Releases

Mondoo October 2024 Release Highlights

For Mondoo, October has been about building, sure, but also about rebuilding. We overhauled our AWS serverless integration and the user experience for managing policies. Based on customer feedback and smarter engineering, we just keep making it easier to secure your business-critical assets. When you throw in workflow integration with Azure DevOps and ZenDesk and hearty lists of newly supported systems, policies, and resources, you have a bountiful fall harvest!

Protect your business with an all-new serverless AWS integration experience

In our years of experience securing AWS accounts at scale, we've learned a few things. And we've put that education to work in the rewrite of our serverless AWS integration. Now our customers enjoy:

  • Enhanced security—Our new design reduces the privileges required to run in your environment. Now you can gather critical security insights without introducing new risks to your business.
  • Greater scalability—Mondoo's serverless solution now scales to even the biggest enterprise AWS accounts.
  • Granular results—The new scanning method provides more resource-level granularity to enhance your visibility into critical business risks.

Resource scan filtering

New filtering lets you choose exactly which AWS resources Mondoo evaluates. Include and exclude filters let you define what to scan and not scan based on:

  • Regions
  • Instances
  • Tags

Continuous integration users can set filters in Mondoo Platform. CLI users can specify a comma-separated list of tag values using the --filters flag.

Expanded run region support

The Mondoo AWS serverless integration has always supported scanning your AWS resources in any region. Now it offers additional options for where the scanner itself runs. You can install the integration into these new regions:

  • ca-central-1
  • eu-north-1
  • eu-west-2
  • eu-west-3
  • ap-south-1

Manage policies and query packs with ease

We listened to our customers and learned that the Registry introduced unnecessary complexity to policy and query pack management. Based on this feedback, we fully restructured the user experience. This more intuitable organization of tasks puts the content you need at your fingertips. 

Users can now:

  • Perform all policy tasks in the Security pages
  • Perform all query pack tasks in the Inventory pages
  • Perform all frameworks tasks in the Compliance pages

It's now much easier to:

  • Enable and disable policies
  • Preview policies
  • Customize how Mondoo scores policies
  • Customize properties for individual checks in a policy
  • Understand the risk scores distribution of policies across assets

Track security remediation tasks in your Azure DevOps or Zendesk workflow

Mondoo now automatically creates and updates issues in Azure DevOps. This lets you track fixes to security findings that Mondoo exposes. The Azure DevOps integration adds to our existing support for Jira, Zendesk, GitHub, GitLab, and any project or ticket management system that supports incoming email. 

We improved our Zendesk integration with the ability to define values for any custom fields that your Zendesk instance requires.

Find and fix the security risks that pose the biggest threat to your business.

Continuously monitor external exposure with Shodan

Gain visibility into your infrastructure's external exposure with continuous Shodan scanning in Mondoo. Our new Shodan integration allows you to automatically monitor domains, IP addresses, and IP blocks for external risk.

Paired with our new Shodan Security policy and Shodan query pack, this scanning provides critical insights into what attackers know about your systems. Now you can prioritize essential fixes effectively.

Evaluate the security of all the newest platforms

We've been hard at work adding support for more platforms, including recent releases:

  • Fedora 41
  • Ubuntu 24.10
  • Windows 11 24H2
  • Google COS 117
  • macOS Sequoia (15)

Search for available integrations

We offer so many integrations that it can be hard to find the one you want! To help, we added a search bar to the Available Integrations page. Just type a few characters to filter the integrations shown.

Stay protected with improved policies

As always, our security team has been hard at work developing more effective policies:

  • CIS Windows Server 2016 benchmark 3.0.0
  • CIS Windows Server 2019 benchmark 3.0.1
  • CIS Windows Server 2016 benchmark 3.0.0
  • CIS Windows Server 2019 benchmark 3.0.1
  • CIS Ubuntu 22.04 benchmark policy 2.0
  • CIS VMware ESXi 6.7 Benchmark v1.4.0
  • CIS VMware ESXi 7.0 Benchmark v1.4.0
  • CIS VMware ESXi 8.0 Benchmark v1.1.0

New and improved resources

asset

New purl field

aws.ec2.instance

New iamInstanceProfile field using the new aws.iam.instanceProfile resource

aws.iam

New instanceProfiles field using the new aws.iam.instanceProfile resource

microsoft.policies

New consentPolicySettings field

Letha Dunn

Letha has been writing about technology for more than thirty years. During the past decade, she’s focused on educating engineers about identity and access management, security, CI/CD, and project velocity. Letha lives in the Pacific Northwest, where she rescues and rehabilitates abused and neglected horses and dogs.

Tim Smith

Tim Smith is a Product Manager at Mondoo. He’s been working in web operations and software development roles since 2007 and port scanning class As since 1994. He downloaded his first Linux distro on a 14.4 modem. Tim most recently held positions at Limelight Networks, Cozy Co, and Chef Software.

You might also like

Augment Microsoft Defender for Cloud with Mondoo Exposure Management
Releases
Mondoo November 2024 Release Highlights
Overview of Changes and New Security Features in Windows Server 2025