Skip to main content

157 posts tagged with "mondoo"

View All Tags

Mondoo 5.6.0 is out!

2 min read
Mondoo Core Team

馃コ mondoo 5.6.0 is out!

馃Ч IMPROVEMENTS

  • Windows 2022 support
  • Extended the audit and remediation documentation on the AWS policy
  • Update "Mondoo Platform End-of-Life Policy" to use the sh built-in command instead of which to determine if an executable is in the path since not all platforms have which by default
  • New to the MQL time resource: time.today and time.tomorrow
  • Improve AWS CIS Operational Best Practices policies with more descriptions
  • Include SuSE and macOS AWS EC2 instances in integration statistics overview
  • Improved the messaging on the AWS integration when in an unhealthy state

馃悰 BUG FIXES AND UPDATES

  • Community uploaded policies are now always marked as private
  • Fix an issue where duplicated queries across policies would not be correctly reported
  • Fix an issue where asset connection issues in discovery phase where reported but have not lead to exit code 1
  • Fix AWS instance tag filter for SSM integration
  • Fix operator precedence bug where a query like: false && false || true resulted in a false value
  • Fixed issue where a portion of the app would spin when a failed token refresh resulted in a 401
  • Handle case where non-reachable assets detected in discovery phase were not used for exit codes
  • Properly error out when we could not retrieve the platform details for arista

鈿狅笍 BREAKING CHANGES:

  • Modified the AWS integration Mondoo Lambda role to have stricter permissions. This change requires users to manually update the CloudFormation by navigating to the AWS CloudFormation console and selecting the Update button. No additional configuration options are required.

Mondoo 5.5.2 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.5.2 is out!

馃Ч IMPROVEMENTS

  • The Windows executable included in the zip file is now signed
  • Speed up execution of Rsyslog resource when no configuration is found
  • Added SSM connection label to instances
  • The duplicates MQL method now accepts field names

馃悰 BUG FIXES AND UPDATES

  • Fix panic in mondo exec
  • Speed up asset deletion

Mondoo 5.4.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.4.0 is out!

馃Ч IMPROVEMENTS

  • Add remediation steps to the Linux baseline security policy for RHEL and Debian
  • Add missing titles in AWS policy

馃悰 BUG FIXES AND UPDATES

  • Fix nil-pointer crash in AWS IAM password policy
  • Fix nil-pointer crash in vSphere discovery
  • Fix broken incognito scans
  • Fix incorrect SageMaker query in AWS policy

Mondoo 5.3.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.3.0 is out!

鈿狅笍 BREAKING CHANGES:

  • We no longer use machine IDs for asset platform identifiers. We've found many examples of where this is not unique, for example, Amazon Linux AMIs.

Mondoo 5.2.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.2.0 is out!

馃Ч IMPROVEMENTS

  • CIS Distribution Independent Linux has been updated and includes many improvements around pam controls, speedier implementation of the CIS controls that have to scan the whole file system
  • MSI Installation has been improved. We changed the default behavior for service start. By default windows services are not started after the MSI has been installed. For server setups, please configure the service to start automatically. See docs for more information
  • RPM/Debian packages have been improved. They do not start the service by default anymore, the systemd unit is created but not enabled by default. Activated services are honored and restarted after package update is completed.
  • Updated the getting-started walk-through for a new space.

Getting Started Walk-Through

Getting Started Walk-Through

Mondoo 5.1.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.1.0 is out!

馃Ч IMPROVEMENTS

  • SNS messages sent from AWS CloudFormation as part of the AWS integration are now encrypted by default
  • Resources created by the AWS integration are now tagged
  • Newly created spaces will be assigned default policies
  • Send hostname as a platform identifier when using WinRM

馃悰 BUG FIXES AND UPDATES

  • Fix bug where Mondoo installed with MSI installer could not be uninstalled

鈿狅笍 BREAKING CHANGES:

  • The way Mondoo looks for its configuration has changed:
    • ~/.mondoo.yml is deprecated. Use ~/.config/mondoo/mondoo.yml
    • Lookup order is ~/.config/mondoo/mondoo.yml, ~/.mondoo.yml, /etc/opt/mondoo/mondoo.yml

Mondoo 4.17.2 is out!

One min read
Mondoo Core Team

馃コ mondoo 4.17.2 is out!

馃悰 BUG FIXES AND UPDATES

  • Fix broken Debian packages that were resulting in the configuration not being found or the mondoo CLI not being in the path

Mondoo 5.0.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 5.0.0 is out!

This major version update significantly improves the way policies are resolved and distributed to our agents. It doesn't require any changes from you, our users, and will happen silently on the backend.

Using this new policy resolution, we are able to scale to significantly more assets. Please reach out if you encounter any difficulties with this upgrade via slack or via support@mondoo.com.

馃Ч IMPROVEMENTS

  • Switched to new policy resolution by default to improve speed and scalability
  • Added baseline policies for Linux, macOS, Windows
  • Signed executable and installer for Windows

馃悰 BUG FIXES AND UPDATES

  • Fixed issue where the Packer plugin would scan the local target instead of the image being built

Mondoo 4.17.0 is out!

One min read
Mondoo Core Team

馃コ mondoo 4.17.0 is out!

馃帀 FEATURES

  • Experimental VMware Harbor Integration is available

    Harbor

    To try it out, add the container_registries configuration to your mondoo config:

    ...
    container_registries:
    token: abc123
    enable_harbor: true

    and then run mondoo serve. An implementation of the pluggable-scanner-spec will be available on port 8990.

馃Ч IMPROVEMENTS

  • macOS arm64 builds
  • Improved macOS and Windows baseline policies
  • Improved MQL type enforcement relating to handling of nils

馃悰 BUG FIXES AND UPDATES

  • Fix MQL timeout when if missing else
  • Fix Microsoft 365 resolver
  • Allow passing insecure flag for container registry scans