Mondoo 11.11 is out!

July 2, 2024 · 4 min read

Tim Smith

Mondoo Core Team

🥳 Mondoo 11.11 is out! This release includes GitHub Enterprise support, automated IaC file discovery in code repositories, EU NIS2 Cybersecurity Directive Framework support, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

Continuous GitHub Enterprise scanning

Mondoo's GitHub integration has expanded to support GitHub Enterprise as well. GitHub Enterprise users can now get all the Mondoo GitHub features for their private instances, including scans of their GitHub configuration and automatic discovery of Terraform code and Kubernetes manifests in GitHub repositories.

Check out the documentation to learn more about integrating Mondoo Platform with GitHub Enterprise.

GitHub Enterprise Configuration

IaC file discovery in GitHub and GitLab

Mondoo now automatically discovers and scans Terraform code and Kubernetes manifests in GitHub and GitLab. If any static Terraform (HCL) or Kubernetes manifest files exist in a repo, Mondoo can detect and scan them for security misconfigurations. This option lets infrastructure developers responsible for writing and maintaining infrastructure as code detect security issues before they create problems in production.

Configure scanning in your existing GitHub and GitLab integrations. Automatic Discovery Options

NIS2 Cybersecurity Directive compliance framework

Mondoo introduces a new NIS2 compliance framework for companies in the European Union that must comply with the NIS2 cybersecurity directive.

NIS2 Checks

CIS Google Workspace benchmark policy

Secure your Google Workspace infrastructure with the new CIS Google Workspace Foundations Benchmark Level 1 and 2 policies including 58 important security checks.

🧹 IMPROVEMENTS

Oracle Linux Kernel CVE support

Mondoo now detects and reports vulnerabilities in the Oracle Unbreakable Enterprise Linux Kernel.

DaemonSet-based Kubernetes integration scanning

The Mondoo Kubernetes integration now supports running as either a DaemonSet, a Deployment or a CronJob, depending on your needs.

Improved GitHub organization scanning scalability

Multiple improvements to the GitHub organization scanner now better ensure that Mondoo does not accidentally trigger GitHub's API rate limits.

Improved Mondoo Terraform provider

The Terraform provider for Mondoo has several changes:

The Terraform provider has full access to the asset list of a Mondoo space and can leverage those assets in Terraform HCL.
The Terraform provider now has access to the full list of active policies via a data source.
You can now use Terraform to enable Mondoo compliance frameworks and even upload custom frameworks.

Resource updates

aws.rds.dbinstance

New subnets field.

azure.subscription.aksService.cluster

New apiServerAccessProfile field.

github.branch

New headCommitSha field.

github.packages

New resource to fetch information on packages for a repository.

🐛 BUG FIXES AND UPDATES

Add vendor source links to VMware and Visual Studio Code security advisories.
Add security advisories for openSUSE Tumbleweed.
Fix scans failing to cancel in the AWS serverless integrations.
Fix sort ordering of Blast Radius in tables.
Fix display of the empty credentials box on the Generate Long-Lived Credentials page.
Don't reject .in domains in the host integration setup page.
Fix the settings link in the navigation bar sometimes disappearing.
Improve the reliability of EBS volume scanning in AWS.
Improve reliability of VM scans in the Azure integration.
Update Fedora and AlmaLinux EOL dates to match the latest vendor announcements.
Update the EOL warning date to be when the date is 6 months out instead of 3.
Fix an error displaying checks for some policies in the console.
Fix a failure fetching the attachedPolicies data in the aws.iam.users resource.
Allow sorting compliance control checks in the console.
Improve the reliability of CIS Ensure default user umask is configured and Ensure default user umask is 027 or more restrictive checks.
Improve reliability of some Windows registry-based CIS checks.
Simplify many Linux checks to improve result output.
Reduce screen flickering when filtering checks on asset pages.
Fix missing check counts in the asset check overview.

🥳 Mondoo 11.11 is out! This release includes GitHub Enterprise support, automated IaC file discovery in code repositories, EU NIS2 Cybersecurity Directive Framework support, and more!​

🎉 NEW FEATURES​

Continuous GitHub Enterprise scanning​

IaC file discovery in GitHub and GitLab​

NIS2 Cybersecurity Directive compliance framework​

CIS Google Workspace benchmark policy​

🧹 IMPROVEMENTS​

Oracle Linux Kernel CVE support​

DaemonSet-based Kubernetes integration scanning​

Improved GitHub organization scanning scalability​

Improved Mondoo Terraform provider​

Resource updates​

aws.rds.dbinstance​

azure.subscription.aksService.cluster​

github.branch​

github.packages​

🐛 BUG FIXES AND UPDATES​