Skip to main content

Mondoo 10.5 is out!

ยท 2 min read
Tim Smith
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 10.5 is out! This release includes improvements to the software CVE experience, performance, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


๐Ÿงน IMPROVEMENTSโ€‹

Improved software vulnerability experienceโ€‹

Find critically outdated software faster with the improved asset software tab. New quick filter buttons let you select between OS packages and applications. Badges help you narrow down risk with EPSS/CVSS3 scores.

Software vulnerability filtering

Resource improvementsโ€‹

aws.config.recorderโ€‹

  • New resourceTypes field

aws.vpc.flowlogโ€‹

  • New destinationType field
  • New deliverLogsStatus field

Control scanning during registrationโ€‹

Control the configuration of the cnspec service during client registration with new timer and splay flags in the cnspec login command.

Configure the cnspec service to scan every 30 minutes with a 5 minute splay:

cnspec login --token MY_TOKEN --timer 30 --splay 5

Performanceโ€‹

The same great scans, just MUCH, MUCH faster. This week we shuffled around the bits to make GitHub organization scans 5x faster and Azure subscription scans 3x faster.

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Detect tags on AWS instances scanned with SSM.
  • Ensure that AWS instances scanned with SSM are grouped under AWS in inventory.
  • Resolve a potential failure scanning GitLab.
  • Improve failure output in the CIS AWS Foundations benchmark policy.
  • Improve CIS Distribution Linux benchmark policy when running on Photon OS.
  • Prevent EC2 instance scans from creating double instances in some situations.
  • Fix links to PostgreSQL integration documentation in the integration setup flow.
  • Display correct query pack names for asset data queries.
  • Improve rendering of policies on the asset page with wide displays.
  • Fix usage of the --discover flag in the GitHub provider.
  • Fix failures selecting an asset in cnquery shell if there is only a single asset.
  • Don't fail checking IP addresses if both IPv4 and IPv6 are disabled.
  • Fix a failure scanning VMware vSphere assets.
  • Improve reliability of OOM reporting in the Kubernetes integration pages.
  • Improve field handling in the organization creation modal when using keyboard navigation.
  • Fix policy filtering on assets to show all checks for a policy.
  • Improve reliability of fetching CVE data for assets.
  • Add vendor icons to the advisories view.