🥳 Mondoo 6.6 is out! This release adds much-requested support for scanning pipelines with CircleCI, side scanning from the command line, and some nice improvements to the Linux Baseline policy for securing users and groups.
Problem: You want to use Mondoo natively with CircleCI projects to secure your build pipelines.
Solution: Mondoo now securely integrates with CircleCI projects to scan Kubernetes manifests, Terraform configuration files, and Docker images for common misconfigurations and CVEs. Check out the CircleCI integration documentation to learn more.
AWS Side Scanning From the CLI
Problem: You want Mondoo to scan your AWS instances, but you want to do it without SSH credentials or an SSM agent and without directly impacting your production workloads.
Solution: Mondoo now supports AWS side scanning. You can scan an EC2 instance, an EC2 EBS volume, or an EC2 EBS snapshot. See the EC2 Snapshot Scanning documentation for details.
Improved Linux Baseline Policy
Problem: You want the best possible out-of-the-box policies for securing your Linux systems.
Solution: Update the Linux Security Baseline policy to provide additional security recommendations. We've added 12 new controls to validate that users and groups are configured correctly on your Linux systems.
Multiline Support in Mondoo Shell
Problem: Writing complex MQL queries on one line can be frustrating.
Solution: The Mondoo shell now supports multiline input!
Copy MRN From the Asset Detail Page
Problem: It could be challenging to generate a properly-formed asset MRN to use with the Mondoo CLI.
Solution: You can now copy the MRN for any asset from that asset's detail page.
Total Scans From the Vulnerability Page
Problem: Mondoo didn't provide enough context about vulnerability scans. It provided the number of findings, but didn't show the total number of objects scanned. If you had a system with no vulnerabilities, it could appear that Mondoo wasn't doing anything!
Solution: Mondoo now also shows the total number of objects scanned in a vulnerability scan.
🐛 BUG FIXES
- Resolves improperly failing queries in the macOS policy
- The Linux Security Baseline policy now correctly detects apache2 on Debian-based Linux distributions
- Improved Kubernetes admission controller reliability on small Kubernetes clusters