Mondoo 8.8 is out!
๐ฅณ Mondoo 8.8 is out! This release includes Azure inventory collection, CIS policies for GCOS, and more!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Gather asset data on Azureโ
Our new Azure Asset Inventory pack allows you to gather information on Azure assets so you can browse your Azure infrastructure in the asset resource explorer:
New Google Container OS (GCOS) CIS Benchmark policyโ
Security in your Kubernetes clusters goes beyond just workloads and cluster configuration. Ensure you're fully securing the nodes that make up your GKE clusters with this new CIS benchmark policy for the Google Container OS (GCOS) Linux distribution that powers GKE clusters.
Output formatters for vulnerability scansโ
You can now output vulnerability scan data in CSV, YAML, or JSON formats using the same output flag you use with cnspec security scans.
cnspec vuln container image ubuntu:focal-20220113 -o csv
โ loaded configuration from /etc/opt/mondoo/mondoo.yml using source default
โ using service account credentials
โ discover related assets for 1 asset(s)
โ resolved assets resolved-assets=1
Package Name,Score,Installed,Fixed,Available,Advisory,CVEs
libpam-modules,9.8,1.3.1-5ubuntu4.3,1.3.1-5ubuntu4.6,1.3.1-5ubuntu4.6,,
libpam-modules,9.8,1.3.1-5ubuntu4.3,1.3.1-5ubuntu4.4,1.3.1-5ubuntu4.6,USN-5825-1,CVE-2022-28321
libpam-modules,9.8,1.3.1-5ubuntu4.3,1.3.1-5ubuntu4.6,1.3.1-5ubuntu4.6,USN-5825-2,CVE-2022-28321
zlib1g,9.8,1:1.2.11.dfsg-2ubuntu1.2,1:1.2.11.dfsg-2ubuntu1.5,1:1.2.11.dfsg-2ubuntu1.5,,
zlib1g,9.8,1:1.2.11.dfsg-2ubuntu1.2,1:1.2.11.dfsg-2ubuntu1.5,1:1.2.11.dfsg-2ubuntu1.5,USN-5570-2,CVE-2022-37434
zlib1g,5,1:1.2.11.dfsg-2ubuntu1.2,1:1.2.11.dfsg-2ubuntu1.3,1:1.2.11.dfsg-2ubuntu1.5,USN-5355-1,CVE-2018-25032
gzip,8.8,1.10-0ubuntu4,1.10-0ubuntu4.1,1.10-0ubuntu4.1,,
gzip,8.8,1.10-0ubuntu4,1.10-0ubuntu4.1,1.10-0ubuntu4.1,USN-5378-1,CVE-2022-1271
liblzma5,8.8,5.2.4-1ubuntu1,5.2.4-1ubuntu1.1,5.2.4-1ubuntu1.1,,
liblzma5,8.8,5.2.4-1ubuntu1,5.2.4-1ubuntu1.1,5.2.4-1ubuntu1.1,USN-5378-2,CVE-2022-1271
libc6,7.8,2.31-0ubuntu9.2,2.31-0ubuntu9.7,2.31-0ubuntu9.9,,
libc6,7.8,2.31-0ubuntu9.2,2.31-0ubuntu9.7,2.31-0ubuntu9.9,USN-5310-1,CVE-2016-10228 CVE-2020-6096 CVE-2020-27618 CVE-2020-29562 CVE-2019-25013 CVE-2021-3326 CVE-2021-27645 CVE-2021-35942 CVE-2021-3998 CVE-2021-3999 CVE-2022-23218 CVE-2022-23219
tar,7.8,1.30+dfsg-7ubuntu0.20.04.1,1.30+dfsg-7ubuntu0.20.04.3,1.30+dfsg-7ubuntu0.20.04.3,,
...
๐งน IMPROVEMENTSโ
Control cnspec public report sharingโ
We recently added the ability to report and share cnspec scan results on the Mondoo website (without a Mondoo account). After each scan, cnspec asks if you want to report the scan results.
This release adds flags and controls for this capability.
Use this flag to skip the prompt and share a report:
cnspec scan --share-report
Use this flag to skip the prompt and not share a report:
cnspec scan --share-report=false
To configure cnspec to never prompt and never share a report, change the config:
share_report: false # only applicable if used unauthenticated
If you disable report sharing using the config and you run cnspec scan --share-report, the flag overrides the config and cnspec shares the report.
๐ BUG FIXES AND UPDATESโ
- Improve alignment of cnspec scan results.
- Fix failures in some MQL queries using switch statements.
- Discover Kubernetes assets in manifests even if they lack a namespace.
- Validate that the provided Microsoft 365 certificate can correctly authenticate with Microsoft 365.
- Fix
cnspec bundle publishfailing when policies use variants. - Fix
Ensure nodev option set on /var partitionandEnsure nosuid option set on /var partitionfalse negatives in the CIS Ubuntu 22.04 policy.