Organize assets using workspaces
Need security insights on a specific part of your infrastructure? Create a workspace, a dynamic collection of assets based on criteria you define.
Workspaces are groups of assets within a space that you want to view and assess together. You might create a workspace containing your highest-risk assets and another that focuses on an important project. Mondoo workspaces give you enormous flexibility; you choose what works best for your business goals.
Include assets in (or exclude assets from) a workspace based on any combinations of these attributes:
- Platform, such as Alpine Linux, Atlassian Jira, AWS S3 bucket, GitHub repository, Kubernetes pod, macOS, Slack team, Terraform plan, and more
- Platform version, such as 3, 4.5, or 12.75.9
- Risk rating, such as Critical, High, Medium…
- Characters in the asset name, such as test, 2024, win, us-east-1, or docker-
- Kind, such as Container, Network, or Infrastructure as code
- The general technology family, such as, SaaS, GCP, Azure, or VMware
- One or more tags or labels assigned by a cloud platform
- Mondoo annotations that you define, such as team, project, or virtually anything
To learn about the benefits of workspaces and explore use cases, read Mondoo Workspaces: Organize Security Insights by Team, Location, Technology, and Focus.
To learn how you can use workspaces to better organize assets and expose risks, read Plan Your Mondoo Organization and Workspaces in the Mondoo documentation.
Get the information you need about an asset
Now it's easier to consume and share the asset information you need most. This month we improved our asset detail pages to better fit your workflow.
Risk insights
Quickly assess asset risks with the updated RISK INSIGHTS section, which shows total counts of high and critical findings and vulnerabilities. Click any section to learn about specific findings.
Scan history
Dive into asset configuration with new first and last scan time data.Copy asset data with one clickNow you can easily copy asset information: When you hover over any value, you see the option to copy the data to your clipboard.
Quickly jump to integrations
Dive into integration configuration directly from a scanned asset. A new link on each asset page takes you to the integration that added the asset.
Improved CIS benchmarks
Sometimes the best changes are behind the scenes. This month we completed all-new internal tooling to generate CIS benchmark policies in Mondoo Platform. These changes will let us add and improve policies more quickly in the future. We already made a number of small improvements to existing policies:
- New checks that were previously marked as requiring manual user validation
- More clear and concise descriptions for each policy
- Expanded check descriptions, including rationale behind the security concerns
- New audit and remediation steps in many Linux distribution policies
- Simplified MQL queries to improve readability
- Additional platform version tags to improve searching for policies
- Improved policy search results when searching for platform versions
New and improved MQL resources
azure.subscriptions.defenderForContainers
- Expose
Extensionsvalues
azure.subscription.policy.assignment
- New
parametersfield
fstab
- Update
optionsfield to an array of options instead of a single string
k8s.node
- New
kubeletPortfield - New
nodeInfofield - New
createdfield
gcp.project.storageservice.bucket
- New
encryptionfield
macos.alf
- Support macOS Sequoia (15) assets
microsoft.application
Query Microsoft 365 applications by ID or name:
microsoft.application(id: "2efd0330-112c-4971-ab20-eaa54c.....") { * }microsoft.application(name: "nametest") { * }microsoft.applications
- Fetch all applications in large installations
Terraform.plan
- New
applyablefield - New
erroredfield - New
variablesfield using the newterraform.plan.variableresource
