Mondoo 11.15 is out!

July 30, 2024 · 3 min read

Mondoo Core Team

🥳 Mondoo 11.15 is out! This release includes GitLab security benchmarks, improved Kubernetes scanning, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

CIS benchmarks for GitLab security

Secure your critical supply chain infrastructure with our new CIS GitLab benchmark policies. These policies include 27 checks for users, groups, and projects in level 1 and level 2 policies. Each policy is compatible with both self-hosted and SaaS GitLab instances.

🧹 IMPROVEMENTS

Focus Kubernetes scanning on top-level resources

Focus on the workloads that matter to your business with the latest release of the Mondoo Kubernetes Operator. Mondoo now scans top-level workloads only so that:

Results better reflect the actual state of security in your cluster.
All results in Mondoo can be traced back to actual Kubernetes manifest code that you can update.

For example, if you define a CronJob in a Kubernetes manifest, we scan only the CronJob workload asset instead of also scanning the Job and Pod assets during each execution of the CronJob. In this case, hundreds of child assets no longer scan. Space statistics don't reflect ephemeral child assets that are no longer present in the cluster.

In addition to a more focused set of assets in the Mondoo Console, you now also experience faster scans and lower scan memory usage. We saw a 3x improvement in our test clusters!

Linux Mint 22 CVE and EOL detection

Secure the latest release of Linux Mint with new support for CVE scanning and EOL detection in Linux Mint 22.

Data export improvements

Mondoo data exports now include more data than ever so you can feed your critical security findings into external SIEM or data warehousing systems. Exports now include vulnerability data as well as detailed asset scoring information.

Resource updates

aws.eks.cluster

New supportType field
New authenticationMode field

aws.rds.dbcluster

New engineLifecycleSupport field

aws.rds.dbinstance

New engineLifecycleSupport field

github.file

New downloadUrl field

🐛 BUG FIXES AND UPDATES

Fix incorrect policy scoring when banded scoring is selected.
Fix passing the --token failure with the Shodan provider.
Fix the display of organizations with zero spaces on the organization's dashboard.
Don't apply CIS Windows desktop benchmark policies to Windows Server assets.
Fix Ensure password hashing algorithm is SHA-512 check in the CIS Distribution Independent Linux benchmark policy.
Improve the application of CIS Linux policies on container assets.
Fix failures scanning Atlassian Confluence assets.
Fix an error fetching createdAt in the aws.ec2.keypair resource.
Fix a failure fetching approvalSettings in the gitlab.project resource.
Fix broken links in Jira issues created with cases.
Update Debian 11 and Ubuntu 24.04 EOL dates to match the latest vendor published dates.
Ensure that the AWS EC2 instance name is always set as the asset name (if the asset name is present).
Fix reports retrieval for Google Workspace.
Fix fetching project approval settings in GitLab.
Add debug level logging for retries in the GitHub provider.
Rework CIS Google Workspace policy queries to improve output.
Add descriptions to the CIS Google Workspace policies.
Fix a failure running data exports.
Fix a misdetection of platforms on some large container images.
Improve scan times for single GitHub repository scans.

🥳 Mondoo 11.15 is out! This release includes GitLab security benchmarks, improved Kubernetes scanning, and more!​

🎉 NEW FEATURES​

CIS benchmarks for GitLab security​

🧹 IMPROVEMENTS​

Focus Kubernetes scanning on top-level resources​

Linux Mint 22 CVE and EOL detection​

Data export improvements​

Resource updates​

aws.eks.cluster​

aws.rds.dbcluster​

aws.rds.dbinstance​

github.file​

🐛 BUG FIXES AND UPDATES​