Organize assets using workspaces 

Need security insights on a specific part of your infrastructure? Create a workspace, a dynamic collection of assets based on criteria you define.

Workspaces are groups of assets within a space that you want to view and assess together. You might create a workspace containing your highest-risk assets and another that focuses on an important project. Mondoo workspaces give you enormous flexibility; you choose what works best for your business goals.

Include assets in (or exclude assets from) a workspace based on any combinations of these attributes:

• Platform, such as Alpine Linux, Atlassian Jira, AWS S3 bucket, GitHub repository, Kubernetes pod, macOS, Slack team, Terraform plan, and more
• Platform version, such as 3, 4.5, or 12.75.9
• Risk rating, such as Critical, High, Medium…
• Characters in the asset name, such as test, 2024, win, us-east-1, or docker-
• Kind, such as Container, Network, or Infrastructure as code
• The general technology family, such as, SaaS, GCP, Azure, or VMware
• One or more tags or labels assigned by a cloud platform
• Mondoo annotations that you define, such as team, project, or virtually anything

To learn about the benefits of workspaces and explore use cases, read Mondoo Workspaces: Organize Security Insights by Team, Location, Technology, and Focus.

To learn how you can use workspaces to better organize assets and expose risks, read Plan Your Mondoo Organization and Workspaces in the Mondoo documentation.

Get the information you need about an asset

Now it's easier to consume and share the asset information you need most. This month we improved our asset detail pages to better fit your workflow. 

Risk insights

Quickly assess asset risks with the updated RISK INSIGHTS section, which shows total counts of high and critical findings and vulnerabilities. Click any section to learn about specific findings.

Scan history

Dive into asset configuration with new first and last scan time data.Copy asset data with one clickNow you can easily copy asset information: When you hover over any value, you see the option to copy the data to your clipboard.

Quickly jump to integrations

Dive into integration configuration directly from a scanned asset. A new link on each asset page takes you to the integration that added the asset.

Improved CIS benchmarks​

‍Sometimes the best changes are behind the scenes. This month we completed all-new internal tooling to generate CIS benchmark policies in Mondoo Platform. These changes will let us add and improve policies more quickly in the future. We already made a number of small improvements to existing policies:

• New checks that were previously marked as requiring manual user validation
• More clear and concise descriptions for each policy
• Expanded check descriptions, including rationale behind the security concerns
• New audit and remediation steps in many Linux distribution policies
• Simplified MQL queries to improve readability
• Additional platform version tags to improve searching for policies
• Improved policy search results when searching for platform versions

New and improved MQL resources

‍​azure.subscriptions.defenderForContainers​

• Expose Extensions values

azure.subscription.policy.assignment​

• New parameters field

fstab​

• Update options field to an array of options instead of a single string

k8s.node​

• New kubeletPort field
• New nodeInfo field
• New created field

gcp.project.storageservice.bucket​

• New encryption field

macos.alf​

• Support macOS Sequoia (15) assets

microsoft.application​

‍Query Microsoft 365 applications by ID or name:

microsoft.application(id: "2efd0330-112c-4971-ab20-eaa54c.....") { * }microsoft.application(name: "nametest") { * }

microsoft.applications​

• Fetch all applications in large installations

Terraform.plan​

• New applyable field
• New errored field
• New variables field using the new terraform.plan.variable resource