cnspec is a core component of Mondoo Platform. Think of it as both the CLI and the engine for Mondoo. This cross-platform binary evaluates systems and exposes misconfigurations and vulnerabilities that put your organization at risk. It's what enables Mondoo to assess and secure the IT infrastructure that powers your critical business systems.
You can invoke cnspec directly from the command line to assess the local host, perform agentless scans of remote assets, or remotely query IT infrastructure using MQL. It can also run automatically as a background service.
When combined with Mondoo Platform's management capabilities, cnspec can continuously assess your business-critical systems according to the policies you apply. Mondoo reports any deviation from those policies so that you can take immediate action.
$ cnspec scan
→ no provider specified, defaulting to local.
Use --help for a list of available providers.
→ loaded configuration from /Users/tsmith/.config/mondoo/mondoo.yml using source default
→ using service account credentials
→ discover related assets for 1 asset(s)
→ resolved assets resolved-assets=1
███████████████████████████████████████████████████████████████████████████ 100% MBP.localdomain score: B
platform.title: "macOS, bare metal"
os.uptime: 7 days 2 hours 14 minutes 3 seconds
! Error: Disable Remote Login
✓ Pass: Ensure http server is not running
✓ Pass: Ensure nfs server is not running.
✓ Pass: Disable Bluetooth Sharing
✕ Fail: Password Age
✓ Pass: Retain install.log for 365 or more days with no maximum size
✓ Pass: Enable Gatekeeper
✓ Pass: Control access to audit records
✓ Pass: Password History
✓ Pass: Enable "Show Wi-Fi status in menu bar"
✕ Fail: Ensure AirDrop Is Disabled
✓ Pass: Disable DVD or CD Sharing
Scanned 1 assets
For detailed output, run this scan with "-o full".
- To learn more about cnspec, read What Is cnspec?.
- To learn how to register cnspec, read Register cnspec.