Skip to main content

Mondoo 5.38.1 is out!

ยท 2 min read
Tim Smith
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 5.38.1 is out. This release includes policy updates and lays the foundation for big things to comeโ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


๐ŸŽ‰ NEW FEATURESโ€‹

Ubuntu 20.04 CIS Benchmark Certificationโ€‹

The Mondoo Ubuntu 20.04 Level 1 and Level 2 CIS Benchmarks are now officially CIS certified. See the Mondoo cisecurity.org page for a complete list of our CIS certified benchmarks and stay tuned for more certified benchmarks in the coming weeks.

๐Ÿงน IMPROVEMENTSโ€‹

Kubernetes Operator Updates

Our Mondoo Kubernetes Operator has seen yet another round of important improvements as we work towards the general availability of the operator next week. Kubernetes cluster node scanning now occurs using a Kubernetes CronJob instead of running the agent at all times on each node, saving CPU and memory resources. We've also added some behind the scenes capabilities required for registering the operator using a short-lived registration token instead of a full Mondoo service account. This keeps secrets out of the user's shell history when configuring the operator in the cluster. Our upcoming integrations setup workflow in the Mondoo Console will use this new capability to securely deploy the operator to your clusters.

๐Ÿ› BUGFIXESโ€‹

  • Fix incorrect remediation steps for multiple queries in the Linux Security Baseline by Mondoo policy:
    • Ensure the audit configuration is immutable
    • Ensure permissions on /etc/passwd- are configured
    • Ensure permissions on /etc/group- are configured
  • Fix errors in Linux Security Baseline by Mondoo policy when /etc/passwd- or /etc/gshadow- doesn't exist.
  • Fix errors in Kubernetes Application Benchmark by Mondoo's query Pod should not run with default service account.