Mondoo 11.19 is out!

August 27, 2024 · 3 min read

Tim Smith

Mondoo Core Team

🥳 Mondoo 11.19 is out! This release includes a new Shodan security policy, updates to existing security policies, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

New Mondoo Shodan Security policy

Secure critical, public-facing domains and IP addresses with the new Mondoo Shodan Security policy. It includes checks to identify open ports and vulnerabilities as reported by the Shodan network scanning service.

Shodan policy

🧹 IMPROVEMENTS

Risk summaries for vendor advisories

Better understand the criticality of vendor advisories with new score summaries. Advisories now include an overall risk score, taking into account blast radius and Mondoo-identified risk factors.

Vendor Advisory summary

Vulnerability detection on Windows Enterprise multi-session

Mondoo now includes vulnerability detection on Windows 10/11 Enterprise multi-session editions.

Compliance data in exports

Data exports now include compliance control references, so you can feed compliance evidence collected by Mondoo into external data analytics systems.

Expanded security policies

Secure your ever growing fleet of assets with new and expanded policies:

Mondoo HTTP Security policy now includes checks to ensure Server, X-AspNetMvc-Version, X-AspNet-Version, X-Powered-By, and Public-Key-Pins HTTP headers are not set.
CIS Azure Foundations benchmark policy includes 8 new checks as well as filter and query improvements.
Mondoo Endpoint Detection and Response (EDR) policy now includes support for Cortex XDR.
AWS Operational Best Practices policy includes improved S3 bucket permission checks.

New console audit events

Keep tabs on changes made to your Mondoo organization and spaces with improved audit logging. New events recorded in the Mondoo Console audit log include:

Policies or frameworks enabled
Policies or frameworks disabled
Policies or frameworks put in preview
Risk factor configuration changes
Integrations created
Integrations deleted
Space settings modified
Registration tokens created
API tokens created
Compliance reports generated
Custom policy or framework uploads

Expanded query packs

Collect important asset inventory data with new and expanded query packs:

macOS Inventory Pack now collects system extensions information.
Shodan inventory pack now collects DNS NS records, subdomains, and domain tag information.
There's a new Event Log Collector for NTLMv1 query pack.
We added the Event Log Collector for SMBv1 query pack.

Resource updates

github.commit

New authoredDate field
New committedDate field

🐛 BUG FIXES AND UPDATES

Add custom icons in the registry for AlmaLinux, BSI, Oracle Linux, Rocky Linux, and Arista.
Improve the consistency of table score headings throughout the console.
Improve descriptions in multiple CIS benchmark policies.
Improve handling of expired registration tokens in cnquery and cnspec.

🥳 Mondoo 11.19 is out! This release includes a new Shodan security policy, updates to existing security policies, and more!​

🎉 NEW FEATURES​

New Mondoo Shodan Security policy​

🧹 IMPROVEMENTS​

Risk summaries for vendor advisories​

Vulnerability detection on Windows Enterprise multi-session​

Compliance data in exports​

Expanded security policies​

New console audit events​

Expanded query packs​

Resource updates​

github.commit​

🐛 BUG FIXES AND UPDATES​