
     :rtype: None
     """
-    import pandas as pd  # Optimize import performance
+    d_frame = _remove_nested_dicts_before_saving(data)
 
     if transpose:
-        data = pd.DataFrame(data).transpose()
-    else:
-        data = pd.DataFrame(data)
-    data.to_csv(file)
+        d_frame = d_frame.transpose()
+
+    d_frame.to_csv(file)
     if output_log:
         logger.info("Data successfully saved to: %s", file.absolute())
 
@@ -615,9 +650,8 @@ def save_to_excel(file: Path, data: Any, output_log: bool, transpose: bool = Tru
     :param bool transpose: Whether to transpose the data, defaults to True
     :rtype: None
     """
-    import pandas as pd  # Optimize import performance
+    d_frame = _remove_nested_dicts_before_saving(data)
 
-    d_frame = pd.DataFrame(data)
     if transpose:
         d_frame = d_frame.transpose()
 

regscale/integrations/commercial/aws/scanner.py

@@ -706,7 +706,7 @@ Description: {description if isinstance(description, str) else ''}"""
 
         aws_secret_key_id = kwargs.get("aws_access_key_id") or os.getenv("AWS_ACCESS_KEY_ID")
         aws_secret_access_key = kwargs.get("aws_secret_access_key") or os.getenv("AWS_SECRET_ACCESS_KEY")
-        region = kwargs.get("region") or os.getenv("AWS_REGION", "us-east-1")
+        region = kwargs.get("region") or os.getenv("AWS_REGION")
         if not aws_secret_key_id or not aws_secret_access_key:
             raise ValueError(
                 "AWS Access Key ID and Secret Access Key are required.\nPlease update in environment "
@@ -714,8 +714,9 @@ Description: {description if isinstance(description, str) else ''}"""
             )
         if not region:
             logger.warning("AWS region not provided. Defaulting to 'us-east-1'.")
+            region = "us-east-1"
         session = boto3.Session(
-            region_name=kwargs.get(region, "us-east-1"),
+            region_name=region,
             aws_access_key_id=aws_secret_key_id,
             aws_secret_access_key=aws_secret_access_key,
             aws_session_token=kwargs.get("aws_session_token"),

regscale/integrations/commercial/microsoft_defender/defender_api.py

@@ -353,7 +353,7 @@ class DefenderApi:
 
         data = self.get_items_from_azure(url=url, parse_value=kwargs.get("parse_value", True))
         save_path = Path(
-            os.path.join(ENTRA_SAVE_DIR, f"azure_entra_{endpoint_key}_{get_current_datetime('%Y%m%d')}.csv")
+            os.path.join(ENTRA_SAVE_DIR, f"azure_entra_{endpoint_key}_{get_current_datetime('%Y%m%d')}.xlsx")
         )
         save_data_to(file=save_path, data=data, transpose_data=False)
         return [save_path]

regscale/integrations/commercial/sicura/api.py

@@ -203,7 +203,6 @@ class SicuraAPI:
     FILTER_TYPE = "filter[type]"
     FILTER_REJECTED = "filter[rejected]"
     FILTER_TASK_ID = "filter[task_id]"
-    csrf_token: Optional[str] = None
 
     def __init__(self):
         """
@@ -246,12 +245,9 @@ class SicuraAPI:
 
         if data:
             self.session.headers["Content-Type"] = "application/json"
-        if not endpoint.endswith("/auth/token"):
-            if not self.csrf_token:
-                self.csrf_token = self.get_csrf_token()
-            if self.csrf_token:
-                self.session.headers["X-CSRF-TOKEN"] = str(self.csrf_token)
-            self.session.headers["auth-token-signature"] = SicuraVariables.sicuraToken
+
+        # Always set the auth token signature for API authentication
+        self.session.headers["auth-token-signature"] = SicuraVariables.sicuraToken
 
         try:
             # Use the session object to maintain cookies between requests
@@ -313,22 +309,6 @@ class SicuraAPI:
             logging.error(f"Error validating response: {e}", exc_info=True)
             return None
 
-    def get_csrf_token(self) -> Optional[AuthResponse]:
-        """
-        Get authentication token from Sicura API.
-
-        :return: Authentication response
-        :rtype: Optional[AuthResponse]
-        :raises requests.exceptions.RequestException: If the request fails
-        """
-        try:
-            response = self._make_request("GET", "/auth/token")
-            self.csrf_token = response
-            return response
-        except requests.exceptions.RequestException as e:
-            logger.error(f"Error getting authentication token: {e}", exc_info=True)
-            raise
-
     class Device(SicuraModel):
         """Model for Sicura device information."""
 
@@ -384,11 +364,56 @@ class SicuraAPI:
             logger.error(f"Failed to get devices: {e}", exc_info=True)
             return []
 
+    def create_or_update_control_profile(self, profile_name: str, controls: list[dict]) -> Optional[dict]:
+        """
+        Create or update a control profile.
+
+        :param str profile_name: Name of the control profile
+        :param list[dict] controls: List of controls to add to the profile
+        :return: The control profile if successfully created or updated, None otherwise
+        :rtype: Optional[dict]
+        """
+        profile_id = None
+        profile_data = None
+        params = {"verbose": "true"}
+        try:
+            # see if the profile already exists
+            response = self._make_request("GET", "/api/jaeger/v1/control_profiles", params=params)
+            for profile in response:
+                if profile["name"] == profile_name:
+                    profile_id = profile["id"]
+                    break
+            payload = {
+                "name": profile_name,
+                "description": f"Profile for {profile_name} with {len(controls)} controls.",
+                "controls": controls,
+            }
+            if not profile_id:
+                crud_operation = "Created"
+                response = self._make_request("POST", "/api/jaeger/v1/control_profiles", data=payload, params=params)
+                profile_id = response
+                profile_data = self._make_request("GET", f"/api/jaeger/v1/control_profiles/{profile_id}", params=params)
+            else:
+                crud_operation = "Updated"
+                response = self._make_request(
+                    "PUT", f"/api/jaeger/v1/control_profiles/{profile_id}", data=payload, params=params
+                )
+                profile_id = response["id"]
+                profile_data = response
+            logger.info(f"{crud_operation} control profile #{profile_id} in Sicura with {len(controls)} controls.")
+            return profile_data
+
+            return profile_id
+        except Exception as e:
+            logger.error(f"Failed to create or update control profile: {e}", exc_info=True)
+            return None
+
     def create_scan_task(
         self,
         device_id: int,
         platform: str,
-        profile: SicuraProfile,
+        profile: Union[SicuraProfile, str],
+        author: Optional[str] = None,
         task_name: Optional[str] = None,
         scheduled_time: Optional[datetime.datetime] = None,
     ) -> Optional[str]:
@@ -398,6 +423,7 @@ class SicuraAPI:
         :param int device_id: ID of the device to scan
         :param str platform: Platform name (e.g., 'Red Hat Enterprise Linux 9')
         :param SicuraProfile profile: Scan profile name (e.g., 'I - Mission Critical Classified')
+        :param Optional[str] author: Author of the scan task (default: None)
         :param Optional[str] task_name: Name for the scan task (default: auto-generated)
         :param Optional[datetime.datetime] scheduled_time: When to run the scan (default: now)
         :return: Task ID if successful, None otherwise
@@ -425,6 +451,9 @@ class SicuraAPI:
                 "scanAttributes": {"platform": platform, "profile": profile},
             }
 
+            if author:
+                payload["scanAttributes"]["author"] = author
+
             result = self._make_request("POST", "/api/jaeger/v1/tasks/", data=payload)
 
             if result:
@@ -483,14 +512,16 @@ class SicuraAPI:
         self,
         fqdn: str,
         platform: Optional[str] = None,
-        profile: SicuraProfile = SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+        profile: Union[SicuraProfile, str] = SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+        author: Optional[str] = None,
     ) -> Optional[ScanReport]:
         """
         Get scan results for a specific device.
 
         :param str fqdn: Fully qualified domain name of the device
         :param Optional[str] platform: Platform name to filter results (e.g., 'Red Hat Enterprise Linux 9')
-        :param SicuraProfile profile: Profile name to filter results (e.g., 'I - Mission Critical Classified')
+        :param Union[SicuraProfile, str] profile: Profile name to filter results, defaults to I - Mission Critical Classified
+        :param Optional[str] author: Author of the scan task (default: None)
         :return: Scan report containing device info and scan results, or None if not found
         :rtype: Optional[ScanReport]
         """
@@ -503,6 +534,9 @@ class SicuraAPI:
             if profile:
                 params["profile"] = profile
 
+            if author:
+                params["author"] = author
+
             response = self._make_request("GET", "/api/jaeger/v1/nodes", params=params)
 
             # Handle 404 or empty response
@@ -560,7 +594,8 @@ class SicuraAPI:
         task_id: Union[int, str],
         fqdn: str,
         platform: Optional[str] = None,
-        profile: SicuraProfile = SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+        profile: Union[SicuraProfile, str] = SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+        author: Optional[str] = None,
         max_wait_time: int = 600,
         poll_interval: int = 10,
     ) -> Optional[Union[ScanReport, Dict[str, Any]]]:
@@ -570,7 +605,8 @@ class SicuraAPI:
         :param Union[int, str] task_id: ID of the scan task to monitor
         :param str fqdn: Fully qualified domain name of the device
         :param Optional[str] platform: Platform name to filter results
-        :param SicuraProfile profile: Profile name to filter results
+        :param Union[SicuraProfile, str] profile: Profile name to filter results, defaults to I - Mission Critical Classified
+        :param Optional[str] author: Author of the scan task (default: None)
         :param int max_wait_time: Maximum time to wait in seconds (default: 10 minutes)
         :param int poll_interval: Time between status checks in seconds (default: 10 seconds)
         :return: Scan results once the task is complete, or None if timeout or error
@@ -602,7 +638,7 @@ class SicuraAPI:
                         logger.info(f"Scan task {task_id} completed successfully, fetching results...")
                         # Wait a moment for results to be processed
                         time.sleep(2)
-                        return self.get_scan_results(fqdn, platform, profile)
+                        return self.get_scan_results(fqdn=fqdn, platform=platform, profile=profile, author=author)
                     else:
                         logger.error(f"Scan task {task_id} ended with status {latest_status}")
                         return None

regscale/integrations/commercial/sicura/scanner.py

@@ -4,7 +4,7 @@
 RegScale Sicura Integration
 """
 import datetime
-from typing import Generator, Iterator, Any
+from typing import Any, Generator, Iterator, Union
 
 from regscale.core.utils.date import date_str
 from regscale.integrations.commercial.sicura.api import SicuraAPI, ScanReport, SicuraProfile, Device, ScanResult
@@ -55,6 +55,8 @@ class SicuraIntegration(ScannerIntegration):
         """
         super().__init__(*args, **kwargs)
         self.api = SicuraAPI()
+        self.control_scan = False
+        self.control_scan_profile = None
 
     def fetch_findings(self, **kwargs) -> Generator[IntegrationFinding, None, None]:
         """
@@ -103,23 +105,28 @@ class SicuraIntegration(ScannerIntegration):
             return
 
         # Profiles to scan
-        profiles = [SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED, SicuraProfile.LEVEL_1_SERVER]
+        profiles = [SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED]
+        if self.control_scan:
+            profiles = [self.control_scan_profile]
 
         for profile in profiles:
             yield from self._process_profile_findings(device, profile)
 
     def _process_profile_findings(
-        self, device: Device, profile: SicuraProfile
+        self, device: Device, profile: Union[SicuraProfile, str]
     ) -> Generator[IntegrationFinding, None, None]:
         """
         Process findings for a device with a specific profile
 
         :param Device device: The device to process
-        :param SicuraProfile profile: The profile to process
+        :param Union[SicuraProfile, str] profile: The profile to process
         :yield: IntegrationFinding objects
         :rtype: Generator[IntegrationFinding, None, None]
         """
-        scan_report = self.api.get_scan_results(fqdn=device.fqdn, profile=profile)
+        if self.control_scan and profile == self.control_scan_profile:
+            scan_report = self.api.get_scan_results(fqdn=device.fqdn, profile=profile, author="control")
+        else:
+            scan_report = self.api.get_scan_results(fqdn=device.fqdn, profile=profile)
 
         if not scan_report:
             logger.warning(f"No scan results found for device: {device.fqdn} with profile: {profile}")
@@ -458,17 +465,21 @@ class SicuraIntegration(ScannerIntegration):
         :param Device device: The device to trigger a scan for
         :return: None
         """
+        profile = self.control_scan_profile if self.control_scan else SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED
+        author = "control" if self.control_scan else None
         task_id = self.api.create_scan_task(
             device_id=device.id,
             platform=device.platforms,
-            profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+            profile=profile,
+            author=author,
         )
         if task_id:
             self.api.wait_for_scan_results(
                 task_id=task_id,
                 fqdn=device.fqdn,
                 platform=device.platforms,
-                profile=SicuraProfile.I_MISSION_CRITICAL_CLASSIFIED,
+                profile=profile,
+                author=author,
             )
         else:
             logger.warning(f"Failed to create scan task for device {device.fqdn}")
@@ -480,6 +491,24 @@ class SicuraIntegration(ScannerIntegration):
         :param list[Device] devices: The devices to trigger scans for
         :return: None
         """
+        # get the SSP's controlImplementations
+        if control_imps := regscale_models.ControlImplementation.get_list_by_parent(
+            regscale_id=self.plan_id, regscale_module=regscale_models.SecurityPlan.get_module_slug()
+        ):
+            if profile := self.api.create_or_update_control_profile(
+                profile_name=f"regscale_ssp_id_{self.plan_id}",
+                controls=control_imps,
+            ):
+                self.control_scan = True
+                self.control_scan_profile = profile["name"]
+            else:
+                logger.warning("Failed to create or update control profile")
+                self.control_scan = False
+                self.control_scan_profile = None
+        else:
+            self.control_scan = False
+            self.control_scan_profile = None
+
         if len(devices) > 1:
             from regscale.utils.threading import ThreadManager
 

regscale/integrations/commercial/tenablev2/commands.py

@@ -154,8 +154,8 @@ def io_sync_assets(regscale_ssp_id: int, tags: List[Tuple[str, str]] = None):
     try:
         from regscale.integrations.commercial.tenablev2.scanner import TenableIntegration
 
-        integration = TenableIntegration(plan_id=regscale_ssp_id, tags=tags)
-        integration.sync_assets(plan_id=regscale_ssp_id)
+        integration = TenableIntegration(plan_id=regscale_ssp_id)
+        integration.sync_assets(plan_id=regscale_ssp_id, tags=tags)
 
         console.print("[bold green]Tenable.io asset synchronization complete.[/bold green]")
     except Exception as e:
@@ -193,8 +193,8 @@ def io_sync_findings(
     try:
         from regscale.integrations.commercial.tenablev2.scanner import TenableIntegration
 
-        integration = TenableIntegration(plan_id=regscale_ssp_id, tags=tags, scan_date=scan_date)
-        integration.sync_findings(plan_id=regscale_ssp_id, severity=severity)
+        integration = TenableIntegration(plan_id=regscale_ssp_id, scan_date=scan_date)
+        integration.sync_findings(plan_id=regscale_ssp_id, severity=severity, tags=tags)
 
         console.print("[bold green]Tenable.io finding synchronization complete.[/bold green]")
     except Exception as e:

regscale/integrations/commercial/tenablev2/scanner.py

@@ -44,7 +44,7 @@ class TenableIntegration(ScannerIntegration):
         "low": regscale_models.IssueSeverity.Low,
     }
 
-    def __init__(self, plan_id: int, tenant_id: int = 1, tags: Optional[List[str]] = None, **kwargs):
+    def __init__(self, plan_id: int, tenant_id: int = 1, **kwargs):
         """
         Initialize the TenableIntegration.
 
@@ -53,7 +53,6 @@ class TenableIntegration(ScannerIntegration):
         """
         super().__init__(plan_id, tenant_id, **kwargs)
         self.client = None
-        self.tags = tags or []
         self.scan_date = kwargs.get("scan_date", get_current_datetime())
 
     def authenticate(self) -> None:

regscale/integrations/commercial/wizv2/scanner.py

@@ -70,6 +70,8 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         "Medium": regscale_models.IssueSeverity.Moderate,
         "Low": regscale_models.IssueSeverity.Low,
         "INFORMATIONAL": regscale_models.IssueSeverity.NotAssigned,
+        "INFO": regscale_models.IssueSeverity.NotAssigned,  # Wiz uses "INFO" for informational data findings
+        "None": regscale_models.IssueSeverity.NotAssigned,  # Wiz uses "NONE" for findings without severity
     }
     asset_lookup = "vulnerableAsset"
     wiz_token = None
@@ -706,13 +708,11 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         :yield: IntegrationFinding objects
         :rtype: Iterator[IntegrationFinding]
         """
-        logger.info(
-            f"🔍 VULNERABILITY PROCESSING ANALYSIS: Received {len(nodes)} raw Wiz vulnerabilities for processing"
-        )
+        logger.debug(f"VULNERABILITY PROCESSING ANALYSIS: Received {len(nodes)} raw Wiz vulnerabilities for processing")
 
         # Count issues by severity for analysis
-        severity_counts = {}
-        status_counts = {}
+        severity_counts: dict[str, int] = {}
+        status_counts: dict[str, int] = {}
         for node in nodes:
             severity = node.get("severity", "Low")
             status = node.get("status", "OPEN")
@@ -728,22 +728,35 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         for node in nodes:
             wiz_severity = node.get("severity", "Low")
             wiz_id = node.get("id", "unknown")
+
+            # Log sample record for NONE severity (only first occurrence per session)
+            if wiz_severity and wiz_severity.upper() == "NONE":
+                if not hasattr(self, "_none_severity_sample_logged"):
+                    logger.info(
+                        f"SAMPLE RECORD - Vulnerability with NONE severity (treating as informational): "
+                        f"ID={node.get('id', 'Unknown')}, "
+                        f"Name={node.get('name', 'Unknown')}, "
+                        f"Type={node.get('type', 'Unknown')}, "
+                        f"Severity={wiz_severity}"
+                    )
+                    self._none_severity_sample_logged = True
+
             if self.should_process_finding_by_severity(wiz_severity):
                 filtered_nodes.append(node)
             else:
                 filtered_out_count += 1
-                logger.info(
-                    f"🚫 FILTERED BY SEVERITY: Vulnerability {wiz_id} with severity '{wiz_severity}' "
+                logger.debug(
+                    f"FILTERED BY SEVERITY: Vulnerability {wiz_id} with severity '{wiz_severity}' "
                     f"filtered due to minimumSeverity configuration"
                 )
 
         logger.info(
-            f"✅ After severity filtering: {len(filtered_nodes)} vulnerabilities kept, {filtered_out_count} filtered out"
+            f"After severity filtering: {len(filtered_nodes)} vulnerabilities kept, {filtered_out_count} filtered out"
         )
 
         if not filtered_nodes:
             logger.warning(
-                "⚠️  All vulnerabilities filtered out by severity configuration - check your minimumSeverity setting"
+                "All vulnerabilities filtered out by severity configuration - check your minimumSeverity setting"
             )
             return
 
@@ -944,10 +957,17 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             self._severity_config_logged = True
 
         # Define severity hierarchy (lower index = higher severity)
-        severity_hierarchy = ["critical", "high", "medium", "low", "informational"]
+        # Note: "info", "informational", and "none" are all treated as informational
+        severity_hierarchy = ["critical", "high", "medium", "low", "informational", "info", "none"]
 
         try:
             wiz_severity_lower = wiz_severity.lower()
+
+            # Handle empty or None severity values - treat as informational
+            # Normalize "info" to "informational" for consistent processing
+            if not wiz_severity_lower or wiz_severity_lower == "none" or wiz_severity_lower == "info":
+                wiz_severity_lower = "informational"
+
             min_severity_index = severity_hierarchy.index(min_severity)
             finding_severity_index = severity_hierarchy.index(wiz_severity_lower)
 
@@ -1010,8 +1030,8 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             return graph_entity.get("id")
 
         # Standard case - direct id access
-        asset_container = node.get(asset_lookup_key, {})
-        asset_id = asset_container.get("id")
+        asset_container = node.get(asset_lookup_key) or {}
+        asset_id = asset_container.get("id") if isinstance(asset_container, dict) else None
 
         # Add debug logging to help diagnose missing assets
         if not asset_id:
@@ -1023,8 +1043,8 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             fallback_keys = ["vulnerableAsset", "resource", "exposedEntity", "entitySnapshot"]
             for fallback_key in fallback_keys:
                 if fallback_key != asset_lookup_key and fallback_key in node:
-                    fallback_asset = node.get(fallback_key, {})
-                    if fallback_id := fallback_asset.get("id"):
+                    fallback_asset = node.get(fallback_key) or {}
+                    if isinstance(fallback_asset, dict) and (fallback_id := fallback_asset.get("id")):
                         logger.debug(
                             f"Found asset ID using fallback key '{fallback_key}' for {vulnerability_type.value}"
                         )
@@ -1068,7 +1088,11 @@ class WizVulnerabilityIntegration(ScannerIntegration):
             return graph_entity.get("providerUniqueId") or graph_entity.get("name") or graph_entity.get("id")
 
         # Standard case - get asset container and extract provider identifier
-        asset_container = node.get(asset_lookup_key, {})
+        asset_container = node.get(asset_lookup_key) or {}
+
+        # Ensure asset_container is a dict before accessing
+        if not isinstance(asset_container, dict):
+            return None
 
         # For Issue queries, the field is called 'providerId' instead of 'providerUniqueId'
         if vulnerability_type == WizVulnerabilityType.ISSUE:
@@ -1167,7 +1191,7 @@ class WizVulnerabilityIntegration(ScannerIntegration):
         # Get asset identifier
         asset_id = self.get_asset_id_from_node(node, vulnerability_type)
         if not asset_id:
-            logger.warning(
+            logger.debug(
                 f"Skipping {vulnerability_type.value} finding '{node.get('name', 'Unknown')}' "
                 f"(ID: {node.get('id', 'Unknown')}) - no asset identifier found"
             )