Mondoo 11.27 is out!
๐ฅณ Mondoo 11.27 is out! This release includes simplified policy management, Shodan scanning, and more!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Simplified policy and query pack managementโ
Say goodbye to the Registry and hello to simplified policy management and insights. A more intuitable organization puts the content you need at your fingertips:
-
All the tasks you perform with policies are now accessible under Security.
-
All the tasks you perform with query packs are now accessible under Inventory.
-
All the tasks you perform with frameworks are now accessible under Compliance.
We listened to your feedback and made it easier to see what content is enabled and to enable or disable those policies, query packs, and frameworks. Customization is within closer reach with improved management of custom content and configuration of scoring vs. preview policies.
Understand external exposure with continuous Shodan scansโ
Gain visibility into your infrastructure's external exposure with continuous Shodan scanning. Our new Shodan integration allows you to automatically monitor domains, IPs, and even entire IP blocks for external risk.
Paired with our new Shodan Security policy and query pack, this scanning provides critical insights into what attackers know about your systems. Now you can prioritize essential fixes effectively.
Search available integrationsโ
Quickly find the exact integration you're looking for with search on the integrations page.
๐งน IMPROVEMENTSโ
Support non-ASCII characters in space and organization namesโ
We got a bit wrapped up in 'Merica and tossed a few too many bald eagles on the space and organization creation pages. The eagles have been relocated and now customers across the globe can safely create spaces and organizations with all your favorite non-ASCII characters.
Updated CIS VMware benchmark policiesโ
Secure your critical VMware infrastructure with the latest recommendations from The Center for Internet Security (CIS):
- CIS VMware ESXi 6.7 Benchmark v1.4.0
- CIS VMware ESXi 7.0 Benchmark v1.4.0
- CIS VMware ESXi 8.0 Benchmark v1.1.0
๐ BUG FIXES AND UPDATESโ
- Improve email address validation in integration setup pages.
- Add GitHub token validation to GitHub integrations.
- Update GitHub integration setup instructions to better clarify required vs. optional fields.
- Fix rendering of dividers on integration status pages.
- Fix display of Windows setup commands on the workstation integration page.
- Improve the display of policies with multiple authors.
- Improve the alignment and display of risk factor icons on vulnerability, advisory, and check pages.
- Show larger descriptions by default on advisory and CVE pages.
- Improve the layout of EC2 filtering options in the AWS serverless integration setup.
- Improve alignment of text in affected asset, top vulnerabilities, and top security findings tables.
- Fix application of some policies on Terraform assets.
- Identify the new 14" MacBook Pro M4 in the asset overview.
- Improve the reliability of queries in the Mondoo Microsoft Azure Security policy.
- Fix a failure to load some older AWS serverless integrations.
- Fix a failure scanning in the
ms365.exchangeonline.reportSubmissionPolicyresource. - Expose additional labels on Amazon ECS containers.
- Support scanning Shodan assets using an inventory file.
- Improve command line help for Snowflake and Slack.
- Display the cnspec version used to scan hosted integration assets in the asset configuration.