🥳 Mondoo 8.25 is out! This release includes improvements to Compliance Hub, updated CIS Debian Linux 2.0 Benchmark, and more!
Improved Compliance Hub experience
We've been busy this week rolling out fixes and improvements to make Compliance Hub an even better experience.
- The first exception on the compliance exceptions tab now automatically expands for easier viewing.
- Compliance control pages now include tooltips for the completion column.
- Controls listed in exceptions now link to the individual control pages.
- The completion column in control pages now supports ascending and descending sorting.
- The completion percentage shown for frameworks now better reflects progress.
- There are improved recommendations when there are no checks or assets in a control.
- Compliance completion bars in Firefox now size properly at all window dimensions.
CIS Debian Linux 10 Benchmark 2.0
CIS Debian Linux 10 Benchmark is updated from 1.0 to 2.0. This is a massive update to the CIS benchmarks for Debian that includes the following changes:
- 38 controls now have improved descriptions, audit instructions, and remediation steps.
- 34 new controls now follow the "Ensure service X is not installed" method instead of "Ensure service X is disabled".
- 58 legacy controls have been removed, including the existing "Ensure service X is disabled" controls mentioned above.
🐛 BUG FIXES AND UPDATES
- Don't show duplicate checks in the registry when a policy uses variants.
- Remove a black box displayed in the registry when a policy uses policy variants.
- Add three additional controls to the CIS Amazon Linux 2023 policies.
- Improved descriptions and remediation steps in the CIS Distribution Independent Linux Benchmark policies.
- Log errors for missing API support when scanning GCP organization and projects instead of failing.
- Give a unique name to
gcp-subnetworkassets that includes the region in the name.
- Fix the grouping of GCP organizations and projects in the fleet view.
- Don't attempt to discover GCP projects that are marked for deletion.
- Don't detect GCP VM instances as VM images.