Mondoo 9.2 is out!

🥳 Mondoo 9.2 is out! This release includes support for securing Atlassian services, a new HTTP resource, and more!

Get this release: Installation Docs | Package Downloads | Docker Container

---

🎉 NEW FEATURES

Secure Atlassian services

Our new Atlassian cnquery/cnspec provider allows you to query the configuration of Atlassian's suite of products, including Jira and Confluence.

Use the Atlassian provider with cnquery shell to connect to your Atlassian URL using a user or admin token:

cnquery shell atlassian --host https://luna.atlassian.net --admin-token FOO

Some example data you can query using this provider and resources:

atlassian.admin.organizations: [
  0: atlassian.admin.organization id="4j1ack42-6c9d-1552-k55a-c2j536j31066"
]

cnquery> atlassian.jira.users
atlassian.jira.users: [
  0: atlassian.jira.user id="5dd64082af96bc0efbe55103"
  1: atlassian.jira.user id="630db2cd9796033b256bc349"
  2: atlassian.jira.user id="5cb4ae0e4b97ab11a18e00c7"
  3: atlassian.jira.user id="557058:f58131cb-b67d-43c7-b30d-6b58d40bd077"
  4: atlassian.jira.user id="712020:1bdc8553-00fa-4e1c-8d14-317bbafece92"
  5: atlassian.jira.user id="6183312e3e3753006f8c7baf"
  6: atlassian.jira.user id="626b14efc72f140069fc636c"
  7: atlassian.jira.user id="5b70c8b80fd0ac05d389f5e9"
  8: atlassian.jira.user id="5e6a646f5df5fb0cfee33989"
  9: atlassian.jira.user id="557058:cbc04d7b-be84-46eb-90e4-e567aa5332c6"
  10: atlassian.jira.user id="712020:45d1ce6f-7b4b-4190-8d93-1d709d7203f9"
  11: atlassian.jira.user id="5d53f3cbc6b9320d9ea5bdc2"
  12: atlassian.jira.user id="557058:950f9f5b-3d6d-4e1d-954a-21367ae9ac75"
  13: atlassian.jira.user id="5cf112d31552030f1e3a5905"
  14: atlassian.jira.user id="712020:f4b1ca94-1967-48c6-9c22-b04a9e999fae"
  15: atlassian.jira.user id="6035864ce2020c0070b5285b"
  16: atlassian.jira.user id="60e5a86a471e61006a4c51fd"
  17: atlassian.jira.user id="5d9b2860cd50b80dcea8a5b7"
  18: atlassian.jira.user id="5d9afe0010f4800c341a2bba"
  19: atlassian.jira.user id="626b1500b31e6f006863c12d"
]
cnquery> atlassian.jira.users.first.name
atlassian.jira.users.first.name: "Lunalectric Integration User"

Learn more about the capabilities of this new provider and its resources in the Atlassian resource pack documentation.

Stay tuned for an Atlassian policy bundle that lets you continuously secure your business' Atlassian usage.

New http resource

Use our new http resource to continuously secure and assure compliance for HTTP endpoints used by your business.

http.get('https://console.mondoo.com') { statusCode version header{ xFrameOptions xContentTypeOptions referrerPolicy sts csp['base-uri'] } }

Returns:

http.get: {
  header: {
    csp[base-uri]: "'self'"
    xContentTypeOptions: "nosniff"
    referrerPolicy: "same-origin"
    xFrameOptions: "SAMEORIGIN"
    sts: http.header.sts maxAge=365 days  includeSubDomains=true preload=false
  }
  version: "2.0"
  statusCode: 200
}

Learn more about these new fields at our http.get and http.header documentation.

🧹 IMPROVEMENTS

Expanded Azure resources

Azure networking resources continue to receive updates to expose critical information for security and compliance within your Azure infrastructure:

azure.subscription.networkService.virtualNetworkGateway.ipConfig

• New publicIpAddress field: The public IP address associated with this IP configuration

azure.subscription.networkService.natGateway

• New publicIpAddresses field: List of public IP addresses the NAT gateway is associated with

azure.subscription.networkService.virtualNetwork

• New dhcpOptions field: Virtual network DHCP options
• New enableDdosProtection field: Whether DDoS protection is enabled for all the protected resources in the virtual network
• New enableVmProtection field: Whether VM protection is enabled for all the subnets in the virtual network

More AWS console links

AWS console links let you jump directly from Mondoo scan results to the scanned assets in the AWS console. Use these handy shortcuts to make updates quickly based on Mondoo findings. We've expanded this support with direct console links from Mondoo DynamoDB, KMS, CloudTrail, and EBS volumes assets.

🐛 BUG FIXES AND UPDATES

• Add form value validation to the Organization Settings -> Authentication page.
• Improve rendering of the form in the Organization Settings -> Authentication page.
• Improve the performance of AWS account scans.
• Fix failures scanning AWS DynamoDB tables.
• Fix failures fetching metadata and connection settings in the Azure Web App Service.
• Fix a failure that could occur when querying terraform.files.
• Don't use Microsoft's UPX binary compression for cnquery and cnspec, as some antivirus software incorrectly flags this as malware.
• Improve handling of null values in resources.
• Use asset.fqdn as the asset name for the network and arista providers.
• Use proxy servers to fetch provider updates when available.
• Fix the copy to table button on CVE pages failing to copy.
• Fix a failure creating Jira integrations.
• Improve compliance framework mappings to show additional data.
• Fix incorrect titles on some Microsoft KBs.
• Adjust the EOL dates for Amazon Linux 2018 and Debian 9/12.
• Don't show checks in policies that are not enabled in Compliance Hub control pages.
• Rework queries in CIS Windows 10/11/2016/2019/2022 policies to improve reliability