Mondoo 8.14 is out!
๐ฅณ Mondoo 8.14 is out! This release includes support for the Okta Terraform provider, CIS 2.0 Benchmarks for Windows, Debian 12 support, and more!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Okta security policy in Terraformโ
In addition to our existing support for scanning Okta organizations, Mondoo now provides Okta security guidance for users of the Okta Terraform provider from the HashiCorp Terraform Registry.
Mondoo now provides Okta HealthInsight recommendations at all stages of the Terraform lifecycle:
- Terraform HCL
- Terraform Plan
- Terraform State
- Okta API / Runtime
Get started with the latest version of the Mondoo Okta Organization Security policy.
๐งน IMPROVEMENTSโ
Debian 12 supportโ
In line with the June 10th release of Debian 12 "Bookworm," Mondoo now fully supports Debian 12 operating systems. Mondoo automatically tracks and reports on security advisories for Debian 12 and all official packages, and will report on EOL dates for this release.
Windows CIS Benchmark Policies updated to version 2.0โ
Mondoo now supports version 2.0 of the CIS Benchmark for Windows. The CIS benchmarks are prescriptive configuration recommendations for IT systems from the Center for Internet Security (CIS). They are developed through a consensus-based process involving global cybersecurity experts, and evolve over time to meet new threats.
The latest Windows CIS Benchmark policies include new security checks as well as improved audit & remediation documentation.
Windows 10โ
CIS Microsoft Windows 10 Enterprise Benchmark - Level 1 (L1) - Corporate/Enterprise Environment (general use) CIS Microsoft Windows 10 Enterprise Benchmark - Level 1 (L1) + BitLocker (BL) CIS Microsoft Windows 10 Enterprise Benchmark - Next Generation Windows Security (NG) - optional add-on for use in the newest hardware and configuration environments CIS Microsoft Windows 10 Enterprise Benchmark - Level 2 (L2) + BitLocker (BL) CIS Microsoft Windows 10 Enterprise Benchmark - Level 2 (L2) - High Security/Sensitive Data Environment (limited functionality)
Windows 11โ
CIS Microsoft Windows 11 Enterprise Benchmark - Level 1 (L1) - Corporate/Enterprise Environment (general use) CIS Microsoft Windows 11 Enterprise Benchmark - Level 1 (L1) + BitLocker (BL) CIS Microsoft Windows 11 Enterprise Benchmark - Level 2 (L2) + BitLocker (BL) CIS Microsoft Windows 11 Enterprise Benchmark - Level 2 (L2) - High Security/Sensitive Data Environment (limited functionality) CIS Microsoft Windows 11 Enterprise Benchmark - Next Generation Windows Security (NG) - optional add-on for use in the newest hardware and configuration environments
Windows 2016โ
CIS Microsoft Windows Server 2016 Benchmark - Level 1 - Member Server CIS Microsoft Windows Server 2016 Benchmark - Level 2 - Member Server CIS Microsoft Windows Server 2016 Benchmark - Next Generation Windows Security - Member Server CIS Microsoft Windows Server 2016 Benchmark - Level 1 - Domain Controller CIS Microsoft Windows Server 2016 Benchmark - Level 2 - Domain Controller CIS Microsoft Windows Server 2016 Benchmark - Next Generation Windows Security - Domain Controller
Windows 2019โ
CIS Microsoft Windows Server 2019 Benchmark - Level 1 - Member Server CIS Microsoft Windows Server 2019 Benchmark - Level 2 - Member Server CIS Microsoft Windows Server 2019 Benchmark - Next Generation Windows Security - Member Server CIS Microsoft Windows Server 2019 Benchmark - Level 1 - Domain Controller CIS Microsoft Windows Server 2019 Benchmark - Level 2 - Domain Controller CIS Microsoft Windows Server 2019 Benchmark - Next Generation Windows Security - Domain Controller
Windows 2022โ
CIS Microsoft Windows Server 2022 Benchmark - Level 1 - Member Server CIS Microsoft Windows Server 2022 Benchmark - Level 2 - Member Server CIS Microsoft Windows Server 2022 Benchmark - Next Generation Windows Security - Member Server CIS Microsoft Windows Server 2022 Benchmark - Level 1 - Domain Controller CIS Microsoft Windows Server 2022 Benchmark - Level 2 - Domain Controller CIS Microsoft Windows Server 2022 Benchmark - Next Generation Windows Security - Domain Controller
๐ BUG FIXES AND UPDATESโ
- Don't show unnecessary output columns when running
cnspec bundle lint
. - Update the Linux Security policy by Mondoo to suggest masking some services to prevent starts.
- Fix error messages when running
.none()
MQL queries. - Fix duplicate labels in the Kubernetes operator Helm chart that prevented installation.
- Fix the
.where()
and.contains()
MQL helpers to properly handle comparisons of variables. - Add missing KMS controls to the Google GKE CIS Benchmarks.
- Improve checks in the Terraform HCL Security Static Analysis for AWS/GCP policies to work with multiple providers with the same name.