Skip to main content

Mondoo 8.20 is out!

ยท 2 min read
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 8.20 is out! This release includes Azure Blob Storage exports, updated asset inventory data, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

Azure Blob Storage exportsโ€‹

Continuously export your Mondoo security scan data to Azure storage blobs where external systems like Splunk can consume it.

Azure Blog Storage Exports

๐Ÿงน IMPROVEMENTSโ€‹

Expanded Linux / macOS inventory packsโ€‹

The macOS Inventory Pack and Linux Inventory Pack now include additional information to better identify systems in your infrastructure with CPU, memory, storage, and hardware model data collection.

Example output on macOS:

Retrieve the amount of physical memory:
parse.json.params[SPHardwareDataType].first[physical_memory]: "16 GB"

Retrieve the hostname:
os.hostname: "Tim-Smith.local"

Retrieve the machine model identifier:
parse.json.params[SPHardwareDataType].first[machine_model]: "MacBookPro18,3"

Retrieve the machine model name:
parse.json.params[SPHardwareDataType].first[machine_name]: "MacBook Pro"

Retrieve the model part number:
parse.json.params[SPHardwareDataType].first[model_number]: "MKGQ3LL/A"

Retrieve the system serial number:
parse.json.params[SPHardwareDataType].first[serial_number]: "GGJXG21234"

Retrieve the type of CPU:
parse.json.params[SPHardwareDataType].first[chip_type]: "Apple M1 Pro"

Example output on Linux:

Retrieve the size and filesystem type of the root volume:
command.stdout.trim: "56G ext4"

Retrieve the system manufacturer:
machine.baseboard.manufacturer: "ASUSTeK COMPUTER INC."

Retrieve the system product name:
machine.baseboard.product: "H87I-PLUS"

Retrieve the type of CPU:
command.stdout.trim: "Intel(R) Core(TM) i7-4785T CPU @ 2.20GHz"

Retrieve the amount of physical memory:
command.stdout.trim.+: "16636M"

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Discover private repos when scanning GitHub organizations.
  • Add --discover organization to the GitHub provider to scan just the organization itself, not repos within the organization.
  • Remove unnecessary AWS tag collection from the AWS global DynamoDB table discovery.
  • Don't collect the root user in "Collect regular user" query pack queries.
  • Add missing impact to CIS GKE Benchmark Level 1.
  • Don't show the unnecessary Mondoo Job Environment platform overview information for Kubernetes assets.
  • Fix the Mondoo Kubernetes Operator to properly report container scanning status.
  • Don't fail a data export if CVE data cannot be found.
  • Ensure that all JSON data in exports can be properly parsed by Splunk.
  • Ensure Azure question packs in the registry show the correct icons.