Mondoo 8.28 is out!
π₯³ Mondoo 8.28 is out! This release includes fine-grained GitLab scanning and more!β
Get this release: Installation Docs | Package Downloads | Docker Container
π NEW FEATURESβ
Fine grained scanning of GitLab assetsβ
Mondoo now offers more detailed scanning capabilities for GitLab assets. Instead of the previous single gitlab
asset, Mondoo now provides separate gitlab-group
and gitlab-project
assets. When scanning your GitLab group, both cnspec and cnquery now automatically detect each project within your group. This enhanced granularity in asset scans improves the accuracy of scan results and allows for setting exceptions for specific projects.
cnspec scan gitlab --group lunalectric
β loaded configuration from /Users/luna/.config/mondoo/mondoo.yml using source default
β using service account credentials
β discover related assets for 1 asset(s)
β resolved assets resolved-assets=37
β synchronize assets
lunalectric / rockets_101 ββββββββββββββββββββββββββββββββββββββ 100%
lunalectric / oxygen_generator ββββββββββββββββββββββββββββββββββββββ 100%
lunalectric / space_cats ββββββββββββββββββββββββββββββββββββββ 100%
lunalectric / rover_design ββββββββββββββββββββββββββββββββββββββ 100%
lunalectric / human_habitats ββββββββββββββββββββββββββββββββββββββ 100%
...
π§Ή IMPROVEMENTSβ
Runtime data in AWS Lambda function resourceβ
The aws.lambda.function
MQL resource now includes a new runtime
field that displays the runtime environment of the function. Thanks for this addition @mbainter!
π BUG FIXES AND UPDATESβ
- Fix a panic viewing some asset data in the asset resources tab.
- Add more user-friendly control titles to the SOC 2 compliance framework.
- Show 0% check completion instead of βUnknownβ when appropriate in compliance controls.
- Automatically close the search box when results display.
- Fix hardware systems incorrectly identifying as Azure VMs in asset configuration data.
- Improve reliability of the CIS
Ensure GDM login banner is configured
check on RHEL based systems. - Prevent errors in the CIS
Ensure filesystem integrity is regularly checked
check when theaide
package is not installed.