Set up an Azure integration in five minutes

Integrate Mondoo and Azure with just a single command. No more worrying about setting up apps, configuring service principals, or generating certificates; just tell Mondoo what you'd like to scan in your Azure subscription and paste the command in CloudShell. Then kick back, relax, and let Mondoo do the heavy lifting.

Enjoy the same ease when you scan Azure with the Mondoo client! There's no need for complex Azure credential configuration. Now cnquery and cnspec can install and run directly in Azure Cloud Shell.

Superpowered risk factors

This month we made risk factors customizable, more comprehensive, and more visible. 

Customize risk factors

Tailor Mondoo's security model to match the needs of your business with risk factor customizations. Choose which risk factors matter to you and tune how much impact each risk factor has on the prioritization of findings. That way, the unique needs of your infrastructure determine which systems require urgent attention.

New risk factors

Focus on the most important systems first, with new risk factors for critical databases, file sharing, FTP servers, and directory services. These new risk factors surface your most critical systems first, so you can focus your energy on the highest risks to your business:

• Cassandra
• Elasticsearch
• MariaDB
• MongoDB
• OpenLDAP
• OpenSearch
• Samba
• vsftp server
• Pure-FTPd server
• ProFTPD FTP server

Understand an asset's risks at a glance

Mondoo now shows risk factors on asset checks tables so you can understand risks that elevate security concerns.

Expanded Windows support

Our first-class Windows security and compliance just got even better.

Windows 2025 Server support

It's been over three years since the last major Windows Server release, and Microsoft has been busy putting plenty of new security features in Windows 2025. If you're testing the waters on this new version, released this week, Mondoo has your back! We have full support for securing Windows Server 2025, including the new Arm processor variants.

If you're interested in learning more about everything new in this Windows release, check out our Overview of Changes and New Security Features in Windows Server 2025 blog post.

Package data in Windows snapshot scans

You can now expose package vulnerabilities on Windows cloud hosts without deploying agents. Windows cloud snapshot scans now include package discovery.

Detect EOL dates for Windows LTSC and LTSB releases

Mondoo EOL detection support for Windows now includes the Microsoft Long Term Servicing Channel (LTSC) and Long Term Servicing Branch (LTSB) releases. No matter what release of Windows you use, Mondoo detects upcoming EOL dates.

‍

Long descriptions for organizations and spaces

Communicate the intended purpose of organizations and spaces to your coworkers, or maybe just your future self, with long descriptions for organizations and spaces. Set a description in the new organization and space creation pages or edit them after the fact in the settings pages.

Notes for cases

Cases (Mondoo's ticket system integration feature) are an important way to communicate with the team fixing security issues. Now you can provide the context that downstream teams need to remediate problems quickly: When you create a case, you can write a note, which automatically syncs to your ticketing or project management system.

View configuration details of your asset inventory

‍

Understand the configuration of systems throughout your spaces with query packs. Query pack pages now expose results returned for each asset. Use Mondoo's two dozen out-of-the-box query packs to expose important configuration data such as running processes or available memory. If those query packs don't include quite what you need, write your own query packs to expose business-specific asset configuration data throughout your spaces.

See priority findings on the spaces page

Quickly understand the spaces that need your attention the most with a count of priority findings shown on the spaces page. The number of priority findings is the total of all critical and high findings on the space. Mondoo highlights them to help you to better prioritize your effort.

Secure NGINX assets

Keep critical web servers, proxy servers, and load balancers secure with new CIS NGINX benchmarks. These six policies include 91 checks in total designed to ensure that NGINX is not only installed securely but also configured to protect sensitive data from prying eyes.

CloudLinux support

Query and secure CloudLinux assets with new support in Mondoo for the hosted-optimized Linux distribution.

Faster load times in compliance

Track your compliance quicker than ever, with up to 10x faster load times in the Compliance Frameworks page.

Badges for newly enabled policies

Too many cooks in the kitchen? Understand when you or your coworkers enable new policies in a space with a "New" badge on any policy enabled in the last 7 days.

Policy updates

We updated four CIS benchmark policies in November.

CIS AWS Foundations benchmark 4.0

Stay on top of the latest threats against your AWS infrastructure with the updated CIS AWS Foundations benchmark 4.0. This new release includes 14 new and updated recommendations for the most commonly used Amazon services.

CIS Debian 12 v1.1.0 benchmark policy

Secure Debian 12 systems with the latest recommendations from the Center for Internet Security. This newly updated policy includes 365 updates including all new checks, updated descriptions, and improved remediation steps.

CIS macOS 12 v3.1.0 benchmark policy

Secure legacy macOS 12 systems with the newly updated macOS 12 (Monterey) benchmark, including updated checks, recommendations, and remediation steps.

Updated CIS Debian 11 benchmark policy 2.0.0

With 665 updates including new and improved checks, descriptions, and remediation steps, this updated policy keeps your Debian 11 systems secure against the latest threats.

New and improved MQL resources

Of course, we added and improved MQL resources this month to give you access to even more infrastructure data.

files.find

New depth field

fstab

New resource

gitlab.project

New emptyRepo field

New groupRunnersEnabled field

New jobsEnabled field

New sharedRunnersEnabled field

gitlab.project.approvalsetting

New selectiveCodeOwnerRemovals field

gitlab.project.member

New state field

New username field

microsoft.conditionalAccess

The namedLocations field now returns the new microsoft.conditionalAccess.namedLocations resource

microsoft.user

New mfaEnabled field

vsphere.datacenters

New distributedPortgroups field

New distributedSwitches field

vsphere.vswitch.dv

New moid field

‍