Skip to main content

Mondoo 11.3 is out!

ยท 3 min read
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 11.3 is out! This release includes new Kubernetes policies, GitHub org scanning support, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

All-new CIS Kubernetes policiesโ€‹

Mondoo now includes the latest CIS Kubernetes benchmark policies for self-managed Kubernetes clusters, EKS, AKS, and GKE. These policies include the latest CIS recommendations as well as all-new queries for improved output so you can remediate issues more quickly.

GitHub organization scanningโ€‹

Set it and forget it with complete GitHub organization scanning. Configure the integration one time and scan new repositories as they're created so you're never caught off guard.

Organization scanning options

Need more control over what's scanned? Specify individual repositories to include in the scan, or repos you'd like skipped.

Scan filtering options

Scanning on the command line? Enjoy a 10x performance improvement and new scalability improvements to scan large organizations.

๐Ÿงน IMPROVEMENTSโ€‹

Better understand risks of affected assetsโ€‹

CVE and advisory pages now include the count of individual risk factors, so you can better understand the distribution of risk throughout your infrastructure.

Risk assessment counts

Cancel running AWS integration scansโ€‹

Cancel all running AWS instance scans for your organization or account directly from the integration page with a new "Cancel Scans" option on the ellipsis menu.

Cancel running scans

Resource updatesโ€‹

github.organizationโ€‹

  • Add hasOrganizationProjects field
  • Add hasRepositoryProjects field

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Prevent empty asset names when scanning operating systems.
  • Don't fail when using the JUnit output formatter if a policy bundle is empty.
  • Don't require delete run commands permission to scan VMs in Azure.
  • Fix failures in the aws.elb.loadbalancer resource when used with --discover resources.
  • Improve asset overview data for various AWS assets when scanning with --discover resources.
  • Improve performance of asset platform detection.
  • Improve the space dashboard experience when scanning VMware and Azure assets.
  • Better handle empty author and committer data in GitHub repo scans.
  • Fix a failure loading some asset scans.
  • Fix breadcrumbs on CVE and advisory pages.
  • Improve rendering of the affected assets page risk factors on narrow displays.
  • Improve rendering of inventory list platform badges on narrow displays.
  • On individual check pages, show more of the check description text before truncating it with a Show More link.
  • Use a clearer icon for generating compliance reports from framework pages.
  • Display more useful error messages if an asset cannot be displayed in the console.
  • Improve rendering of risk factor icons throughout the console.