Skip to main content

Mondoo 8.13 is out!

ยท 3 min read
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 8.13 is out! This release includes GCS/PostgreSQL Exports and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

Export data to PostgreSQL and Google Cloud Storageโ€‹

What good is your security data if it's locked up in your security tooling? Now you have even more options for continuously exporting Mondoo security and asset inventory data to PostgreSQL databases or Google Cloud Storage buckets.

Space data exported to Google Cloud Storage bucket:

Google Cloud Storage Bucket

Asset information in PostgreSQL

PostgreSQL table

๐Ÿงน IMPROVEMENTSโ€‹

Improved query result outputโ€‹

Query results now give you the context to dive in and fix issues:

Before:

cnquery run gcp project lunalectric -c 'gcp.project.gke.clusters.all(databaseEncryption["state"] == "NOT_ENCRYPTED")'
...
    [failed] [].all()
      actual:   [
        0: gcp.project.gkeService.cluster id = gcp.project.gkeService.cluster/7c50e440aa5c41cf8eff749a4f313953c4c974b985ab43d1b44871e7dbf3e9a7
        1: gcp.project.gkeService.cluster id = gcp.project.gkeService.cluster/db3328e173c84de49d92229c02378c9f59b69e0a568a4448b52b3d7ff2f201f6
      ]

Now:

cnquery run gcp project lunalectric -c 'gcp.project.gke.clusters.all(databaseEncryption["state"] == "NOT_ENCRYPTED")'
...
[failed] [].all()
  actual:   [
    0: gcp.project.gkeService.cluster {
      databaseEncryption[state]: "ENCRYPTED"
      name: "mondoo-gke-cluster-2"
    }
  ]
...

Align cnquery with cnspec bundle commandsโ€‹

To make it easier to remember which command to use, we've updated cnquery to use the same command syntax as cnspec when managing policy bundles.

  • cnquery bundle validate is now cnquery bundle lint
  • cnquery bundle upload is now cnquery bundle publish

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Fix a failure when scanning Terraform configs with a dynamic value in the map key name. Thanks for reporting this issue, @crcsmnky!
  • Remove the unused --pager and --no-pager flags from cnquery and cnspec. Thanks for this fix, @mariuskimmina!
  • Fix the --context flag not being honored when scanning Kubernetes clusters. Thanks for this fix, @mariuskimmina!
  • Reduce the memory usage of container scanning in the Mondoo Kubernetes Operator.
  • Fix incorrect Mondoo installation steps in the AWS guide.
  • Fix vulnerability advisory pages not listing impacted packages.
  • Don't display recommended policies to enable for the AWS integration if all are already enabled.
  • Change the "Pause scanning" menu item in export integrations to "Pause exports."
  • Fix the breadcrumbs and URLs for some policy checks not matching expected values.
  • Fix uploading query packs in the registry.
  • Allow renaming integrations.
  • Update several console pages to use the checks term instead of the legacy queries term.
  • Allow immediate rescheduling of failed exports.
  • Don't print more than 1024 lines of output in cnquery shell.
  • Fix output format when using the --output report flag.
  • Add defaults to the registrykey resource to improve output.
  • Improve error messages in registrykey resource.