Mondoo - The First CIS SecureSuite Vendor Certified for Cloud and Kubernetes Security

Mondoo ensures your Cloud and Kubernetes environments are compliant with CIS Benchmarks. Continuously assess compliance reports instantly and remediate issues without trouble.

Mondoo_graphics_CIS SecureSuite Vendor Certified-01 (1)

Comprehensive CIS SecureSuite Vendor Certification for Cloud and Kubernetes Environments

We are happy to announce that we have been awarded CIS SecureSuite Vendor Certification to meet the full coverage of Cloud and cloud-managed Kubernetes environments:

  • CIS Benchmark Amazon Web Services Foundations Certification Level 1 + 2
  • CIS Amazon Elastic Kubernetes Service (EKS) Level 1 + 2
  • CIS Microsoft Azure Foundations Benchmark Level 1 + 2
  • CIS Azure Kubernetes Service (AKS) Benchmark Level 1 + 2
  • CIS Google Cloud Platform Foundation Benchmark Level 1 + 2
  • CIS Google Kubernetes Engine (GKE) Benchmark Level 1 + 2

Effortless Compliance Assessment for Cloud and Kubernetes Clusters with Mondoo

Mondoo is the first full-stack Security Vendor to receive Center for Internet Security (CIS) certification for all major Clouds like Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and for all major cloud-managed Kubernetes Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). All benchmarks can be assessed with agentless or agent-based techniques. The frictionless agentless scanning allows rapid assessment of cloud and Kubernetes infrastructures. For companies needing to meet more rigid security requirements, Mondoo also provides the option to install agents. With this approach, credentials to your environment never leave your infrastructure.

Mondoo customers can now use our latest CIS Benchmarks to automatically assess their complete Cloud environment and Kubernetes clusters' compliance. These benchmarks incorporate all CIS recommendations to secure your Cloud and cloud-managed Kubernetes clusters. Mondoo is the first vendor that achieves CIS certification for agentless and agent-based CIS benchmark assessment.

Customize and Extend Compliance Benchmarks with Open Source MQL and cnspec

All CIS benchmarks are implemented in Mondoo's open source graph-based query language (MQL). MQL is also an open and easily extensible use by our open-source project cnspec. MQL enables our customers to customize all security and compliance benchmarks to their needs. No more hard-coded and unchangeable settings. Mondoo is the only vendor that does not lock in customers because we open-sourced our Policy as Code (PaC) engine cnspec.

Why do you need CIS benchmarks?

CIS benchmarks are guidelines, best practices, and recommendations published by the Center for Internet Security (CIS) for securing your infrastructure. These benchmarks ensure that sensitive data are safe and secure. Organizations can securely configure their Cloud, managed Kubernetes (EKS, AKS, GKE) clusters, workloads, and data centers by following the CIS benchmarks to increase their strong security posture and reduce the risk of data breaches and other incidents.

Many compliance frameworks, such as SOC2, PCI-DSS, HIPAA, NIST, and BSI require organizations to follow CIS benchmarks. By implementing the benchmarks, organizations can meet compliance obligations and avoid fines and penalties.

Improve Your Security Posture with Mondoo's Extensible Security Posture Management (xSPM) Approach

Mondoo's extensible Security Posture Management (xSPM) approach secures all your infrastructure layers. Every customer infrastructure consists of multiple layers such as Clouds (AWS, Azure, GCP), Kubernetes (EKS, AKS, GKE, OpenShift), Linux and Windows workloads (VMs, containers), SaaS (M365, Google Workspace, Okta, Slack), On-Prem (VMWare, Server, Endpoints) and quite often IoT devices. By examining each infrastructure layer for vulnerabilities and misconfiguration, you prevent data breaches, avoid incidents, meet compliance obligations, and avoid potential fines and penalties.

Mondoo xSPM infographic

Mondoo's customers secure and meet regulatory compliance with our xSPM platform. xSPM also enables our customers to incorporate security and compliance requirements in their development life cycle as early as possible to reduce risk and cost while increasing development velocity.

By scanning Infrastructure-as-Code (IaC) for security and compliance issues, Mondoo xSPM provides contexts where misconfiguration is the root cause.

Mondoo DevSecOps Workflow

Connect mondoo to your cloud environment in minutes and assess your cloud and Kubernetes compliance posture.

Easily Connect Mondoo to Your Cloud and Kubernetes Environments for Enhanced Security

Mondoo connects in minutes to your cloud and Kubernetes environments using APIs. You can use agent-based and agentless scanning to gather information from all layers of your cloud, cloud-managed Kubernetes clusters and their associated workloads for potential risks related to misconfigurations, external exposure, vulnerabilities, malware, secrets, and more.

Mondoo integrations

Mondoo’s full-stack xSPM platform reviews all the information collected from your cloud, cloud-managed Kubernetes and their workloads to provide our customers a full asset inventory view in our Asset Intelligent dashboard. Furthermore it guides Mondoo customers with our Risk Actions dashboard to increase their strong posture management.

Mondoo Asset Intelligence

Benefit from Over 200 Policies and 12,000 Unique, Extensible Mondoo Queries

Mondoo’s full-stack xSPM platform delivers our customers over 200 policies and 12.000 unique and highly extensible Mondoo queries to assess your infrastructure. Each Query includes a detailed recommendation to secure the cloud, cloud-managed Kubernetes clusters and workloads.

Mondoo CIS vendor page

Finally, we calculate for each asset in your infrastructure a compliance score and provide you an overall compliance score for each of your business critical processes.

Mondoo CISO dashboard

Quickly Remediate Issues with Step-by-Step Guidance

Once the missing patch or misconfiguration has been identified in your infrastructure, knowing the next step to take action can be challenging. For any failed Query in your environment, the Mondoo full-stack xSPM platform provides our customers with specific remediation guidance so you can quickly respond and act to any security and compliance issues.

Mondoo query

Seamless Integration with Popular Third-Party Applications

Mondoo’s full-stack xSPM platform integrates with a wide variety of third-party applications such as GCP BigQuery, Snowflake, Splunk, IBM QRadar, Atlassian Jira, ServiceNow, GitHub, GiLlab, Jenkins, CircleCI, Azure DevOps and your ChatOps tools such as Teams, Slack and Discord to bring the data to the place where do you need it.

Maintain an Updated View of Your Compliance Posture with Mondoo's xSPM Platform

Mondoo‘s full-stack xSPM platform automatically detects configuration drifts in your complete infrastructure and across the DevOps workflow. This enables Mondoo customers to maintain an up-to-date view of the security risks and compliance status whenever and wherever you are.

Monitor your infrastructure for security misconfigurations and maps those checks automatically to top compliance frameworks.

Patrick Münch

Chief Information Security Officer (CISO) at Mondoo, Patrick is highly skilled at protecting and hacking every system he gets his hands on. He built a successful penetration testing and incident response team at SVA GmbH, their goal to increase the security level of companies and limit the impact of ransomware attacks. Now, as part of the Mondoo team, Patrick can help protect far more organizations from cybersecurity threats.

You might also like

Mondoo June 2024 Release Highlights
Mondoo May 2024 Release Highlights
Mondoo April 2024 Release Highlights