Mondoo 8.16 is out!
π₯³ Mondoo 8.16 is out! This release includes new GCP VM instance snapshot scanning, new OCI auth options, and more!β
Get this release: Installation Docs | Package Downloads | Docker Container
π NEW FEATURESβ
Scan GCP virtual machine instancesβ
You need to scan your GCP VM instances for security misconfigurations and vulnerabilities, but you can't impact running production workloads with an agent installation. Now you can scan GCP VM instances using snapshots to quickly inspect systems without impacting running resources:
cnquery shell gcp instance instance-name --project-id your-project-123 --zone us-central1-a
β no Mondoo configuration file provided. using defaults
β discover related assets for 1 asset(s)
β resolved assets resolved-assets=1
β found target volume device name=/dev/sdc1
___ _ __ __ _ _ _ ___ _ __ _ _
/ __| '_ \ / _` | | | |/ _ \ '__| | | |
| (__| | | | (_| | |_| | __/ | | |_| |
\___|_| |_|\__, |\__,_|\___|_| \__, |
mondooβ’ |_| |___/ interactive shell
cnquery> platform.name
platform.name: "debian"
cnquery> packages
packages.list: [
0: package name="adduser" version="3.118"
1: package name="apparmor" version="2.13.6-10"
2: package name="apt" version="2.2.4"
3: package name="apt-transport-https" version="2.2.4"
4: package name="apt-utils" version="2.2.4"
5: package name="base-files" version="11.1+deb11u7"
6: package name="base-passwd" version="3.5.51"
...
π§Ή IMPROVEMENTSβ
Quicker integration setup with default namesβ
Naming things is hard, but with Mondoo integrations, you don't have to worry about it. Our integrations will automatically generate names for you, so you can start scanning sooner. If you change your mind later, you can always change the name when inspiration strikes.
Set OCI credential on the CLIβ
In Mondoo 8.10, we introduced support for scanning Oracle Cloud Infrastructure (OCI) in cnquery and cnspec. This week, we have extended that support to provide additional authentication options for your OCI account. You can now authenticate automatically using the OCI configuration on disk, or you can pass the authentication values on the CLI if your workstation is not set up to communicate with OCI.
cnquery shell oci --tenancy TENANCY_VALUE --user USER_VALUE --region REGION_VALUE --fingerprint FINGERPRINT_VALUE --key-path PATH_TO_KEY
π BUG FIXES AND UPDATESβ
- Add missing SUSE security advisory data to CVEs.
- Add randomization to the cnspec scan time when running as a service to prevent spikes in network traffic and/or hypervisor load.
- Add support for dict types in the
.flat()
helper. - Allow closing the resource details page in the asset resource explorer to make navigation easier.
- Allow sorting by all columns in web shared reports.
- Fix a blank page displaying while setting up S3 compatible integrations.
- Fix an extra scrollbar that was displayed in the asset resource explorer.
- Fix incorrect focus for the platform tiles in the fleet view.
- Fix incorrect types being returned by the MQL
.flat()
helper in some scenarios. - Fix potential failures in the macOS security policy checking user plist files.
- Fix repetitive wording in the AWS Integration breadcrumbs.
- Fix some CVE data not displaying for assets in the EU region.
- Fix the shared reports summary email to include the proper number of failed checks.
- Fix uploading of query packs to the registry.
- Fix vulnerability report for Windows client releases.
- Improve the performance of selections in the Risk Actions page.
- Improve the target score setup in Risk Actions to make it more clear what the recommended score is.
- Multiple fixes to the CIS Distribution Independent Linux Benchmark policy to better work with Photon Linux.
- Only show integration error messages when the integration has an error and is failing to scan.
- Remove a copy link icon in the asset resource explorer that didn't produce a working link.