Skip to main content

Mondoo 11.5 is out!

ยท 4 min read
Mondoo Core Team

๐Ÿฅณ Mondoo 11.5 is out! This release includes new full-text search, Mondoo-hosted AWS scanning, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


Full-text search of assets, vulnerabilities, policies, and moreโ€‹

Expand search from just assets to everything in your Mondoo organization. New full-text search allows you to find spaces, assets, checks, CVEs, and vendor advisories with plain text searches.

Curious what Mondoo knows about RDS in your environment? Search for "RDS" to quickly see RDS database instances and the specific RDS checks applied in any space:

Full Text Search for RDS

Scan AWS however you pleaseโ€‹

Life is all about choice! At Mondoo we think how you scan your assets should be up to you. Thats's why we're extending our existing AWS scanning capabilities to include a new Mondoo-hosted AWS integration, allowing you to quickly set up AWS account scanning without the installation of agent code.

Our existing serverless (Lambda) integration is still available. It provides a higher level of security as well as advanced instance scanning capabilities. To help you decide which is best for you, the AWS integration setup page breaks down the pros and cons of each scanning method.

AWS Integration Setup Screen

If you're already using the existing serverless AWS integration, don't feel left out. A whole new integration page management experience awaits you to better expose the current configuration, potential scanning errors, and discovered assets. You can also name your new or existing integrations with more human-friendly titles... because no one should have to remember which 12-digit Amazon account ID belongs to production and which is dev.

AWS Serverless Integration Configuration Tab


Azure Database for PostgreSQL flexible server supportโ€‹

Secure your Azure Database for PostgreSQL flexible servers with expanded Azure Database support in Mondoo. Query database instance configuration with the new azure.subscription.postgreSql.flexibleServers resource or ensure proper security settings have been applied with updates to the CIS Azure Foundation benchmark policies and the Mondoo Azure Security policy.

Mondoo Flexible PostgreSQL Asset

Resource improvementsโ€‹


  • New tpmSupport field


  • Improve default fields displayed in cnquery shell


  • New accounts field


  • New resource for RDS DB cluster and instance backup settings


  • New backupSettings field


  • New backupSettings field



  • New groupTypes field
  • New membershipRule field
  • New membershipRuleProcessingState field


  • New allowExternalNonTrustedMeetingChat field


  • New resource for Microsoft 365 messaging policy


  • New resource for Microsoft 365 report submission policies


  • New resource for Microsoft 365 Teams protection policy

View GitHub integration typesโ€‹

Quickly find your repository and organization GitHub integrations with a new Type column in the integrations list page.

GitHub Integration Page

GitHub-app-based authenticationโ€‹

Do you want to scan your GitHub organizations and repos, but don't like the idea of using GitHub API tokens? Now you can scan GitHub organizations and repositories using cnspec and GitHub application authentication.

cnspec scan github org MY_ORG --app-id MY_APP_ID --app-installation-id MY_APP_INSTALL_ID --app-private-key PATH_TO_PEM_FILE


  • Fix truncated policy names in some CIS benchmark policies.
  • Resolve an error creating service accounts with multiple permissions.
  • Add additional checks to the CIS GKE benchmark policy.
  • Fix handling of host scans with the --insecure flag.
  • Improve handling of semver values in MQL.
  • Prevent a potential memory leak when running as a service.
  • Don't crop the names of longer CIS benchmark policies.
  • Fix space overview tooltip display in light mode.
  • Display "Never" for the last update time when an integration has never run.
  • Improve the display of risk factors on the Vulnerabilities Affected Assets page.
  • Improve spacing on the spaces list page.
  • Fix confusing wording in the EPSS score descriptions.