Get Started

What Is Mondoo?

Mondoo finds, prioritizes, and resolves the vulnerabilities and misconfigurations that put your business at risk across cloud, Kubernetes, containers, servers, SaaS, network devices, and your SDLC.

Mondoo is a unified security platform built to resolve vulnerabilities and misconfigurations, not just detect them. Mondoo combines a finding's severity, exploitability, and environment context into one risk score, so you focus on the few critical issues that truly matter instead of drowning in alerts.

You scan every layer of your stack with one policy engine, one query language, and one remediation workflow. Mondoo continuously assesses your environment throughout the development lifecycle and in production, and turns risks into actionable fixes (code changes, pull requests, or playbooks).

What you can do with Mondoo

  • Continuously assess every asset across the development lifecycle and in production, with real-time drift detection

  • Prioritize what matters using risk scoring that combines exploitability, exposure, and business impact

  • Resolve risk with code-level fixes, pull requests, and Ansible or Terraform playbooks

  • Automate compliance against frameworks and CIS benchmarks with automated evidence collection

  • Track outcomes through executive reports, vulnerability trends, and posture metrics

  • Customize everything with policy as code that fits your organization's standards

  • Stay in control: every check is auditable, and you decide what gets remediated

Vulnerability and threat intelligence

Mondoo backs every risk score with continuously updated intelligence, so prioritization reflects what attackers are actually doing, not just a static CVSS rating. Mondoo draws on:

  • A database of close to a million known vulnerabilities and malicious packages spanning every major ecosystem

  • Live signals about zero-days, actively exploited CVEs, dark web chatter, media coverage, and government alerts, each contextualized and triaged by urgency

Mondoo confirms which vulnerabilities actually pose risk in your environment and surfaces the ones that matter, so you spend your time on real exposure instead of chasing every alert.

Security and compliance testing for any infrastructure

Misconfigurations and unpatched vulnerabilities pose the biggest risk to the technology, infrastructure, and services that power your business. With more than 70 integrations available out of the box, Mondoo protects your:

  • Public clouds: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud Infrastructure (OCI)

  • Private clouds: VMware vSphere, Proxmox VE

  • Operating systems: Linux, Windows, macOS, AIX, FreeBSD

  • Containers: Docker, container registries (Amazon ECR, Azure ACR, Google GCR, Harbor, Docker Hub)

  • Orchestration: Kubernetes (Amazon EKS, Google GKE, Azure AKS, Red Hat OpenShift, self-managed)

  • SaaS platforms: GitHub, GitLab, Okta, Slack, Microsoft 365, Google Workspace, Cloudflare, Snowflake, Tailscale

  • Network devices: Arista EOS, Cisco IOS/NX-OS, F5 BIG-IP, Fortinet FortiOS, Juniper Junos OS, Palo Alto PAN-OS, Ubiquiti UniFi

  • Server applications: Apache2, Microsoft Active Directory, Microsoft Exchange, and Nginx

For the full list, read Supported Scan Targets.

Integrate security into every phase of the change process

Use Mondoo to find and fix security vulnerabilities and misconfigurations before they reach production. Mondoo does this by:

  • Testing your code, containers, and infrastructure as you build

  • Integrating with your CI/CD pipeline to test every change against your policies, without breaking builds

  • Running continuously across all environments, so drift surfaces the moment it happens

Policy as code

Mondoo policies are high-level code that automate security and compliance. Adopt Mondoo's own out-of-the-box policies plus certified CIS, NIST, and BSI benchmarks, or write your own to match your organization's unique standards. Every policy, every check, and every result is auditable.

The Mondoo product family

Most security tools stop at a list of problems. Mondoo's tools work together to close the loop, from finding an issue to fixing it. They share one policy engine and one query language, so a check you write in one place behaves the same everywhere: on your laptop, in your CI pipeline, and across your production fleet.

  • Mondoo Platform (these docs) is the hosted console where it all comes together. Connect your whole fleet, see risk ranked by what actually matters, prove compliance, and drive every finding to a fix.
  • cnspec is the open source scanner and agent that does the work. Run it from your terminal, wire it into CI/CD, or register it with the Platform to report continuously.
  • MQL (Mondoo Query Language) is the language behind every check. Ask any asset a question, then turn that question into a policy you can enforce.
  • xgrep scans your source code for real, exploitable vulnerabilities and leaked secrets, so issues are gone before they reach production.
  • The VS Code extension puts cnspec and xgrep in your editor, catching problems while you write the code that creates them.

How it fits together: cnspec and xgrep find what's wrong in your infrastructure and your code, MQL defines what secure means for your organization, and the Platform turns the results into one prioritized, trackable path to resolution. You stay in control of every fix.

New to security tooling? The Core Concepts page defines the handful of terms (asset, policy, check, finding, risk score) that appear throughout Mondoo.

Get started

The fastest way in is the Platform Quickstart. It walks you from creating an account to your first prioritized findings in about 15 minutes by connecting a single asset.

When you're ready to set Mondoo up for a real fleet, follow the full path to go from sign-in to fixing your findings:

  1. Plan your Mondoo organization. Decide how to group your assets into regions, organizations, spaces, and workspaces before you connect them.

  2. Integrate your assets. Connect a cloud account, Kubernetes cluster, server, SaaS service, or network device so Mondoo can assess it.

  3. Assess and improve your security. See your findings in priority order and work through the fixes that reduce the most risk.

  4. Track and fix findings. Route remediation work into your ticketing system or automate fixes as pull requests.

Along the way, learn how to navigate the Mondoo App.

For questions or to share feedback, join the Mondoo Community Slack.

Quickstart

Go from a new Mondoo account to your first prioritized security findings in about 15 minutes. Create a space, connect one asset, and see what needs fixing.

On this page

What you can do with MondooVulnerability and threat intelligenceSecurity and compliance testing for any infrastructureIntegrate security into every phase of the change processPolicy as codeThe Mondoo product familyGet started