Skip to main content

Mondoo 8.5 is out!

· 3 min read
Tim Smith
Tim Smith
Mondoo Core Team

🥳 Mondoo 8.5 is out! This release includes new security/CVE dashboards, a new policy management experience, S3 exports, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

🎉 NEW FEATURES

Vulnerabilities dashboard

We've added a new vulnerabilities dashboard where you can quickly see the most vulnerable assets in your infrastructure and tackle the most critical issues first.

Vulnerabilities Dashboard

Security dashboard and policy view

We've created a new section in the console navigation just for security concerns, with a new security dashboard and a policy view page. The security dashboard shows the most pressing policies and assets, exposing the top actions that should be remediated to secure your infrastructure.

Security Dashboard

With the new policies view, you can dive into scores by policy and see failing assets for each policy.

Policy View

Security Registry

Say hello to the Mondoo Security Registry, your new space for managing policies in Mondoo. The all-new UI in the Security Registry makes finding the policies you need for your space easier and quicker. You can search and filter by policy type right on the main page, so there's no need to dive deeper to add or remove policies. It displays important information such as the policy author, number of checks, and policy description for each policy, so you quickly evaluate policies without multiple clicks. Want to enable or disable a policy? Just toggle the policy from the main page.

Security Registry

We've also redesigned the individual policy pages to help you better understand which checks are included in policies. Checks for particular technologies or subsystems are now bundled together in groups for easier browsing.

Policy Page

You can also view available properties in each check to see how you can customize policy behavior for your organization.

Policy Properties

Amazon S3 and S3-compatible exports

You can now export your Mondoo data to S3 and S3-compatible storage systems automatically. Export data in JSONL or CSV formats. Mondoo runs each export daily.

S3 Export Setup

🧹 IMPROVEMENTS

Scan with friendly policy names

You can now run cnquery and cnspec scans by specifying the friendly, short name of the policy shown in the Security Registry.

cnspec scan okta --organization dev-12345.okta.com --token $OKTA_TOKEN --policy mondoohq/mondoo-okta-security

🐛 BUG FIXES AND UPDATES

  • Fix failures to apply local cnquery query packs.
  • Improve parsing of UNIX uptime on some systems.
  • Improve policy descriptions and add license information to policies.