Mondoo Documentation

Find, prioritize, and fix the vulnerabilities and misconfigurations that put your business at risk. Everything you need to work with the Mondoo Platform, the cnspec CLI, MQL, and the xgrep code scanner.

One platform, from finding to fixed

Most security tools stop at a list of problems. Mondoo's tools work together to close the loop. cnspec and xgrep find what's wrong in your infrastructure and your code, MQL defines what secure means for you, and the Platform turns it all into one prioritized path to resolution.

Step 1

Find

cnspec scans your infrastructure. xgrep scans your code.

Step 2

Prioritize

Risk scoring ranks every finding by what actually matters, so you fix the right things first.

Step 3

Fix

Drive remediation to done with tickets, pull requests, and playbooks. You approve every change.

Where should I start?

Pick the goal that sounds like you.

Documentation by product

Explore the docs

Can't find what you need?

Join the Mondoo community Slack channel to chat with the Mondoo team and other users. For definitions of Mondoo terms, read the glossary.

Join the community