Mondoo 11.5 is out!

May 21, 2024 · 4 min read

Tim Smith

Mondoo Core Team

🥳 Mondoo 11.5 is out! This release includes new full-text search, Mondoo-hosted AWS scanning, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

Full-text search of assets, vulnerabilities, policies, and more

Expand search from just assets to everything in your Mondoo organization. New full-text search allows you to find spaces, assets, checks, CVEs, and vendor advisories with plain text searches.

Curious what Mondoo knows about RDS in your environment? Search for "RDS" to quickly see RDS database instances and the specific RDS checks applied in any space:

Full Text Search for RDS

Scan AWS however you please

Life is all about choice! At Mondoo we think how you scan your assets should be up to you. Thats's why we're extending our existing AWS scanning capabilities to include a new Mondoo-hosted AWS integration, allowing you to quickly set up AWS account scanning without the installation of agent code.

Our existing serverless (Lambda) integration is still available. It provides a higher level of security as well as advanced instance scanning capabilities. To help you decide which is best for you, the AWS integration setup page breaks down the pros and cons of each scanning method.

AWS Integration Setup Screen

If you're already using the existing serverless AWS integration, don't feel left out. A whole new integration page management experience awaits you to better expose the current configuration, potential scanning errors, and discovered assets. You can also name your new or existing integrations with more human-friendly titles... because no one should have to remember which 12-digit Amazon account ID belongs to production and which is dev.

AWS Serverless Integration Configuration Tab

🧹 IMPROVEMENTS

Azure Database for PostgreSQL flexible server support

Secure your Azure Database for PostgreSQL flexible servers with expanded Azure Database support in Mondoo. Query database instance configuration with the new azure.subscription.postgreSql.flexibleServers resource or ensure proper security settings have been applied with updates to the CIS Azure Foundation benchmark policies and the Mondoo Azure Security policy.

Mondoo Flexible PostgreSQL Asset

Resource improvements

aws.ec2.instance

New tpmSupport field

aws.ec2.instance.device

Improve default fields displayed in cnquery shell

aws.organization

New accounts field

aws.rds.backupsetting

New resource for RDS DB cluster and instance backup settings

aws.rds.dbcluster

New backupSettings field

aws.rds.dbinstance

New backupSettings field

azure.subscription.postgreSqlService.flexibleServer

New resource for Azure Data for PostgreSQL - Flexible Servers

microsoft.group

New groupTypes field
New membershipRule field
New membershipRuleProcessingState field

ms365.teams.teamsMeetingPolicyConfig

New allowExternalNonTrustedMeetingChat field

ms365.teams.teamsMessagingPolicyConfig

New resource for Microsoft 365 messaging policy

ms365.exchangeonline.reportSubmissionPolicy

New resource for Microsoft 365 report submission policies

ms365.exchangeonline.teamsProtectionPolicy

New resource for Microsoft 365 Teams protection policy

View GitHub integration types

Quickly find your repository and organization GitHub integrations with a new Type column in the integrations list page.

GitHub Integration Page

GitHub-app-based authentication

Do you want to scan your GitHub organizations and repos, but don't like the idea of using GitHub API tokens? Now you can scan GitHub organizations and repositories using cnspec and GitHub application authentication.

cnspec scan github org MY_ORG --app-id MY_APP_ID --app-installation-id MY_APP_INSTALL_ID --app-private-key PATH_TO_PEM_FILE

🐛 BUG FIXES AND UPDATES

Fix truncated policy names in some CIS benchmark policies.
Resolve an error creating service accounts with multiple permissions.
Add additional checks to the CIS GKE benchmark policy.
Fix handling of host scans with the --insecure flag.
Improve handling of semver values in MQL.
Prevent a potential memory leak when running as a service.
Don't crop the names of longer CIS benchmark policies.
Fix space overview tooltip display in light mode.
Display "Never" for the last update time when an integration has never run.
Improve the display of risk factors on the Vulnerabilities Affected Assets page.
Improve spacing on the spaces list page.
Fix confusing wording in the EPSS score descriptions.

🥳 Mondoo 11.5 is out! This release includes new full-text search, Mondoo-hosted AWS scanning, and more!​

🎉 NEW FEATURES​

Full-text search of assets, vulnerabilities, policies, and more​

Scan AWS however you please​

🧹 IMPROVEMENTS​

Azure Database for PostgreSQL flexible server support​

Resource improvements​

aws.ec2.instance​

aws.ec2.instance.device​

aws.organization​

aws.rds.backupsetting​

aws.rds.dbcluster​

aws.rds.dbinstance​

azure.subscription.postgreSqlService.flexibleServer​

microsoft.group​

ms365.teams.teamsMeetingPolicyConfig​

ms365.teams.teamsMessagingPolicyConfig​

ms365.exchangeonline.reportSubmissionPolicy​

ms365.exchangeonline.teamsProtectionPolicy​

View GitHub integration types​

GitHub-app-based authentication​

🐛 BUG FIXES AND UPDATES​