Skip to main content

Mondoo 8.28 is out!

ยท 2 min read
Tim Smith
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 8.28 is out! This release includes fine-grained GitLab scanning and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

Fine grained scanning of GitLab assetsโ€‹

Mondoo now offers more detailed scanning capabilities for GitLab assets. Instead of the previous single gitlab asset, Mondoo now provides separate gitlab-group and gitlab-project assets. When scanning your GitLab group, both cnspec and cnquery now automatically detect each project within your group. This enhanced granularity in asset scans improves the accuracy of scan results and allows for setting exceptions for specific projects.

 cnspec scan gitlab --group lunalectric
โ†’ loaded configuration from /Users/luna/.config/mondoo/mondoo.yml using source default
โ†’ using service account credentials
โ†’ discover related assets for 1 asset(s)
โ†’ resolved assets resolved-assets=37
โ†’ synchronize assets
 lunalectric / rockets_101         โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ” 100%
 lunalectric / oxygen_generator    โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ” 100%
 lunalectric / space_cats          โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ” 100%
 lunalectric / rover_design        โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ” 100%
 lunalectric / human_habitats      โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ” 100%
 ...

๐Ÿงน IMPROVEMENTSโ€‹

Runtime data in AWS Lambda function resourceโ€‹

The aws.lambda.function MQL resource now includes a new runtime field that displays the runtime environment of the function. Thanks for this addition @mbainter!

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Fix a panic viewing some asset data in the asset resources tab.
  • Add more user-friendly control titles to the SOC 2 compliance framework.
  • Show 0% check completion instead of โ€œUnknownโ€ when appropriate in compliance controls.
  • Automatically close the search box when results display.
  • Fix hardware systems incorrectly identifying as Azure VMs in asset configuration data.
  • Improve reliability of the CIS Ensure GDM login banner is configured check on RHEL based systems.
  • Prevent errors in the CIS Ensure filesystem integrity is regularly checked check when the aide package is not installed.