Skip to main content

Mondoo 8.5 is out!

ยท 3 min read
Tim Smith
Tim Smith
Mondoo Core Team

๐Ÿฅณ Mondoo 8.5 is out! This release includes new security/CVE dashboards, a new policy management experience, S3 exports, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

Vulnerabilities dashboardโ€‹

We've added a new vulnerabilities dashboard where you can quickly see the most vulnerable assets in your infrastructure and tackle the most critical issues first.

Vulnerabilities Dashboard

Security dashboard and policy viewโ€‹

We've created a new section in the console navigation just for security concerns, with a new security dashboard and a policy view page. The security dashboard shows the most pressing policies and assets, exposing the top actions that should be remediated to secure your infrastructure.

Security Dashboard

With the new policies view, you can dive into scores by policy and see failing assets for each policy.

Policy View

Security Registryโ€‹

Say hello to the Mondoo Security Registry, your new space for managing policies in Mondoo. The all-new UI in the Security Registry makes finding the policies you need for your space easier and quicker. You can search and filter by policy type right on the main page, so there's no need to dive deeper to add or remove policies. It displays important information such as the policy author, number of checks, and policy description for each policy, so you quickly evaluate policies without multiple clicks. Want to enable or disable a policy? Just toggle the policy from the main page.

Security Registry

We've also redesigned the individual policy pages to help you better understand which checks are included in policies. Checks for particular technologies or subsystems are now bundled together in groups for easier browsing.

Policy Page

You can also view available properties in each check to see how you can customize policy behavior for your organization.

Policy Properties

Amazon S3 and S3-compatible exportsโ€‹

You can now export your Mondoo data to S3 and S3-compatible storage systems automatically. Export data in JSONL or CSV formats. Mondoo runs each export daily.

S3 Export Setup

๐Ÿงน IMPROVEMENTSโ€‹

Scan with friendly policy namesโ€‹

You can now run cnquery and cnspec scans by specifying the friendly, short name of the policy shown in the Security Registry.

cnspec scan okta --organization dev-12345.okta.com --token $OKTA_TOKEN --policy mondoohq/mondoo-okta-security

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Fix failures to apply local cnquery query packs.
  • Improve parsing of UNIX uptime on some systems.
  • Improve policy descriptions and add license information to policies.