Skip to main content

Mondoo 6.6 is out!

ยท 2 min read
Charles Johnson
Mondoo Core Team

๐Ÿฅณ Mondoo 6.6 is out! This release adds much-requested support for scanning pipelines with CircleCI, side scanning from the command line, and some nice improvements to the Linux Baseline policy for securing users and groups.

Get this release: Installation Docs | Package Downloads | Docker Container

๐ŸŽ‰ NEW FEATURESโ€‹

CircleCI Supportโ€‹

Problem: You want to use Mondoo natively with CircleCI projects to secure your build pipelines.

Solution: Mondoo now securely integrates with CircleCI projects to scan Kubernetes manifests, Terraform configuration files, and Docker images for common misconfigurations and CVEs. Check out the CircleCI integration documentation to learn more.

CircleCI Security Scans

AWS Side Scanning From the CLIโ€‹

Problem: You want Mondoo to scan your AWS instances, but you want to do it without SSH credentials or an SSM agent and without directly impacting your production workloads.

Solution: Mondoo now supports AWS side scanning. You can scan an EC2 instance, an EC2 EBS volume, or an EC2 EBS snapshot. See the EC2 Snapshot Scanning documentation for details.

๐Ÿงน IMPROVEMENTSโ€‹

Improved Linux Baseline Policyโ€‹

Problem: You want the best possible out-of-the-box policies for securing your Linux systems.

Solution: Update the Linux Security Baseline policy to provide additional security recommendations. We've added 12 new controls to validate that users and groups are configured correctly on your Linux systems.

Multi-line Support in Mondoo Shellโ€‹

Problem: Writing complex MQL queries on one line can be frustrating.

Solution: The Mondoo shell now supports multi-line input! Multi-line Shell

Copy MRN From the Asset Detail Pageโ€‹

Problem: It could be challenging to generate a properly-formed asset MRN to use with the Mondoo CLI.

Solution: You can now copy the MRN for any asset from that asset's detail page.

Copy MRN

Total Scans From the Vulnerability Pageโ€‹

Problem: Mondoo didn't provide enough context about vulnerability scans. It provided the number of findings, but didn't show the total number of objects scanned. If you had a system with no vulnerabilities, it could appear that Mondoo wasn't doing anything!

Solution: Mondoo now also shows the total number of objects scanned in a vulnerability scan.

๐Ÿ› BUG FIXES AND UPDATESโ€‹

  • Resolves improperly failing queries in the macOS policy
  • The Linux Security Baseline policy now correctly detects apache2 on Debian-based Linux distributions
  • Improved Kubernetes admission controller reliability on small Kubernetes clusters