🥳 Mondoo 11.26 is out! This release includes new AWS scan filtering options, custom fields in Zendesk cases, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

AWS resource scan filtering​

Pick and choose the exact AWS resources that Mondoo evaluates with new scan filtering.

The AWS serverless integration now includes the ability to define AWS resources to scan with region-, instance-, and tag-based include and exclude filters. Scan just a single region or exclude resources using owner tags.

For CLI users, now you can specify a comma-separated list of tag values with the --filters flag.

To include only EC2 instances with the "Owner" tag of "backend", "frontend", or "dba":

--filters ec2:tag:Owner=backend,frontend,dba

To exclude EC2 instances with the "Owner" tag of "qa" and "dev":

--filters exclude:ec2:tag:Owner=qa,dev

Custom fields for Zendesk cases​

Improve the routing of cases generated in Zendesk with new globally set custom fields.

🧹 IMPROVEMENTS​

Improved policy risk display​

Understand the risk scores distribution of policies across assets in your spaces with improved asset scan results on the security policies page.

Ubuntu 24.10 platform support​

Secure workstations running the latest release of Ubuntu with full Ubuntu 24.10 support including Linux security policies, vulnerability detection, and EOL support.

🐛 BUG FIXES AND UPDATES​

• Fix errors on the Software page versions graph if all risk severities are unchecked.
• Add a creation date column to ticketing integration lists.
• Don't display "Last scanned" on ticketing integration pages.
• Don't display the "Schedule Now" button on ticketing integration pages.
• Don't include the "Pause Scanning" menu option on ticketing integration pages.
• Improve display of affected assets on advisories, CVEs, and checks pages.
• Fix flickering of text fields on integration setup pages.
• Improve rendering of manual setup instructions on the Workstation integration setup page.
• Don't show base scores in the score summaries of CVEs or Advisories.
• Fix incorrect rendering of some tool tips on overview pages.
• Improve rendering of compliance progress bars at 0% progress.
• Improve reliability of advisories and MTTR values on the vulnerabilities overview page.
• Improve readability of markdown generated by cases.
• Expand and improve help in cnquery and cnspec.
• Properly parse command line flags containing double hyphens (--).
• Improve performance loading asset checks.

🥳 Mondoo 11.25 is out! This release includes expanded platform and AWS region support, updated Ubuntu 22.04 CIS policies, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🧹 IMPROVEMENTS​

Updated CIS Ubuntu 22.04 benchmark policy​

Secure critical Ubuntu 22.04 systems with the latest CIS Ubuntu benchmark version 2.0 policy. This updated policy includes 488 changes including dozens of all-new checks to keep your systems secure against the latest threats.

Expanded AWS serverless integration region support​

The Mondoo AWS serverless integration has always supported scanning your AWS resources in any region. Now you have additional options for where the scanner itself runs. Mondoo now supports installing the integration into the following new regions:

• ca-central-1
• eu-north-1
• eu-west-2
• eu-west-3
• ap-south-1

Expanded platform support​

Ensure systems are supported and secured with expanded vulnerability and end of life detection:

• Windows 11 24H2
• Google COS 117
• macOS Monterey (12)

View exception count on check pages​

Exception counts on individual check pages let you quickly see how many exceptions are set for an individual check.

🐛 BUG FIXES AND UPDATES​

• Improve score accuracy for CVEs and checks.
• Open links from the AWS integration page in new tabs.
• Improve form validation and formatting in the AWS integration setup form.
• Fix incorrectly clipped log messages in the AWS integration page.
• Make single account installs the default option during AWS serverless integration setup.
• Improve auditd checks in CIS Linux benchmark policies to better support container image and filesystem snapshot scans.
• Redirect to the spaces list page after deleting a space.
• Support sending very large scan results to Mondoo Platform.
• Fix returning an incorrect platform family for Dockerfiles.
• Improve scan reliability in the AWS serverless integration.
• Expand and improve help in cnquery and cnspec.
• Update CIS Google Cloud Foundations policy to version 3.0 to match the check content.

🥳 Mondoo 11.24 is out! This release includes an all-new AWS serverless integration, macOS Sequoia support, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

All-new AWS serverless integration experience​

Over the past few months, our engineers have been hard at work on a complete rewrite of our AWS serverless integration. This new release builds on our previous design and incorporates valuable insights we've gained from securing AWS accounts at scale. What can you expect from this new release?

• Enhanced security - Our new design drastically reduces the number of privileges required to run in your environment so you can gather critical security insights without introducing new risks to your business.
• Expanded scalability - From the smallest dev account to enterprise-sized production accounts, Mondoo has you covered.
• Granular results - Our new approach to scanning provides resource-level granularity in more situations, giving you enhanced visibility into critical risks to your business.

macOS Sequoia support​

Is your team eager to upgrade to the latest macOS Sequoia release? Now you can keep your bleeding edge users happy and secure with Mondoo! With tested packages, EOL detection support, and new CIS benchmarks, you'll be ready to tackle early adopters on day one. For users still running Sonoma (14) or Ventura (13), updated CIS benchmark policies offer new and improved security recommendations.

🧹 IMPROVEMENTS​

Resource updates​

microsoft.policies​

• New consentPolicySettings field

🐛 BUG FIXES AND UPDATES​

• Improve the setting descriptions on the user settings page.
• Fix formatting errors on Linux integration code blocks.
• Fix false positive error messages when scanning GitHub repositories and organizations.
• Improve Windows event log entries from the Mondoo service.
• Improve resiliency of Windows system information gathering.
• Add the Shodan logo to Shodan policies.
• Improve reliability of CVE risk scores.
• Fix missing Red Hat advisories for legacy releases.

🥳 Mondoo 11.23 is out! This release includes automatic drift detection, GitHub and GitLab ticketing support, improved asset tables, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

Added features in cases​

This release further expands the capabilities of cases, Mondoo's feature for tracking remediation work. Cases let you turn security findings into tasks that automatically export to your existing project management or ticket system. That way, you can track and resolve Mondoo findings in your regular workflow.

New support for GitHub Issues, GitLab Issues, and email ticketing​

Mondoo now supports creating tickets in GitHub Issues and GitLab Issues, and can also send ticket notifications via email. These options join our existing support for ticketing with Jira and Zendesk.

Create cases automatically on asset drift​

When scans go from passing to failing, you want to know quickly. Now when an asset fails a check or vulnerability scan that it previously passed, Mondoo creates a case and shares it with your ticket system so you can respond rapidly. Mondoo can even group similar drift findings in a single case.

New CIS Ubuntu 24.04 benchmark policy​

Secure your Ubuntu 24.04 servers and containers with the brand new CIS Ubuntu 24.04 level 1 & 2 benchmarks. These policies include 295 total checks to secure your critical Ubuntu systems.

🧹 IMPROVEMENTS​

Updated CIS Azure Foundations 3.0 benchmark policy​

Evaluate your Azure subscriptions against the latest CIS recommendations with the updated CIS Azure Foundations benchmark version 3.0. This updated policy includes 15 all-new checks as well as 69 updated checks.

Improved asset view in policies​

Out with the old and in with the new: Now you can view risk scores, risk factors, and last updated times for assets directly from the policy pages.

Shodan host asset overview​

Shodan host scans are now included in the "Domains and Hosts" inventory group and include helpful configuration summary information on their asset pages.

Resource updates​

github.repository​

• New codeOfConductFile field
• New supportFile field
• New securityFile field

github.file​

• New exists field

microsoft.conditionalAccess​

• New resource with namedLocations field

microsoft.conditionalAccess.ipNamedLocation​

• New resource with name and trusted fields

azure.subscription.networkservice.applicationGateway​

• New wafConfiguration field using the new azure.subscription.networkService.wafConfig resource

azure.subscription.webService.appsite​

• New functions field using the new azure.subscription.webService.function resource

🐛 BUG FIXES AND UPDATES​

• Improve the performance of EC2 instance discovery.
• Fix tag filtering in the AWS provider.
• Avoid errors in the AWS Elasticsearch, SageMaker, and SNS resources when nil values are returned.
• Ensure that the AWS KMS resource returns all keys.
• Improve performance of data exports.
• Improve performance loading vulnerability data.
• Show risk scores for each CVE displayed on advisory pages.
• Improve asset category names in the inventory page.
• Improve performance of checks in the CIS GitHub benchmark policy.
• Improve the overall reliability of multiple checks in CIS Linux benchmarks.
• Fix invalid Kubernetes operator installation code in the Kubernetes integration.
• Improve reliability of inactive asset cleanup in large spaces.
• Fix some Red Hat advisories with CVSS v3 data incorrectly identifying as CVSS v2 format.
• Improve the display of data query results in command line scans.
• Improve cnspec logging when running as a service.
• When searching for spaces, show the name not the ID.

🥳 Mondoo 11.22 is out! This release includes the new case overview, Zendesk ticket support, a Microsoft Entra ID security policy, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

Cases and ticket system integrations!​

Mondoo users can now group security findings into cases and assign those cases to external ticket systems for efficient tracking and resolution. Cases ship today with out-of-the-box support for Jira and Zendesk, with more to come.

Key highlights:

• Group findings into cases for better organization and management.
• Delegate cases to external teams using your existing ticketing systems.
• Automatically update issues as your team remediates findings, ensuring real-time progress tracking.
• Auto-close cases and corresponding tickets when all findings within a case are resolved.

This feature enhances collaboration and simplifies the remediation process, helping teams stay focused on securing your environment.

Microsoft Entra ID policy​

Secure your Microsoft Entra ID (previously Active Directory) with our new Mondoo Microsoft Entra ID Security policy. This policy includes essential checks to keep your directory data secure.

🧹 IMPROVEMENTS​

New checks in the CIS Azure Foundations benchmark policy​

Harden your Microsoft Azure subscriptions with expanded checks in the CIS Azure Foundations Benchmark policy. This policy now ensures that Azure Key Vault rotation is configured and AppService HTTP logs are enabled.

🐛 BUG FIXES AND UPDATES​

• Improve rendering of complex remediation text in CIS policies.
• Fix the alignment of the Start Scanning and Browse Integration buttons in new spaces.
• Improve handling of SMBIOS data on Windows to prevent errors displaying in the asset overview.
• Fix failures to scan more than 100 S3 buckets at a time.
• Resolve an AWS serverless integration error shown in the console integration details page.
• Improve the rendering of some CVE descriptions.
• Update AWS policies to use the latest RDS MQL resources.
• Install cnspec from install.mondoo.com instead of mondoo.com during Azure VM scans.
• Fix false negatives when checking bootloader config on Linux distributions based on RHEL 9.
• Skip GDM and firewalld checks when those packages aren't installed on Linux distributions based on RHEL 9.
• Fix policy pages in the registry to display all checks when policies include duplicate check names.
• Don't include asset, policies, or checks counts in ticket system integration pages.
• Improve consistency of letter score calculations.
• Add EOL detection support for FreeBSD 13.4.
• Fix auto-closing of Jira tickets when all Mondoo assets have been deleted.

🥳 Mondoo 11.21 is out! This release includes improved vulnerability views, policy and resource additions, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🧹 IMPROVEMENTS​

Risk summaries for software​

Quickly understand the risk of software versions deployed throughout your infrastructure with new risk summary boxes on software pages. The risk, CVSS score, EPSS score, risk factors, and blast radius help you make informed decisions when it comes to prioritizing software updates in your infrastructure.

Discover advisories for CVEs​

CVE pages now show whether the CVE has a related advisory. Now you can dive deeper into specific vendor recommendations when evaluating the impact of CVEs on your infrastructure.

New checks in the CIS Azure Foundations benchmark policy​

Harden your Microsoft Azure subscriptions with expanded checks in the CIS Azure Foundations Benchmark policy. This policy now ensures that guest users in Entra ID are further restricted and that storage accounts have logging.

Resource updates​

azure.subscription.keyVaultService.vault​

• New autorotation field using the new azure.subscription.keyVaultService.key.autorotation resource

🐛 BUG FIXES AND UPDATES​

• Truncate long control names in compliance report filenames.
• Rename the TLS/SSL Security policy to Mondoo TLS/SSL Security to match other Mondoo policies.
• Fix asset search at the organization level not returning results.
• Improve colorblind mode display.
• Show space names instead of space IDs in organization-level search results.
• Add EOL detection for FreeBSD 13.2 and 14.1.
• Update EOL dates for AlmaLinux 8 and Ubuntu 24.04 to match the latest vendor dates.
• Fix false positive CVEs in packages on Red Hat Enterprise Linux and UBI container images.
• Fix MRNs displaying in top security findings list instead of names.
• Provide a helpful error message if the cnquery/cnspec GCP provider fails to authenticate with Google Cloud.
• Fix mapping of checks to compliance frameworks when a policy includes variants.
• Update integration setup flow to mention both recommended query packs and policies.
• Show an unknown risk score when no risk is known for a CVE or advisory.
• Don't show findings with a blast radius of 0 in the top security findings list.
• Ensure the vulnerabilities page lists only CVEs that impact the space.
• Improve rendering of risk rank numbers above 999.

🥳 Mondoo 11.20 is out! This release includes improved display of compliance evidence, expanded resources, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🧹 IMPROVEMENTS​

Quickly review compliance evidence​

View compliance evidence gathered by Mondoo without leaving Compliance Hub. Now Compliance Hub query pages show evidence for each scanned asset right on the page, so you can quickly review evidence without individually opening each asset.

Resource updates​

atlassian.jira.issue​

• New projectKey field
• New creator field
• New typeName field

azure.subscription​

• New iot field using new azure.subscription.iotService resource

azure.subscription.webService.appsite​

• New diagnosticSettings field

🐛 BUG FIXES AND UPDATES​

• Improve detection of Terraform files within GitHub repositories.
• Improve grouping of IaC assets in the inventory view.
• Fix mismatching checks scores been the asset page and the individual check pages.
• Improve error reporting if export integrations fail.
• Simplify workstation setup options on the integrations page.
• Ensure all CIS policies include a description in the registry.
• Fix failures uploading custom compliance frameworks.
• Fix a failure to load check scores on CVE pages.
• Update the background color of the CVE and advisory page score depending on the risk score.
• Improve query reliability in the CIS Azure Foundations benchmark policies.
• Fix a failure in Snowflake exports.

🥳 Mondoo 11.19 is out! This release includes a new Shodan security policy, updates to existing security policies, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

New Mondoo Shodan Security policy​

Secure critical, public-facing domains and IP addresses with the new Mondoo Shodan Security policy. It includes checks to identify open ports and vulnerabilities as reported by the Shodan network scanning service.

🧹 IMPROVEMENTS​

Risk summaries for vendor advisories​

Better understand the criticality of vendor advisories with new score summaries. Advisories now include an overall risk score, taking into account blast radius and Mondoo-identified risk factors.

Vulnerability detection on Windows Enterprise multi-session​

Mondoo now includes vulnerability detection on Windows 10/11 Enterprise multi-session editions.

Compliance data in exports​

Data exports now include compliance control references, so you can feed compliance evidence collected by Mondoo into external data analytics systems.

Expanded security policies​

Secure your ever growing fleet of assets with new and expanded policies:

• Mondoo HTTP Security policy now includes checks to ensure Server, X-AspNetMvc-Version, X-AspNet-Version, X-Powered-By, and Public-Key-Pins HTTP headers are not set.
• CIS Azure Foundations benchmark policy includes 8 new checks as well as filter and query improvements.
• Mondoo Endpoint Detection and Response (EDR) policy now includes support for Cortex XDR.
• AWS Operational Best Practices policy includes improved S3 bucket permission checks.

New console audit events​

Keep tabs on changes made to your Mondoo organization and spaces with improved audit logging. New events recorded in the Mondoo Console audit log include:

• Policies or frameworks enabled
• Policies or frameworks disabled
• Policies or frameworks put in preview
• Risk factor configuration changes
• Integrations created
• Integrations deleted
• Space settings modified
• Registration tokens created
• API tokens created
• Compliance reports generated
• Custom policy or framework uploads

Expanded query packs​

Collect important asset inventory data with new and expanded query packs:

• macOS Inventory Pack now collects system extensions information.
• Shodan inventory pack now collects DNS NS records, subdomains, and domain tag information.
• There's a new Event Log Collector for NTLMv1 query pack.
• We added the Event Log Collector for SMBv1 query pack.

Resource updates​

github.commit​

• New authoredDate field
• New committedDate field

🐛 BUG FIXES AND UPDATES​

• Add custom icons in the registry for AlmaLinux, BSI, Oracle Linux, Rocky Linux, and Arista.
• Improve the consistency of table score headings throughout the console.
• Improve descriptions in multiple CIS benchmark policies.
• Improve handling of expired registration tokens in cnquery and cnspec.

🥳 Mondoo 11.18 is out! This release includes expanded security policies, Compliance Hub improvements, piles of new resources, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

New policies for detecting NTLMv1 and SMBv1​

Secure your Windows infrastructure against vulnerable legacy Microsoft file sharing and authentications protocols with the new Mondoo NTLMv1 Audit policy and Mondoo SMBv1 Audit policy. These policies, co-developed with the wonderful engineers at SVA, ensure you're using only modern and secure file sharing and authentication methods.

🧹 IMPROVEMENTS​

Space sunburst chart improvements​

Quickly understand where security problems lie with improvements to the sunburst charts on the space overview page. The sunburst now groups IaC, network, and SaaS assets to quickly expose hot spots in your security posture. Dive deeper into each category with improved asset placement, so you can track down problematic services.

Deeper AWS serverless integration scans​

When a default VPC is in place, the Mondoo AWS serverless integration now produces deeper security scans that include:

• Individual assets for common AWS resources

• Improved query outputs

Use these improved scan results to navigate security issues in organization and space dashboards and to set granular exceptions on individual resources.

Improved Compliance Hub look and feel​

A refreshed Compliance Hub UI makes it easier to track your audit progress. Simplified progress bars show completion status. We also replaced the check distribution graph with intuitable icons for each exception state.

Cover letters in compliance reports​

Inform your auditor about Mondoo with a new Mondoo introduction PDF included in each compliance report. The letter explains who we are and how we collect evidence, and lets them know how to contact us if they have questions.

Expanded CIS Azure Foundations policy​

Expand your Azure security insights with our newly expanded CIS Azure Foundations benchmark. The policy includes dozens of new checks for securing IAM, database, storage, secrets, and directory services.

Resource updates​

azure.subscription​

• New policy field using the new azure.subscription.policy resource
• New iam field that deprecates the authorization field

azure.subscription.authorizationService​

• New roleAssignments field using the new azure.subscription.authorizationService.roleAssignment resource
• New managedIdentities field using the new azure.subscription.managedIdentity resource

azure.subscription.authorizationservice.roledefinition​

• New type field that deprecates the isCustom field

azure.subscription.cloudDefenderService​

• New defenderForAppServices field
• New defenderForSqlServersOnMachines field
• New defenderForSqlDatabases field
• New defenderForOpenSourceDatabases field
• New defenderForCosmosDb field
• New defenderForStorageAccounts field
• New defenderForKeyVaults field
• New defenderForResourceManager field

azure.subscription.postgreSql.FlexibleServers​

• Return all servers in the subscription

microsoft​

• The organizations field is now deprecated. Use microsoft.tenant instead.

microsoft.application​

• New api field
• New applicationTemplateId field
• New certification field
• New defaultRedirectUri field
• New disabledByMicrosoftStatus field
• New groupMembershipClaims field
• New isDeviceOnlyAuthSupported field
• New isFallbackPublicClient field
• New nativeAuthenticationApisEnabled field
• New optionalClaims field
• New parentalControlSettings field
• New publicClient field
• New requestSignatureVerification field
• New samlMetadataUrl field
• New serviceManagementReference field
• New servicePrincipal field
• New servicePrincipalLockConfiguration field
• New spa field
• New tokenEncryptionKeyId field
• New web field
• New appRoles field using the new microsoft.application.role field

microsoft.roles​

• New resource that replaces microsoft.rolemanagement

microsoft.serviceprincipal​

• New appId field
• New applicationTemplateId field
• New appOwnerOrganizationId field
• New appRoleAssignmentRequired field
• New description field
• New isFirstParty field
• New loginUrl field
• New logoutUrl field
• New notificationEmailAddresses field
• New permissions field using the new microsoft.application.permission field
• New preferredSingleSignOnMode field
• New servicePrincipalNames field
• New signInAudiencesignInAudience field
• New verifiedPublisher field

microsoft.user​

• New authMethods field using the new microsoft.user.authenticationMethods resource
• Deprecated companyName, department, employeeId, jobTitle, mail, mobilePhone, otherMails, officeLocation, postalCode, and state in favor of data in the job and contact fields

microsoft.tenant​

• Renamed from microsoft.organization
• New createdAt replaces the now deprecated createdDateTime
• New name field
• New provisionedPlans field
• New subscriptions field
• New type field

microsoft.security​

• New riskyUsers field using the new microsoft.security.riskyUser resource

🐛 BUG FIXES AND UPDATES​

• Fix incorrect AWS account identification in some resources.
• Don't error when checking services on containers.
• Fix a failure fetching AWS KMS information.
• Update the title of the CIS Controls framework to include the version number.
• Generate complete report archives with the correct file date stamps.
• Fix a failure exporting data to S3.
• Improve rendering of very long policy names on the asset page.
• Fix missing search results.
• Improve application of Azure and Amazon EKS policies.

🥳 Mondoo 11.17 is out! This release includes Dockerfile security, all-new AWS security policies, and piles of new resources!​

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES​

New Dockerfile Security policy​

Secure your container workloads before they run in production with our new Dockerfile Security policy. With automatic Dockerfile discovery in GitHub and GitLab and this new policy, you can evaluate the security of Dockerfiles no matter where they're hiding. Once you've secured your existing files, keep them secure with Dockerfile scanning in CI pipelines.

New CIS AWS Database Services Benchmark policy​

Keep your most valuable business data secure with the new CIS AWS Database Services benchmark policy. This policy includes security recommendations for Amazon's most popular database services:

• Amazon Aurora
• Amazon DynamoDB
• Amazon ElastiCache
• Amazon Neptune
• Amazon RDS
• Amazon Timestream

New Mondoo Amazon Web Services (AWS) GuardDuty policy​

Make the most of AWS GuardDuty with our new Mondoo Amazon Web Services (AWS) GuardDuty policy. This policy includes checks to ensure that GuardDuty is properly enabled and configured for EC2, EKS, IAM, Lambda, and S3 security.

Mondoo Amazon Web Services (AWS) IAM Access Analyzer policy​

Cloud security starts with securing access to critical resources. With the new Mondoo Amazon Web Services (AWS) IAM Access Analyzer policy you can now ensure that IAM Access Analyzer is enabled and properly configured.

🧹 IMPROVEMENTS​

Newly certified CIS benchmark policies​

Our CIS Red Hat Enterprise Linux, Oracle Linux, AlmaLinux, and Rocky Linux 9 policies are better than ever with updates to improve reliability and query output. Even better, these policies are now certified to pass the rigorous CIS benchmark validation process, so you can be confident they'll secure even the most complex enterprise Linux installations.

Jump right to the point​

Now you find what you're looking for with fewer clicks thanks to improved linking behavior on affected assets pages. Links to assets now go directly to the asset result instead of the main asset page, so you can spend your time remediating findings instead of searching for them.

Resource updates​

aws.dynamodb.table​

• New items field
• New latestStreamArn field

aws.elasticache​

• New serverlessCaches field using the new aws.elasticache.serverlessCache resource

aws.guardduty.detector​

• New features field
• New findings field using the new aws.guardduty.finding resource
• New tags field
• Improve performance fetching detector details

aws.iam.accessAnalyzer​

• Renamed from aws.accessAnalyzer with backward compatibility for existing policies
• New findings field using the new aws.iam.accessanalyzer.finding resource

aws.iam.accessanalyzer.analyzer​

• New region field
• Include organization-level analyzers as well as activated but unused analyzers

aws.neptune​

• New resource for the AWS Neptune graph database
• clusters field using the new aws.neptune.cluster resource
• instances field using the new aws.neptune.instance resource

aws.rds​

• New allPendingMaintenanceActions field using the new aws.rds.pendingMaintenanceAction resource
• Deprecate the dbInstances field in favor of a new instances field
• Deprecate the dbClusters field in favor of a new clusters field

aws.rds.dbcluster and aws.rds.dbinstance​

• New activityStreamMode field
• New activityStreamStatus field
• New certificateAuthority field
• New certificateExpiresAt field
• New enabledCloudwatchLogsExports field
• New iamDatabaseAuthentication field
• New monitoringInterval field
• New networkType field
• New preferredBackupWindow field
• New preferredMaintenanceWindow field
• Improve performance fetching security groups details
• Don't include non-RDS engine results

aws.timestream.liveanalytics​

• New resource with databases and tables fields

aws.vpc​

• New name field

azure.subscription.cloudDefender​

• Check the pricing tier for the Servers plan when verifying that Azure's Defender for Servers is enabled

microsoft.application​

• New certificates field using the new microsoft.keyCredential resource
• New createdAt field
• New description field
• New hasExpiredCredentials field
• New info field
• New name field
• New notes field
• New secrets field using the new microsoft.passwordCredential resource
• New tags field

microsoft.group​

• New members field

microsoft.user​

• New owners field

product.eol​

Use this new resource to look up end-of-life status for common products. Example:

cnquery> product(name: "php", version: "8.1").releaseCycle { * }
product.releaseCycle: {
  endOfLife: 2025-12-31 01:00:00 +0100 CET
  endOfExtendedSupport: 719528 days
  cycle: "8.1"
  lastReleaseDate: 2024-06-06 02:00:00 +0200 CEST
  name: ""
  link: "https://www.php.net/supported-versions.php"
  latestVersion: "8.1.29"
  endOfActiveSupport: 2023-11-25 01:00:00 +0100 CET
  firstReleaseDate: 2021-11-25 01:00:00 +0100 CET
}

🐛 BUG FIXES AND UPDATES​

• Fix a false negative result in the CIS Microsoft 365 policy's "Ensure a dynamic group for guest users is created" check.
• Add VPC name to asset overview information.
• Don't execute CIS Windows workstation benchmarks on server releases.
• Improve the default data returned by the k8s.node resource.
• On the Available Frameworks page, make compliance framework descriptions more concise.
• Add an AWS CloudFormation policy variant icon on policy pages.
• Fix missing risk factors in the affected assets views.
• Show the risk score instead of CVSS scores in asset CVE tables.
• Allow sorting by risk score in tables.
• Fix Windows asset information not returning on some Windows releases if WinRM is disabled.