Skip to main content

Mondoo 11.41 is out!

ยท 3 min read
Tim Smith
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 11.41 is out! This release includes RDS cluster support, improved asset navigation, new resources, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐Ÿงน IMPROVEMENTSโ€‹

AWS RDS Cluster supportโ€‹

AWS account scans now include automatic discovery of RDS clusters. Cluster assets appear on the Assets page in a new RDS Clusters group and each asset includes full inventory information.

RDS Cluster Scan

More view options for asset listsโ€‹

We've updated the Assets page to make finding and selecting the assets you care about easier than ever. Improved search results show just the asset groups that include results. A new empty state makes it more clear when no assets match your search. New group and list icons let you switch between views: organize by platform groups or display a single list so you can sort and select all assets of a certain asset group at once.

Asset selection

Resource updatesโ€‹

azure.subscription.cloudDefenderServiceโ€‹

  • New settingsMCAS, settingsWDATP, and settingsSentinel fields using the new azure.subscription.cloudDefenderService.settings resource

azure.subscription.cloudDefenderService.securityContactโ€‹

  • Deprecate alertNotifications in favor of the new notificationSources field

azure.subscription.webService.appsiteโ€‹

  • New ftp and scm fields using the new azure.subscription.webService.appsite.basicPublishingCredentialsPolicies resource

microsoftโ€‹

  • New users field using the new microsoft.users resource
  • New roles field using the new microsoft.roles resource

sshd.configโ€‹

  • New context field using the new file.context resource

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Prefer the --token command line flag over the GITHUB_TOKEN environmental variable when both are present.
  • Display asset platforms in search results.
  • Preselect ticket email recipient values when only a single option exists in the drop down menu.
  • When a user selects "Create ticket," don't show the "All Assets" and "Selected Assets" options if there's only one asset.
  • Don't show policies or checks counts on third-party integration pages.
  • Show a friendly empty state when a filter on the Assets page returns no results.
  • Don't show empty asset groups when filtering on the Assets page.
  • Display a friendly error if an exception cannot be created.
  • Don't require new users in a private instance to activate the region.
  • Improve the reliability of AWS region fetching in low-privilege environments.
  • Fix risk factors settings in the security model configuration not applying in some cases.
  • Adjust score weighting for risk factors to better prioritize findings.
  • Don't zip one-file PDF reports so users can open them directly in the browser.
  • Improve the reliability of SBOM generation.
  • Fix the namespace of PURLs on Red Hat Enterprise Linux systems.
  • Improve the reliability of risk factor counts on finding pages.