Comprehensive cloud security scans.

Assess the security of your clouds, workloads, and APIs with Mondoo's open source CLI.

An abundance of integrations

Security scanning built on the most extensible data fabric in the security industry

Find misconfigurations and common security problems across all systems.


Scan any Linux distro running on servers, VMs, containers or embedded devices. Find vulnerabilities and other security issues.


Scan any MacOS system for vulnerabilities and security issues.


Scan any Windows system on servers or endpoints for vulnerabilities and security issues.

Amazon Web Services (AWS)

Scan everything in AWS, including accounts, EC2 instances, S3 buckets, EKS clusters, IAM users and more.


Scan everything in Azure, including accounts, VMs, storage objects, AKS clusters, MS365 and more.

Google Cloud

Scan everything in Google Cloud, including accounts, GCE VMs, GCS buckets, GKE clusters, IAM users and more.


Scan Kubernetes clusters and manifests, containers and images, and all other objects. Use cnspec as a kubernetes operator.


Scan any API, service (GitHub, GitLab, Atlassian, Okta), network host (HTTP, TLS, DNS) and many more.


Scan all Terraform objects across HCL configs, as well as plan and state files.


Providers — connectors to different technologies


Resources  — individual objects inside of providers


Fields — structured data describing objects

We also made cnquery, which lets you answer any question about your infrastructure

Custom policies

You can create your own policies with cnspec. These are YAML files with MQL queries, which can be run with cnspec anywhere.

Open source security scanning for clouds, SaaS, operating systems, network, IaC, and more