Mondoo 9.8 is out!
๐ฅณ Mondoo 9.8 is out! This release includes automated compliance inventory gathering, AIX support, a new CVE view, plus a whole lot more!โ
Get this release: Installation Docs | Package Downloads | Docker Container
๐ NEW FEATURESโ
Automated compliance inventory gatheringโ
Your audit goes beyond security checks; now so does Mondoo, with continuous infrastructure inventory gathering mapped automatically to top compliance frameworks. Compliance Hub controls now include a Data Queries tab listing inventory data from query packs. This inventory data is gathered automatically from the cnspec CLI or from integrations like AWS, GitHub, or Kubernetes. Inventory data fills key requirements from auditors to ensure your infrastructure is compliant, such as gathering AWS VPC configuration to prove SOC 2 CC6.1.5 or asset inventory data for CC6.1.1.
SOC 2 control with data queries:
Drill into a data query to see the query detail and the assets for which it gathered data:
New result scoring designโ
The list of security findings was often presented and sorted in a confusing way. Successful security checks would often be listed above failed checks and errors and skipped checks were mixed into the list at seemingly random. This was due to the previous prioritization focusing more on the impact of checks, rather than the success or failure of its finding.
The new system is focused on prioritizing the most impactful actions. We now sort everything by failed checks first, followed by errors, then successful checks, and finally anything that is ignored or disabled. This means that the list now prioritizes the most critical failed findings.
We also improved the colors. If it looks like a successful check, it is now consistently green. If it looks like a red alarm, it's definitely a critical failed check.
Here's an overview of this new scoring system:
New asset scorecard designโ
When progress isn't lightning-fast, it's important to track small wins. With this in mind, we've redesigned our asset policy cards to better show progress made towards securing systems. The new design removes the score number from the cards and instead shows the number of passing and failing checks, so you can track progress without the need to dive into the list of all checks on an asset.
New security policies pageโ
When we built the security policies page, our goal was to give users a single location where they could see all asset scores for policies in their space and control how those policies ran.
This week, we updated that page to make it easier to identify failing assets for each policy quickly:
The updated page also allows you to disable a policy or set it to preview without leaving the policies page:
New CVE viewโ
Out with the old and in with the new is the theme of the Mondoo 9.8 release, so why not update one of our oldest components? It's time for a whole new CVE page! A fresh, new design makes it easier to understand the impact of a CVE.
AIX 7.1 and 7.2 supportโ
Kubernetes and serverless may be all the rage, but mainframes power the world. Now you can secure your AIX mainframes with Mondoo. We've updated cnquery and cnspec with new remote scan capabilities for AIX and bundled CIS AIX 7.1 and 7.2 benchmark policies, allowing you to quickly evaluate the security and compliance of your AIX systems.
New BSI SiSyPHuS Windows 10 policyโ
Mondoo now includes a new BSI SiSyPHuS Windows 10 policy based on BSI's SiSyPHuS Win10 - Study on system design, logging, hardening and security features in Windows 10 - Configuration Recommendations document. This policy includes 363 queries with impact scores and remediation steps. The checks map to all Mondoo supported compliance frameworks, including BSI's Cloud Computing Compliance Controls Catalog (C5) framework.
๐งน IMPROVEMENTSโ
Expanded resource fieldsโ
Whether you're writing custom security policies or exploring your infrastructure with cnquery shell, it's important to have all the data possible for assets. This week, we further expand some of our most popular assets with additional fields, giving you greater insight into your infrastructure.
atlassian.admin.organization.managedUserโ
productAccess
- Product accessstatus
- Status
aws.autoscaling.groupโ
minSize
- The minimum number of instances to scale down tomaxSize
- The maximum number of instances to scale up todefaultCooldown
- The time to wait after scaling up / down before the next scaling event is startedlaunchConfigurationName
- The name of the launch configurationhealthCheckGracePeriod
- The grace period in seconds before an instance with a failing health check will be replacedcreatedAt
- Time when the autoscaling group was created
aws.ssm.instanceโ
platformType
- The type of for the SSM Instance, as described by AWS (Windows, Linux, etc)platformVersion
- Platform version for the SSM Instance, as described by AWS