Skip to main content

Mondoo 11.0 is out!

ยท 4 min read
Mondoo Core Team

๐Ÿฅณ Mondoo 11.0 is out! This release includes Firewatch, our new risk prioritization system!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


Introducing Mondoo Firewatchโ€‹

Mondoo version 11 ships with our all-new Firewatch feature, which helps you to surface critical risks and prioritize the most important findings first.

Expose risks that compromise assetsโ€‹

Not all security findings are created equal. With Firewatch, we combine contextual risks on the asset and downstream system exposure to elevate the most important findings first. Elevating risk allows you to move beyond the fire hose of security findings and instead fix the issues most likely to impact your business.

New views for advisories, CVEs, and assets show risk scores and factors to expose the importance of fixes for your infrastructure.


Dive deeper into individual risks with exposure and downstream impact information throughout the console.

CVE Details Page

Understand the impact of a fixโ€‹

It feels good to kill two birds with one stone. Findings in Mondoo now include a blast radius, so you can understand how many systems are impacted by a finding and resolve a large number of findings at once.

Blast Radius

Prioritize findings with a whole new space experienceโ€‹

Your time isn't limitless, so it's crucial to understand quickly the most important work to be done. In addition to our new risk scoring, we've reworked the UI to focus on the most critical issues first. The all-new space dashboard features a sunburst dial for navigating critical findings in your overall infrastructure, as well as ranked lists of both vulnerabilities and security findings.

Space Dashboard

Learn Moreโ€‹

For a deeper look at what we do and how it works, read our Firewatch blog post.


End of life for cnspec/cnquery 9.xโ€‹

With the release of cnspec and cnquery 11.0, we are no longer supporting our legacy 9.x releases. This does not mean your clients will immediately stop working. However, we will start updating policies to use new MQL capabilities introduced in version 10.0. These changes will improve the readability of queries as well as the scan output, but they are not compatible with older clients. If you need assistance with upgrading older clients, please reach out via our Support form.

New default JSON CLI outputโ€‹

cnspec's --json flag now uses our updated json-2 output format by default. If you rely on the original JSON output, you can still set that using the --output json-2 flag.


Windows 11 compatibility policyโ€‹

Enable the new Windows 11 Compatibility policy to see if existing Windows workstations meet the hardware requirements for Windows 11. This policy includes several different checks for CPU, RAM, TPM, and hard drive space requirements. To learn more about these hardware requirements, read Microsoft's Windows 11 Specs & System Requirements page.

CIS Azure Foundations 2.1.0โ€‹

Mondoo now includes the latest CIS Azure Foundations 2.1.0 benchmarks. This new release of the policy includes 82 total updates, including 7 all-new checks and the removal of 8 checks that are no longer relevant.

Console performance improvementsโ€‹

No one wants to wait for web pages to load. That's why we sprinkled some magical optimizations on how the console fetches space and asset data to make sure pages are always snappy to load.

Updated Mondoo Microsoft Azure Security policyโ€‹

We rewrote the Mondoo Microsoft Azure Security policy from the ground up with new and expanded queries that match the latest Azure capabilities, including Microsoft Entra ID.

Additional organization owner privilegesโ€‹

Organization owners are no longer required to be space owners in order to remove users from a space.


  • Skip CIS Linux checks for at and cron to skip if packages are not installed.
  • Improve query output of CIS at and cron checks using variants.
  • Update macOS policy to not fail if OS configuration files are missing.
  • Improve memory usage when scanning large numbers of assets.
  • Improve query output in the Mondoo HTTP policy.
  • Improve reliability of VM scanning in Azure.
  • Display check counts when a policy has over 100 checks.
  • Add bread crumbs to check pages to take you back to the policy or security page.
  • Sort scores on the asset pages from worst to best score.
  • Improve the performance of the aws.cloudtrails.trail and aws.ec2.instance resources.