Mondoo 8.23 is out!
๐ฅณ Mondoo 8.23 is out! This release includes Mondoo Compliance Hub, improved asset configuration data, and more!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Compliance Hubโ
Are you struggling to achieve compliance with frameworks such as SOC 2, HIPAA, BSI, or PCI? Let the new Mondoo Compliance Hub do the heavy lifting for you. It automatically maps all of your existing security scans into the top compliance frameworks, allowing you to quickly view your progress towards compliance. And best of all, you'll never have to take a screenshot for manual evidence gathering again.
Learn more in our Simplifying Compliance: Introducing the Mondoo Compliance Hub blog post.
๐งน IMPROVEMENTSโ
Improved asset configuration dataโ
Last week we added new asset configuration data to the console, so you can quickly understand what Mondoo is scanning and where to find it in your infrastructure. This week we've improved that experience with an updated layout on the asset pages, improved DB type names for AWS RDS instances, and new data collection on Slack and Okta assets.
VMware policy improvementsโ
- Update CIS VMware ESXi 6.7 Benchmark from 1.2 to 1.3 with improved audit and remediation steps.
- Rework queries in CIS ESXi 6.7 and 7.0 benchmarks for improved reliability.
๐ BUG FIXES AND UPDATESโ
- Fix failures loading AWS assets in the console.
- Fix failure applying MS365 policies.
- Update the VMware appliance to Debian 12.
- Improve Linux OpenSSH checks to only run when OpenSSH is installed.
- Improve
Ensure SSH Protocol is set to 2
Linux query to only run on the appropriate OpenSSH releases. - Improve
Ensure access to the su command is restricted
Linux query to account foradmin
ormondoo
users. - Improve Postfix queries to also ensure that Postfix is running.
- Update Linux policies to use the
port
resource instead of the deprecatedsocketstats
resource. - Use bool value and not pointer in
aws.ec2.networkacl.entry.egress
resource. - Fix an issue that made MQL query compilation non-deterministic.
- Improve support for services on SUSE systems.
- Fix some package queries hanging on SUSE systems.
- Don't include ignored checks in the asset "Top Recommended Actions" tile.