Skip to main content

Mondoo 8.20 is out!

· 2 min read
Tim Smith
Tim Smith
Mondoo Core Team

🥳 Mondoo 8.20 is out! This release includes Azure Blob Storage exports, updated asset inventory data, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

Azure Blob Storage exports

Continuously export your Mondoo security scan data to Azure storage blobs where external systems like Splunk can consume it.

Azure Blog Storage Exports

🧹 IMPROVEMENTS

Expanded Linux / macOS inventory packs

The macOS Inventory Pack and Linux Inventory Pack now include additional information to better identify systems in your infrastructure with CPU, memory, storage, and hardware model data collection.

Example output on macOS:

Retrieve the amount of physical memory:
parse.json.params[SPHardwareDataType].first[physical_memory]: "16 GB"

Retrieve the hostname:
os.hostname: "Tim-Smith.local"

Retrieve the machine model identifier:
parse.json.params[SPHardwareDataType].first[machine_model]: "MacBookPro18,3"

Retrieve the machine model name:
parse.json.params[SPHardwareDataType].first[machine_name]: "MacBook Pro"

Retrieve the model part number:
parse.json.params[SPHardwareDataType].first[model_number]: "MKGQ3LL/A"

Retrieve the system serial number:
parse.json.params[SPHardwareDataType].first[serial_number]: "GGJXG21234"

Retrieve the type of CPU:
parse.json.params[SPHardwareDataType].first[chip_type]: "Apple M1 Pro"

Example output on Linux:

Retrieve the size and filesystem type of the root volume:
command.stdout.trim: "56G ext4"

Retrieve the system manufacturer:
machine.baseboard.manufacturer: "ASUSTeK COMPUTER INC."

Retrieve the system product name:
machine.baseboard.product: "H87I-PLUS"

Retrieve the type of CPU:
command.stdout.trim: "Intel(R) Core(TM) i7-4785T CPU @ 2.20GHz"

Retrieve the amount of physical memory:
command.stdout.trim.+: "16636M"

🐛 BUG FIXES AND UPDATES

  • Discover private repos when scanning GitHub organizations.
  • Add --discover organization to the GitHub provider to scan just the organization itself, not repos within the organization.
  • Remove unnecessary AWS tag collection from the AWS global DynamoDB table discovery.
  • Don't collect the root user in "Collect regular user" query pack queries.
  • Add missing impact to CIS GKE Benchmark Level 1.
  • Don't show the unnecessary Mondoo Job Environment platform overview information for Kubernetes assets.
  • Fix the Mondoo Kubernetes Operator to properly report container scanning status.
  • Don't fail a data export if CVE data cannot be found.
  • Ensure that all JSON data in exports can be properly parsed by Splunk.
  • Ensure Azure question packs in the registry show the correct icons.