π₯³ Mondoo 9.14 is out! This release includes agentless Azure VM scanning, new MQL helpers, and more!β
Get this release: Installation Docs | Package Downloads | Docker Container
π NEW FEATURESβ
Scan Azure VMs / snapshots / disksβ
Use new Azure scanning capabilities to scan running VMs, instances, or disks without deploying or managing agents.
Scan snapshots of your VMs to perform agentless scans without impact to your running workloads:
cnspec scan azure compute snapshot <snapshot-name> --client-id <id> --tenant-id <id> --client-secret <value>
Scan snapshots outside your current resource group using the fully qualified Azure resource ID:
cnspec scan azure compute snapshot "/subscriptions/subId/resourceGroups/my-rg/providers/Microsoft.Compute/snapshots/test-debian-snap" --client-id <id> --tenant-id <id>--client-secret <secret>
Scan disks on running VMs with automatic running disk cloning:
cnspec scan azure compute disk <disk-id> --client-id <id> --tenant-id <id> --client-secret <value>
Not concerned about the impact to running workloads? Scan VMs directly without managing agent deploys:
cnspec azure compute instance <instance-name> --client-id <id> --tenant-id <id> --client-secret <value>
New MQL helpers for policy authoringβ
New helpers for MQL give you the power to create robust security and compliance policies to meet your custom business needs.
Quickly access data in a mapβ
Use dot notation to access data in maps:
cnquery> {a: 1, b: 2, c:3}.a
[a]: 1
Check whether a time is within a rangeβ
See if time values fall within a range. This works with all timestamps:
cnquery> password.lastChangedDate.inRange(time.now-90*time.day, time.now)
[ok] value: true
Check whether a number is within a rangeβ
See if an integer value is within a range:
cnquery> 2.inRange(1,3)
[ok] value: true
```coffee
#### Check strings against a list of values
Check a string value against a list of acceptable values.
```coffee
cnquery> "PASS".in(["PASS","ALLOW","OK"])
[ok] value: true
Parse duration valuesβ
Work with duration values using a new duration helper:
cnquery> parse.duration("3d")
parse.parse.duration: 3 days
cnquery> parse.duration("7days")
parse.parse.duration: 7 days
Check the contents of mapsβ
Check keys, values, and combination of the two within maps:
{'a': 1, 'b': 2}.contains( key == 'b' )
{'a': 1, 'b': 2}.all( value > 0 )
{'a': 1, 'b': 2}.one( value != 1 )
{'a': 1, 'b': 2}.none( key == /d-f/ )
Semantic version parsingβ
Compare versions without the need for complex integer parsing:
cnquery> semver('1.9.0') < semver('1.10.0')
[ok] value: "1.9.0"
New Email Security policyβ
A new Email Security policy includes 14 new checks for critical email security protocols, including:
- Sender Policy Framework (SPF)
- Domain Keys Identified Mail (DKIM)
- Domain-based Message Authentication, Reporting & Conformance (DMARC)
This policy really shines with our continuous domain and IP scanning integration (released in Mondoo 9.11). It's also handy on the CLI using cnspec.
New Terraform Asset Inventory Packβ
Use the new Terraform Asset Inventory Pack to inventory versions and resources within your Terraform state files, including resources on AWS, Azure, and GCP clouds.