Mondoo 7.5 is out!
ยท 3 min read
๐ฅณ Mondoo 7.5 is out! This release includes faster GitHub Actions execution and improved CIS policies!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Faster GitHub Action Executionโ
Problem: The Mondoo GitHub Action could rapidly scan content in your CI pipelines, but was slow to install and setup Mondoo Client during each run.
Solution: We've refactored the Mondoo GitHub Action to use our new cnspec container image. Not only do you get our latest command line experience, but also there's no need to install Mondoo Client during your GitHub jobs. This can reduce the time it takes to run your job by 30 seconds to 1 minute, getting you results quicker in your CI pipelines.
๐งน IMPROVEMENTSโ
Additional CIS Linux Controlsโ
We've updated our CIS Linux policies to implement the following controls:
- AlmaLinux 8: Ensure FTP client is not installed
- AlmaLinux 8: Ensure rsync-daemon is not installed or the rsyncd service is masked
- Debian 8: Ensure inetd is not installed
- Debian 9: Ensure SELinux is enabled in the bootloader configuration
- Debian 10: Ensure syslog-ng is configured to send logs to a remote log host
- RHEL 6: Ensure augenrules is enabled
- RHEL 8: Ensure journald is not configured to receive logs from a remote client
- RHEL 8: Ensure rsyslog is not configured to receive logs from a remote client
- RHEL 8: Ensure rsyslog is not configured to receive logs from a remote client
- SLES 11: Ensure only approved ciphers are used
- SLES 11: Ensure password expiration is 90 days or less
- SLES 12: Ensure IPv6 firewall rules exist for all open ports
- Ubuntu 14.04: Ensure password expiration is 90 days or less
- Ubuntu 20.04: Ensure syslog-ng is configured to send logs to a remote log host
๐ BUG FIXES AND UPDATESโ
- Fail early and show an error when an invalid GitHub token is provided instead of creating an asset with all errored scans.
- Correctly detect AWS EC2 asset names when scanning them over EC2 Instance Connect or SSM.
- Correctly detect platform names when scanning containers.
- Fix loading of spaces when older assets with an unrecognized asset type are present.
- Fix login failures for some users in the Mondoo EU region.
- Improve the reliability of CI/CD asset cleanup.
- Improve fetching of CVE data for Rocky Linux.