Skip to main content

Mondoo 6.13.1 is out!

ยท 2 min read

๐Ÿฅณ Mondoo 6.13.1 is out! This release includes a new modular GitHub Action and updated EKS policies!


Get this release: Installation Docs | Client Download | Installation Service | Docker Container


๐ŸŽ‰ FEATURESโ€‹

All New Modular GitHub Actionโ€‹

The Mondoo GitHub Action has been entirely rewritten to better integrate within modular workflows in your projects. The action now includes individual GitHub Actions for scanning AWS accounts, Kubernetes Clusters, Kubernetes manifests, Docker images, and Terraform configuration files. There's also a new action for uploading Mondoo Policies to PolicyHub and an action for configuring Mondoo Client, so you can run whatever scan commands you may need. Keep in mind that this new setup is entirely different than our previous releases and breaks existing workflow configurations. Make sure to check out the project Readme and each new action's readme for more information on usage. As always, let us know if you have any questions at hello@mondoo.com or join us on our Mondoo Community Slack

Find the new action on the GitHub Actions Marketplace.

GitHub Marketplace

๐Ÿงน IMPROVEMENTSโ€‹

Up-to-Date EOL Dataโ€‹

Problem: You want to ensure that no systems in your fleet have reached EOL status, but this required you to update Mondoo Client for the latest EOL data.

Solution: EOL data is now stored in Mondoo Platform and so are updated automatically. With this change, your systems will always have the latest EOL data as vendors publish new or updated EOL dates.

Expanded CIS Amazon EKS Benchmarksโ€‹

We've greatly expandeded the CIS Amazon EKS Level 1 and 2 benchmarks with additional queries and improved the overall reliability of many of the policies. Stay tuned for next week's release for more updates to this policy.

EKS Policy

๐Ÿ› BUG FIXESโ€‹

  • Prevents sending duplicate Organization or Space invitations if you add a space chatacter to an e-mail address.
  • Prevents display of duplicate informational alerts in AWS Integrations.
  • Resolves failures querying EC2 instances that lacked assigned key pairs.