Skip to main content

Mondoo Glossary of Terms

advisory

An advisory is a notice released by a software vendor that provides recommendations on how to fix or mitigate a vulnerability in their product.

annotation

Metadata that you add to an asset in Mondoo is called an annotation. Annotations are key-value pairs that you can use for anything you want.

API token

An API token gives an application or service access to an application programming interface (API). It's one way to enable different software programs to interact. Some Mondoo integrations rely on API tokens. You can also create API tokens that provide access to Mondoo's GraphQL API.

asset

An asset is a physical or virtual computing, network, or storage device or other component of the information environment. Workstations, servers, SaaS environments, cloud storage, repositories, and virtual machines are only a few examples.

base score

Each finding that Mondoo reveals has a base score associated with it. For misconfigurations exposed by Mondoo's security policies, the base score comes from the policy. For CVEs and advisories, the base score is the CVSS score.

blast radius

The blast radius of a finding is the number of assets in the space where Mondoo detected the finding.

case

A case is a task to be completed. Cases are based on one or more security findings (such as advisories or failed checks) that a team member has identified as needing attention.

check

A check is a verification of information. For example, a check can assert that an asset has a certain setting enabled or a software version installed. To learn more, read Policy as Code.

CI/CD

Continuous integration and continuous delivery/deployment (CI/CD) is a highly automated software development practice in which teams make, test, and deploy frequent, incremental code changes. Mondoo integrates with major CI/CD platforms to enable security testing throughout the development process.

console

The Mondoo Console is a browser-based user interface for managing your Mondoo account. Access the Mondoo Console at console.mondoo.com.

contextual risk factors

When calculating risk, Mondoo considers the environment in which a finding exists. Contextual risk factors, such as an end-of-life operating system, a running service, or defensive countermeasures on the asset, increase or decrease the risk of a finding.

cnquery

cnquery is Mondoo's open source, cloud-native tool that answers every question about your infrastructure. It integrates with over 600 resources to provide quick insight into your operations and development platforms.

cnspec

cnspec is Mondoo's open source, cloud-native tool that evaluates the security of your entire infrastructure. It's also a core component of the Mondoo Platform, serving as both a CLI and an agent for scanning.

control

A control is a general guideline in a compliance framework. For example, "Log sensitive data access" and "Maintain secure network architecture" are controls in a framework.

CVE

A CVE (common vulnerability and exposure) is a weakness in a computer system that an attacker can exploit to gain access or extract information.

drift

See security drift.

integration

An integration is Mondoo's connection and communication with an external system. Most integrations are with assets. They allow Mondoo to gather inventory details, assess the security of an asset, and measure compliance.

A Mondoo integration can also provide communication with a data export destination or a project management or ticket system.

inventory

An inventory is a collection of all the assets in your infrastructure. Mondoo's inventory gives you visibility into the details of all your assets across multiple platforms.

Mondoo Platform

Mondoo Platform is Mondoo's full-stack compliance, security, and asset intelligence solution for the enterprise. It integrates with your infrastructure to continuously monitor security and evaluate compliance with the most common industry frameworks.

MQL

MQL is a graph-based query language built for searching and checking infrastructure configuration data and building security policies.

organization

An organization is a high-level Mondoo entity that can contain one or more spaces.

policy

A policy is a codified benchmark used to assess your infrastructure. Policies control what misconfigurations and security issues Mondoo checks for when it evaluates your digital business assets. To learn more, read Policy as Code.

property

A property is a variable part of a check. Properties let you customize the checks in a policy. For example, a policy might include a check to ensure that passwords are at least eight characters. The password length is a property that you can change.

query

A query is a request for information. The cnquery CLI tool allows you to query assets in your infrastructure.

region

A region is the part of the world in which an organization conducts business. Mondoo stores and processes your data in different regions to comply with global regulations.

risk factor

Risk factors are attributes that can raise or lower the risk that a finding poses to your organization.

risk score

Mondoo assigns a risk score of Low, Medium, High, or Critical to each finding. This score is calculated using a base score (from the policy) and contextual risks such as credentials exposed to the internet or a running service or database.

score

Mondoo gives each asset and space a security [score] that represents their ability to withstand attack. Scores are based on the security policies you choose. To learn how Mondoo calculates scores, read How Mondoo scores policies.

security drift

Security drift (also known as "security posture drift" or just "drift") occurs when your infrastructure becomes more vulnerable to attack. Security practices and controls can deteriorate over time as your system configurations deviate from your established baselines. It's important to catch drift before it becomes a big problem. You can configure Mondoo to automatically create a ticket in your tracking system (such as Jira or ServiceNow) when it detects drift.

security posture

Your security posture is your organization's ability to identify, respond to, and recover from security threats and risks.

service account

A service account is an identity used by a non-human (such as an application or a service) to access a software system. Mondoo relies on service accounts for some integrations. You can also create service accounts that provide access to Mondoo.

space

A space is a collection of assets, policies, and reports that are managed together within Mondoo Platform. Spaces also let you manage which members of your team have access to different information about your infrastructure.

team member

A team member is a person in your organization who has access to Mondoo.

vulnerability

A vulnerability is a weakness in a computer system that an attacker can exploit to gain access or extract information. Vulnerabilities are also known as CVEs (common vulnerabilities and exposures).