Skip to main content

Mondoo 4.17.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 4.17.0 is out!

馃帀 FEATURES

  • Experimental VMware Harbor Integration is available

    Harbor

    To try it out, add the container_registries configuration to your mondoo config:

    ...
    container_registries:
    token: abc123
    enable_harbor: true

    and then run mondoo serve. An implementation of the pluggable-scanner-spec will be available on port 8990.

馃Ч IMPROVEMENTS

  • macOS arm64 builds
  • Improved macOS and Windows baseline policies
  • Improved MQL type enforcement relating to handling of nils

馃悰 BUG FIXES AND UPDATES

  • Fix MQL timeout when if missing else
  • Fix Microsoft 365 resolver
  • Allow passing insecure flag for container registry scans

Mondoo 4.16.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 4.16.0 is out!

馃帀 FEATURES

  • new MQL parse plist feature parse.plist(content:"") MQL array functions

  • new MQL array functions for query language [].containsOnly([..])

MQL array functions

馃Ч IMPROVEMENTS

  • Improved handling of binary files
  • Platform EOL information for macOS and Arch Linux
  • Bug fixes for the CIS Benchmarks for macOS
  • Improve vault access to AWS Secret Manager

Mondoo 4.15.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃コ mondoo 4.15.0 is out! It ships with many new MQL resources, new CIS benchmarks for macOS 10.15 and macOS 11.

馃帀 FEATURES

  • New Mondoo update notifications in Mondoo Console

Mondoo Console Update Notifications

  • new CIS Benchmark for macOS 10.15 and macOS 11 (beta)

CIS Benchmark for macOS

  • new MQL array functions for query language []array.unique & []array.duplicates

MQL array functions

  • new MQL string function for upper case string.upcase

MQL upcase

  • new MQL parse json feature parse.json(content: '{ "a": "b"}')

MQL json parse

MQL resources for macos

  • new MQL parse.plist resource to parse plist files on macOS

MQL resources to parse plist file

  • new MQL uuid resource

MQL resources to parse uuid

馃Ч IMPROVEMENTS

  • SSH user fallback: When mondoo scan -t host is used without a user, we fallback to the current user to mimic ssh agent behaviour

Mondoo 4.13.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃コ mondoo 4.13.0 is out! This release focusses on stability and quality

馃Ч IMPROVEMENTS

  • switch to X as indicator for asset and score errors on CLI
  • improve CIS DIL Benchmark implementation
  • improve rendering for policy descriptions with bash content
  • improve AWS integration
  • improved CSP Header for mondoo.app

馃悰 BUG FIXES

  • fix a case where the cli displayed the wrong dashboard url
  • fixes an issue where reports generated a cli error

Mondoo 4.12.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃コ mondoo 4.12.0 is out!

馃帀 FEATURES

  • new auto-update functionality for lambda functions
  • make it easier to scan container without docker being installed

馃Ч IMPROVEMENTS

  • improved logging for aws lambda function
  • added mondoo shell to help command

馃悰 BUG FIXES

  • fixes an issue where container image snapshots could not be scanned

Mondoo 4.11.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃コ mondoo 4.11.0 is out and it is improving our web dashboard.

馃帀 FEATURES

  • completely new asset view
  • asset connection errors during scan are reported upstream

馃Ч IMPROVEMENTS

  • AWS integration has been updated, new setup screens and improved CloudFormation

馃悰 BUG FIXES

  • switch configuration exit code 401 to 78 since systemd only allows exit codes up to 255

New Asset Screen

The new asset screen make the policy information more accessible. Its easier to see the overall asset scoring, the new result distribution graph quickly highlights if the asset is configured well.

Asset Overview Screen

When you select the Policy Card, all the policy details display.

Detailed Policy View

In addition, we introduced a quick navigation, to switch between different policies more easily: Simply select the policy name.

Select drop-down to switch policies

Then a drop-down will open, you can now quickly switch between the different policy reports.

Select policies from drop-down

Mondoo 4.10.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃コ mondoo 4.10.0 is out and it's a adding more quality to our backend and web dashboard. In addition it ships with the latest CIS Amazon Web Services Foundations Benchmark 1.4.0.

馃帀 FEATURES

  • CIS Amazon Web Services Foundations Benchmark 1.4.0
  • new discovery process to synchronize assets before individual scans are executed
  • AWS SSM jobs load their config from SSM parameter store
  • Added Windows setup installation instruction to web dashboard
  • Added Alpine 3.11 vulnerability support
  • Added support for multi-region AWS SSM scan
  • New Mondoo VMware appliance as ova file

馃Ч IMPROVEMENTS

  • Better handling of mondoo service shutdown events
  • SSH config parser can handle same-line comments now
  • Faster detection of new VMware advisories
  • Enhanced AWS SSM commands for Windows and Linux
  • Refined AWS EC2 instance discovery via mondoo integration

馃悰 BUG FIXES

  • AWS Integration stability

Mondoo 4.9.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

:partying_face: mondoo 4.9.0 is out and it's a full stability update.

The mondoo serve command is more robust and we optimized it to be more memory efficient. In addition, we continue to improve the onboarding and continues scanning flows.

馃帀 FEATURES

  • cli aggregates scan errors and does not stop execution

馃Ч IMPROVEMENTS

  • new improved flow to setup spaces

馃悰 BUG FIXES

  • identified a memory leak that affected mondoo serve

Mondoo 4.8.2 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃Ч IMPROVEMENTS

  • display service account mrn and agent mrn in mondoo status
  • split agents and service accounts
  • further improvement of the AWS integration

馃悰 BUG FIXES

  • resolves an issue where mondoo register has not worked with service accounts
  • resolve issues around the mondoo register flow

Mondoo 4.7.0 is out!

One min read
Christoph Hartmann
Mondoo Core Team

馃帀 FEATURES

  • render report summary after run of mondoo scan

馃Ч IMPROVEMENTS

  • cli suggesting includes built-in functions
  • extends the AWS integration to ease the setup and add support for ECR
  • dql adds support to do arithmetic operations on dict types
  • cover more queries of the AWS benchmark and well-architected policies

馃悰 BUG FIXES

  • dql handles missing inputs for parse.date properly

Screenshot_2021-05-17_at_10.11.19

Screenshot_2021-05-17_at_10.12.52