Skip to main content

Mondoo 11.41 is out!

· 3 min read
Tim Smith
Tim Smith
Mondoo Core Team

🥳 Mondoo 11.41 is out! This release includes RDS cluster support, improved asset navigation, new resources, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🧹 IMPROVEMENTS

AWS RDS Cluster support

AWS account scans now include automatic discovery of RDS clusters. Cluster assets appear on the Assets page in a new RDS Clusters group and each asset includes full inventory information.

RDS Cluster Scan

More view options for asset lists

We've updated the Assets page to make finding and selecting the assets you care about easier than ever. Improved search results show just the asset groups that include results. A new empty state makes it more clear when no assets match your search. New group and list icons let you switch between views: organize by platform groups or display a single list so you can sort and select all assets of a certain asset group at once.

Asset selection

Resource updates

azure.subscription.cloudDefenderService

  • New settingsMCAS, settingsWDATP, and settingsSentinel fields using the new azure.subscription.cloudDefenderService.settings resource

azure.subscription.cloudDefenderService.securityContact

  • Deprecate alertNotifications in favor of the new notificationSources field

azure.subscription.webService.appsite

  • New ftp and scm fields using the new azure.subscription.webService.appsite.basicPublishingCredentialsPolicies resource

microsoft

  • New users field using the new microsoft.users resource
  • New roles field using the new microsoft.roles resource

sshd.config

  • New context field using the new file.context resource

🐛 BUG FIXES AND UPDATES

  • Prefer the --token command line flag over the GITHUB_TOKEN environmental variable when both are present.
  • Display asset platforms in search results.
  • Preselect ticket email recipient values when only a single option exists in the drop down menu.
  • When a user selects "Create ticket," don't show the "All Assets" and "Selected Assets" options if there's only one asset.
  • Don't show policies or checks counts on third-party integration pages.
  • Show a friendly empty state when a filter on the Assets page returns no results.
  • Don't show empty asset groups when filtering on the Assets page.
  • Display a friendly error if an exception cannot be created.
  • Don't require new users in a private instance to activate the region.
  • Improve the reliability of AWS region fetching in low-privilege environments.
  • Fix risk factors settings in the security model configuration not applying in some cases.
  • Adjust score weighting for risk factors to better prioritize findings.
  • Don't zip one-file PDF reports so users can open them directly in the browser.
  • Improve the reliability of SBOM generation.
  • Fix the namespace of PURLs on Red Hat Enterprise Linux systems.
  • Improve the reliability of risk factor counts on finding pages.