Monitor cloud security with unmatched granularity
In addition to evaluating the overall security posture of your cloud environments, Mondoo now discovers and individually scans common cloud resources such as load balancers, virtual networks, or storage buckets. With the fine-grained security details Mondoo exposes, you might reveal some surprises.
Better understand your cloud asset inventory
With this improved granularity, you can quickly find and understand cloud assets across multiple providers or accounts—all within Mondoo. Search for resources by name or type using our newly expanded search capabilities.
Once you've found the right asset, quickly determine the location and owner with detailed asset overview data for each asset type.
Get a clear and detailed view of your security
It's also easier to understand where critical security vulnerabilities exist within your infrastructure. Because Mondoo now applies checks directly to cloud assets, you can more easily see which assets pass and which assets fail checks without diving into complex, account-wide check output.
Set granular exceptions
Edge cases no longer need to cause pain. Now Mondoo gives you the fine-grained control to account for cloud security exceptions where necessary. With fine-grained asset scanning you can create exceptions that run on the specific cloud resources instead of on the account. This means you can disable or snooze a check without losing security visibility across your entire cloud account.
Scan and query even more platforms
You'd think we would run out of new platforms to query and scan, but we haven't yet! This month we added:
- Shodan search engine: Inspect domain and IP security information in the Shodan search engine with the new
shodanprovider in cnquery and cnspec. - Ansible playbooks: Query and secure your Ansible playbooks with cnquery and cnspec using our new
ansibleprovider. - SBOM files: cnquery and cnspec now let you directly query and scan SBOM file content as if the files were real running assets.
- Snowflake: Use the new
snowflakeprovider in cnquery/cnspec to query and secure database, user, and configuration data in your Snowflake account.
Assess Windows system security without an agent
You can now inspect a Windows system without installing any agent on the system: Attach the drive (or a snapshot of the drive) to another Windows system. Then you can run the cnquery or cnspec shell complete with access to all of Mondoo's Windows MQL resources. Run against a drive by serial number or against a LUN.
Automatically discover and scan infrastructure as code in GitHub and GitLab
When Mondoo scans GitHub and GitLab repositories, it can automatically detect CloudFormation templates and Kubernetes manifests and scan them for security issues. Find their scan results quickly in the IaC asset group.
Secure Microsoft Exchange
Mondoo's vulnerability detection has expanded to include Microsoft Exchange. Scan with cnspec to ensure that you're following important security best practices and have the most important updates installed.
Heard about the new Microsoft Exchange vulnerabilities currently being exploited in the wild? Don't become another attack victim. Scan Exchange now.
Easily navigate spaces and organizations
We've made it much easier to navigate between different organizations and spaces in the Mondoo Console. Our schmancy new navigation bar lets you:
- Search for organizations or spaces right in the drop-down menus
- Switch to a space without having to visit the organization's Spaces page
Crank risk factor identification and prioritization up to 11
In June we made more changes focused on making it easier for you to understand the greatest risks to your organization.
New risk factors for critical Windows systems
With new risk factors for assets running Microsoft SQL Server or IIS, Mondoo now exposes vulnerabilities and misconfigurations on the most important Windows systems in your environment.
Assess risk at a glance
We improved the risk assessment view on CVE and advisory pages so you can better understand which risks apply to assets and which don't.
Don't be fooled by partially removed .deb packages
It's possible to remove a Debian package from an asset but leave parts of it remaining on the system. Mondoo now detects these remnants and flags the risk they pose to your environment.
Get the information you need on vulnerabilities
With an exhaustive list of all the vulnerable software in your infrastructure, you can precisely identify risks. Delve into specific versions of packages and see everywhere they're installed. This new feature also works seamlessly with Mondoo Firewatch, automatically helping you prioritize remediation using contributing risk factors such as known exploits, running processes, and open network ports.
Each software page provides a breakdown of:
- Deployed package versions
- Software CVEs
- Risk factors
- Assets in your environment running the software
In addition, the asset tables in the CVE and advisory views now provide more relevant information about vulnerable assets.
Catch old systems before they're end of life
This month we expanded our end of life detection to include:
- SLES 15.5
- openSUSE 15.6
- FreeBSD 13.2
- FreeBSD 14.0
Access even more detail with newly added resource
Stay current with policy updates
CIS Google Cloud Foundations 3.0
Secure your Google Cloud infrastructure with the latest recommendations from the Center for Internet Security (CIS). This updated policy includes new checks as well as updated audit and remediation steps to match the latest Google Cloud console experience.
Expanded Endpoint Detection and Response (EDR) policy support
The Mondoo Endpoint Detection and Response (EDR) policy now detects systems running Windows Defender with up-to-date definition files.
