Skip to main content

Β· 3 min read

πŸ₯³ Mondoo 8.29 is out! This release includes improved table views, a new Inventory navbar item, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


🧹 IMPROVEMENTS​

Improved UI tables​

At Mondoo we take pride in not just collecting security information, but also displaying it in a meaningful way. If you've been using the product long enough you may have noticed we've gone through many iterations of our table view. It never felt quite right, until we introduced the new table in Compliance Hub that lets you easily view, sort, and multi-select data without pull down menus or multiple clicks. This week the team revamped all of our existing views to update them with this improved UX. Give it a try and keep an eye out for pagination improvements coming soon!

Improved multi-select

Fleet is now Inventory​

When we first built Mondoo, the Fleet view was where you found all of your servers or workstations. As we expanded Mondoo to include Kubernetes workloads, cloud accounts, and even SaaS servers, this name made less sense. This week we renamed Fleet to Inventory to better represent Mondoo's cross-platform asset inventory capabilities. It's just a rename, but we think this will make it easier to jump right in and begin exploring all your inventory.

Fleet in the nav bar

Fedora 39 vulnerability scanning​

Fedora 39 is right around the corner, with the first beta released this week. Not to be left behind we've added Fedora 39 vulnerability scanning to Mondoo, so fire up cnspec and keep that beta install secure.

Improved compliance control descriptions​

We've expanded the data that can be displayed in Compliance Control pages, so you'll always have all the details to keep your infrastructure secure. This new view includes improved description rendering and the ability to expand extra long descriptions.

Compliance control descriptions

πŸ› BUG FIXES AND UPDATES​

  • Reduce API usage for GitLab scans to avoid API rate-limiting.
  • Avoid some authentication failures when scanning GitLab projects.
  • Fix incorrect GitLab asset runtime values.
  • Improve the usage instructions in the GitLab policy with project scanning instructions.
  • Fix errors in the CIS Ensure GDM login banner is configured check when GDM files don't exist.
  • Improve output of the CIS Ensure journald is not configured to receive logs from a remote client check.
  • Add GitLab Group ID and Project ID to the asset configuration overview data.
  • Fix failures loading certain assets in the console.
  • Change the "Rational" sections in policies to "Rationale."
  • Only run the Linux Workstation Security policy when xorg-xserver is installed to prevent it from evaluating servers.
  • Update the registry to consistently refer to "query packs" as two words.
  • Improve query descriptions in the Azure Asset Inventory Pack query pack.
  • Remove a duplicate query from the Azure Asset Inventory Pack query pack.
  • Fix some query pack and policy bundle categories/authors to make filtering in the registry more consistent.
  • Support Rsyslog 7+ syntax in the CIS Ensure rsyslog is configured to send logs to a remote log host check.
  • Don't display the Assets button in Kubernetes integration pages when no assets have been scanned.
  • Allow updating the token in GitLab integrations.
  • Don't display compliance control checkboxes when a user only has view permissions in a space.

Β· 2 min read

πŸ₯³ Mondoo 8.28 is out! This release includes fine-grained GitLab scanning and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

Fine grained scanning of GitLab assets​

Mondoo now offers more detailed scanning capabilities for GitLab assets. Instead of the previous single gitlab asset, Mondoo now provides separate gitlab-group and gitlab-project assets. When scanning your GitLab group, both cnspec and cnquery now automatically detect each project within your group. This enhanced granularity in asset scans improves the accuracy of scan results and allows for setting exceptions for specific projects.

 cnspec scan gitlab --group lunalectric
β†’ loaded configuration from /Users/luna/.config/mondoo/mondoo.yml using source default
β†’ using service account credentials
β†’ discover related assets for 1 asset(s)
β†’ resolved assets resolved-assets=37
β†’ synchronize assets
lunalectric / rockets_101 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100%
lunalectric / oxygen_generator ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100%
lunalectric / space_cats ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100%
lunalectric / rover_design ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100%
lunalectric / human_habitats ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100%
...

🧹 IMPROVEMENTS​

Runtime data in AWS Lambda function resource​

The aws.lambda.function MQL resource now includes a new runtime field that displays the runtime environment of the function. Thanks for this addition @mbainter!

πŸ› BUG FIXES AND UPDATES​

  • Fix a panic viewing some asset data in the asset resources tab.
  • Add more user-friendly control titles to the SOC2 compliance framework.
  • Show 0% check completion instead of β€œUnknown” when appropriate in compliance controls.
  • Automatically close the search box when results display.
  • Fix hardware systems incorrectly identifying as Azure VMs in asset configuration data.
  • Improve reliability of the CIS Ensure GDM login banner is configured check on RHEL based systems.
  • Prevent errors in the CIS Ensure filesystem integrity is regularly checked check when the aide package is not installed.

Β· 3 min read

πŸ₯³ Mondoo 8.27 is out! This release includes asset search, improved CIS policies, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

Want to quickly find all your Debian systems or maybe the Mac laptop with a particular IT asset tag? Now you can with simple, yet powerful, search.

Search Results

Search your whole organization or limit results to a single Mondoo space.

Org or Space Search

Need to craft a more advanced query? Use GitHub-style search syntax to write powerful search queries with ease.

Advanced Search Syntax

Learn more in the Mondoo search docs.

🧹 IMPROVEMENTS​

Improved CIS policy results​

This week we further improved the reliability of our CIS benchmark policies, so you'll always have the best security compliance data for your infrastructure.

  • Fix failures in the Ensure permissions on bootloader config are configured on some Linux distributions.
  • Fix failures in the Ensure permissions on /etc/shadow- are configured when the /etc/shadow- file doesn't exist.
  • Update the Ensure local login warning banner is configured properly and Ensure remote login warning banner is configured properly checks to also ensure the /etc/issue file exists.
  • Fix failures in the Ensure permissions on /etc/issue are configured check when the /etc/issue file does not exist.
  • Fix failures in the Ensure permissions on /etc/issue.net are configured check when the /etc/issue.net file does not exist.
  • Fix failures in the Ensure permissions on /etc/gshadow- are configured and Ensure permissions on /etc/gshadow are configured checks on Debian-based systems.
  • Fix failures in the Ensure audit log storage size is configured, Ensure audit logs are not automatically deleted, and Ensure system is disabled when audit logs are full checks when the /etc/audit/audit.conf file does not exist.
  • Fix failures in the Ensure at/cron is restricted to authorized users if the /etc/cron.allow or /etc/at.allow config files don't exist.
  • Add PowerShell remediation snippets to all Windows policies.

πŸ› BUG FIXES AND UPDATES​

  • Pages in compliance that show check details now include breadcrumbs that take you back to the main compliance page.
  • Allow users to update the private key in OCI integrations.
  • Remove GCP BigQuery table count from the asset configuration overview to prevent long scan times in complex environments.
  • Show an improved empty state page on security and compliance check pages that have no assets.
  • Update the AWS integrations list page design to match other integration pages.
  • Improve the rendering of the integration list page when the last integration has been removed.
  • Fix missing check summary counts on asset pages.
  • Fix some CVE scores showing up as "None" when they should be "Critical".

Β· 3 min read

πŸ₯³ Mondoo 8.26 is out! This release includes OCI asset configuration data, improved Compliance Hub results, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

OCI asset configuration overview data​

Mondoo now shows configuration data for Oracle Cloud Infrastructure (OCI) Tenancies.

OCI Asset Configuration Data

Filter compliance results by asset type​

Compliance Hub now has buttons that let you quickly filter compliance assets by platform type. Because these group buttons in the fleet view were so helpful to users, we added them to compliance as well.

Compliance Hub Asset Groups

🧹 IMPROVEMENTS​

Improved Compliance Hub framework completion calculations​

When we set out to build Compliance Hub, we wanted to enable teams to quickly asses their compliance posture and track progress as they worked to secure systems and services. After launching Compliance Hub, we received insightful feedback from our users. Based on that feedback, this week we've improved how we report progress towards compliance completion.

Previously we calculated a space's compliance completion by the percentage of all assets that were 100% compliant. In some circumstances, the completion status could remain 0% until the team deployed one last magical fix that made all assets compliant.

Compliance Hub now calculates a space's completion as the average of all control completion percentages. Teams can now see incremental progress with each security improvement they deploy. We think this better reflects the true state of compliance and gives users the small wins they deserve as they work to secure their environments.

Improved Compliance Completion Tracking

Improved CIS policy results​

We've reworked many of our bundled CIS benchmark policies to make them more resilient and improve the rendering of scan results:

  • Rework queries in CIS AWS Foundations to improve rendering of results.
  • Improve reliability of Auditd, SELinux, and AppArmor checks in Linux policies.
  • Improve the reliability of the Ensure audit_backlog_limit is sufficient check.
  • Prevent failures in the Ensure permissions on /etc/gshadow are configured check when the file does not exist.
  • Prevent failures in the Ensure cron is restricted to authorized users check when /etc/cron.allow does not exist.
  • Expand the Ensure HTTP server is not installed check for Nginx and lighttpd in addition to Apache2.
  • Add two additional controls to the CIS AWS Foundations benchmark policy.
  • Improve reliability and result output of queries in the CIS GCP and GKE policies.
  • Improve the query output of failing Kubernetes namespaces in the Ensure that all Namespaces have Network Policies defined check.
  • Add missing audit blocks to checks in Kubernetes policies.

πŸ› BUG FIXES AND UPDATES​

  • Improve rendering of GCP tiles in the fleet view when organizations, projects, and cloud assets have scanned.
  • Fix sorting of assets by count in Security > Policies table when there are checks with 0 assets.
  • Don't show empty Manufacturer or Product configuration data on cloud assets.
  • Add the July 31, 2023 EOL date for FreeBSD 13.1.
  • Remove the unused user settings option "Send me space alerts."
  • Improve performance of reporting first time asset scans.
  • Improve error messages when scanning GCP VM instances/snapshots outside of a GCP environment.
  • Rename Oracle Cloud Infrastructure assets to Oracle Cloud Infrastructure Tenancy to better reflect that these are the OCI tenancies.
  • Show policy descriptions in the registry.
  • Show audit content in asset check pages.

Β· 2 min read

πŸ₯³ Mondoo 8.25 is out! This release includes improvements to Compliance Hub, updated CIS Debian Linux 2.0 Benchmark, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


🧹 IMPROVEMENTS​

Improved Compliance Hub experience​

We've been busy this week rolling out fixes and improvements to make Compliance Hub an even better experience.

  • The first exception on the compliance exceptions tab now automatically expands for easier viewing.
  • Compliance control pages now include tooltips for the completion column.
  • Controls listed in exceptions now link to the individual control pages.
  • The completion column in control pages now supports ascending and descending sorting.
  • The completion percentage shown for frameworks now better reflects progress.
  • There are improved recommendations when there are no checks or assets in a control.
  • Compliance completion bars in Firefox now size properly at all window dimensions.

CIS Debian Linux 10 Benchmark 2.0​

CIS Debian Linux 10 Benchmark is updated from 1.0 to 2.0. This is a massive update to the CIS benchmarks for Debian that includes the following changes:

  • 38 controls now have improved descriptions, audit instructions, and remediation steps.
  • 34 new controls now follow the "Ensure service X is not installed" method instead of "Ensure service X is disabled".
  • 58 legacy controls have been removed, including the existing "Ensure service X is disabled" controls mentioned above.

πŸ› BUG FIXES AND UPDATES​

  • Don't show duplicate checks in the registry when a policy uses variants.
  • Remove a black box displayed in the registry when a policy uses policy variants.
  • Add three additional controls to the CIS Amazon Linux 2023 policies.
  • Improved descriptions and remediation steps in the CIS Distribution Independent Linux Benchmark policies.
  • Log errors for missing API support when scanning GCP organization and projects instead of failing.
  • Give a unique name to gcp-subnetwork assets that includes the region in the name.
  • Fix the grouping of GCP organizations and projects in the fleet view.
  • Don't attempt to discover GCP projects that are marked for deletion.
  • Don't detect GCP VM instances as VM images.

Β· 3 min read

πŸ₯³ Mondoo 8.24 is out! This release includes NIST SP 800-171 compliance, CIS AWS Foundations Benchmark 2.0, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

NIST SP 800-171 Framework​

Mondoo Compliance Hub now includes the NIST SP 800-171 framework, raising the total number of out-of-the-box compliance frameworks to ten. Each of the 110 controls in this framework automatically map to the checks in your infrastructure, so with a flip of a switch you can start your NIST SP 800-171 and see where you stand.

Compliance Hub - NIST SP 800-171

🧹 IMPROVEMENTS​

Improved asset configuration data for GCP projects​

GCP project assets in the fleet now include additional asset configuration data, so you can always understand what's being scanned at a quick glance.

GCP Project Configuration Data

CIS Amazon Web Services (AWS) Foundations Benchmark 2.0​

The CIS Amazon Web Services (AWS) Foundations Benchmark is updated to the latest 2.0 release. This updated benchmark includes a number of important updates to make securing your AWS environment easier:

  • Adds a new check to ensure that EC2 metadata service requires IMDSv2
  • Adds a new check to restrict the usage of AWS CloudShell
  • Removes the check that ensures all S3 buckets have encryption at rest enabled because this feature is now enabled automatically
  • 22 updated checks with improved audit and remediation steps

πŸ› BUG FIXES AND UPDATES​

  • Fix errors determining cloud configuration for containers.
  • Improve slow scan times while waiting on policy data.
  • Resolve a panic loading some queries in the resource explorer.
  • Fix organization overview dashboard to ignore data below 0.
  • Improve reliability of queries in the CIS Distribution Independent Linux Benchmark policy.
  • Update CIS Windows policy scoring to match that of non-Windows CIS benchmarks.
  • Improve the reliability of the GitHub Organization Security and GitHub Repository Security policy SECURITY.md checks.
  • Fix incorrect text on the org and space level service account pages.
  • Improve padding in the asset page configuration tiles.
  • Improve the display of various compliance pages when there is not data.
  • Fix an error in the asset overview data when the cloud could not be properly detected.
  • Fix failures scanning OCI via the integration.
  • Adjust impact scores in the Mondoo Linux Security and CIS Distribution Independent Linux Benchmark policies.
  • Don't show buttons to create new spaces when users only have Viewer privileges.
  • Fix the Kubernetes operator to properly garbage collect old node scans when only node scanning is enabled.
  • Display CVSS 3.1 CVE scores when available.

Β· 2 min read

πŸ₯³ Mondoo 8.23 is out! This release includes Mondoo Compliance Hub, improved asset configuration data, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

Compliance Hub​

Are you struggling to achieve compliance with frameworks such as SOC 2, HIPAA, BSI, or PCI? Let the new Mondoo Compliance Hub do the heavy lifting for you. It automatically maps all of your existing security scans into the top compliance frameworks, allowing you to quickly view your progress towards compliance. And best of all, you'll never have to take a screenshot for manual evidence gathering again.

Learn more in our Simplifying Compliance: Introducing the Mondoo Compliance Hub blog post.

🧹 IMPROVEMENTS​

Improved asset configuration data​

Last week we added new asset configuration data to the console, so you can quickly understand what Mondoo is scanning and where to find it in your infrastructure. This week we've improved that experience with an updated layout on the asset pages, improved DB type names for AWS RDS instances, and new data collection on Slack and Okta assets.

VMware policy improvements​

  • Update CIS VMware ESXi 6.7 Benchmark from 1.2 to 1.3 with improved audit and remediation steps.
  • Rework queries in CIS ESXi 6.7 and 7.0 benchmarks for improved reliability.

πŸ› BUG FIXES AND UPDATES​

  • Fix failures loading AWS assets in the console.
  • Fix failure applying MS365 policies.
  • Update the VMware appliance to Debian 12.
  • Improve Linux OpenSSH checks to only run when OpenSSH is installed.
  • Improve Ensure SSH Protocol is set to 2 Linux query to only run on the appropriate OpenSSH releases.
  • Improve Ensure access to the su command is restricted Linux query to account for admin or mondoo users.
  • Improve Postfix queries to also ensure that Postfix is running.
  • Update Linux policies to use the port resource instead of the deprecated socketstats resource.
  • Use bool value and not pointer in aws.ec2.networkacl.entry.egress resource.
  • Fix an issue that made MQL query compilation non-deterministic.
  • Improve support for services on SUSE systems.
  • Fix some package queries hanging on SUSE systems.
  • Don't include ignored checks in the asset "Top Recommended Actions" tile.

Β· 3 min read

πŸ₯³ Mondoo 8.22 is out! This release includes new asset configuration data, updated CIS policies, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

New asset configuration insights​

Have you ever struggled to respond to a security alert because you couldn't locate the asset in your infrastructure? Now with Mondoo, you can quickly track down assets in your environment, thanks to new asset configuration information available in the Mondoo console. This new configuration data includes important asset metadata such as accounts and regions for cloud assets or make, model, and serial number for physical assets. Mondoo automatically collects this data so you don't have to worry about enabling additional policies or query packs.

Example cloud asset:

Cloud asset configuration information

Example physical asset:

Employee laptop configuration information

🧹 IMPROVEMENTS​

See who set up integrations​

Want to know whom to thank for setting up infrastructure integrations in Mondoo? Each integration in Mondoo now shows the creator so you can quickly see who's been busy securing infrastructure in your organization.

Integration with username

CIS AWS Foundations Benchmark 2.0​

Mondoo now includes the CIS AWS Foundations Benchmark policy version 2.0. This updated release includes two new controls to ensure AWS CloudShell access is restricted and to ensure that instances only allow metadata access via IMDSv2. The policy also includes 22 updated controls with improved audit and remediation steps.

CIS Amazon EKS Benchmark 1.3.0​

Mondoo now includes the CIS AWS EKS Benchmark policy 1.3.0. This updated release replaces checks for the deprecated Pod Security Policy system with Pod Security Standards instead. It also includes six updated controls with improved audit and remediation steps.

aws.rds.dbinstance Automatic Upgrade field​

The aws.rds.dbinstance MQL resource now includes a new autoMinorVersionUpgrade field that identifies if automatic minor version upgrades are enabled for the RDS instance.

πŸ› BUG FIXES AND UPDATES​

  • Don't hang waiting on Zypper CLI input when scanning SUSE hosts.
  • Detect SUSE 11 and earlier platforms where /etc/os-release is absent.
  • Fix failures scanning containers on the latest Docker releases.
  • Prevent cnspec service checks from potentially rebooting sys-v init based SUSE 11 and earlier.
  • Fix failures scanning new AWS instances created from the AWS Lambda integration.
  • Fix failing ECR image scans from the AWS Lambda integration.
  • Don't display the Show all policies button on assets when all policies are already showing.
  • Improve the display of current AWS resources from within the AWS Integration page.
  • Stop the packages list in the asset Platform Vulnerabilities tab from reloading twice.
  • Fix a double refresh when selecting asset CVEs.
  • Improve alignment of data on the Platform Vulnerabilities page.
  • Fix Load More pagination on the CVEs page.
  • Fix query results that returned cannot convert primitive with NO type information.
  • Remove empty Impact sections from CIS benchmark policies.
  • Improve MQL query formatting in policies to improve readability.
  • Add a friendly message when an asset has no annotations so it's more clear how to create an annotation.
  • Warn before leaving Risk Actions midway through creating a plan.
  • Fix panics loading some asset data.
  • Improve the display of organization dashboard graphs on tablets.
  • Improve several AWS platform titles.
  • Fix failures using hashi-vault with local inventory files.

Β· 3 min read

πŸ₯³ Mondoo 8.21 is out! This release includes loads of new CIS policies, performance improvements, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

New CIS policies for OCI, OpenShift, and Amazon 2023​

We've been busy pulling in the latest CIS policies for your growing infrastructure, with five new policies this week to help you secure the latest platforms:

  • CIS Red Hat OpenShift Container Platform v4 Benchmark - Level 1
  • CIS Red Hat OpenShift Container Platform v4 Benchmark - Level 2
  • CIS Amazon 2023 Benchmark - Level 1
  • CIS Amazon 2023 Benchmark - Level 2
  • CIS Oracle Cloud Infrastructure Foundation Benchmark - Level 1

🧹 IMPROVEMENTS​

Improved policy formatting​

The cnspec bundle lint command has seen improvements to better handle multi-line queries. These queries will now automatically format on individual lines so you can more easily read your policies.

Before:

mql: "users.where(\n  shell.contains(\"nologin\") == false && shell.contains(\"false\") == false\n  && name != \"sync\" && name != \"shutdown\" && name != \"halt\" \n).list {\n  file(home) {exists}\n}\n"

After:

mql: |
users.where(
shell.contains("nologin") == false && shell.contains("false") == false
&& name != "sync" && name != "shutdown" && name != "halt"
).list {
file(home) {exists}
}

Improved performance​

Who doesn't like getting the same thing, only faster? We optimized how we deliver policy data from Mondoo Platform to our clients to make your scans even quicker. Expect to save around 1.5 seconds on each scan. We hope you make the best of this time windfall.

πŸ› BUG FIXES AND UPDATES​

  • Accept Jira project IDs in any case.
  • Suggest CIS GitHub Benchmark policy after setting up a GitHub integration.
  • Show Debian 11/12 security update repository packages in CVE scan results.
  • Fix assets failing to load in the console under some circumstances.
  • Fix CIS Amazon Linux 2 benchmark policies incorrectly applying to Amazon Linux 2023 hosts.
  • Fix failures when EBS volume scanning Amazon 2023 instances.
  • Fix Oracle Linux 8/9 vulnerability scans showing already installed updates for some packages.
  • Fix typos in the Okta Organization Security policy’s query UIDs. Thanks @moeterich.
  • Improve reliability of data exports when data is malformed.
  • Improve reliability of queries in CIS Windows Benchmark policies.
  • Improve reliability of the chrony and timesyncd checks in the Operational Best Practices for Time Synchronization policy.
  • Improve Jira host validation during the integration setup.
  • Improve policy search results in the registry.
  • Improve consistency of CIS benchmark names and query UIDs.
  • Improve queries in CIS Kubernetes Benchmark policies.
  • Rework CIS policies to include groups for better display in the registry.
  • Show an error if a policy cannot be removed from the registry.

Β· 2 min read

πŸ₯³ Mondoo 8.20 is out! This release includes Azure Blob Storage exports, updated asset inventory data, and more!​

Get this release: Installation Docs | Package Downloads | Docker Container


πŸŽ‰ NEW FEATURES​

Azure Blob Storage exports​

Continuously export your Mondoo security scan data to Azure storage blobs where external systems like Splunk can consume it.

Azure Blog Storage Exports

🧹 IMPROVEMENTS​

Expanded Linux / macOS inventory packs​

The macOS Inventory Pack and Linux Inventory Pack now include additional information to better identify systems in your infrastructure with CPU, memory, storage, and hardware model data collection.

Example output on macOS:

Retrieve the amount of physical memory:
parse.json.params[SPHardwareDataType].first[physical_memory]: "16 GB"

Retrieve the hostname:
os.hostname: "Tim-Smith.local"

Retrieve the machine model identifier:
parse.json.params[SPHardwareDataType].first[machine_model]: "MacBookPro18,3"

Retrieve the machine model name:
parse.json.params[SPHardwareDataType].first[machine_name]: "MacBook Pro"

Retrieve the model part number:
parse.json.params[SPHardwareDataType].first[model_number]: "MKGQ3LL/A"

Retrieve the system serial number:
parse.json.params[SPHardwareDataType].first[serial_number]: "GGJXG21234"

Retrieve the type of CPU:
parse.json.params[SPHardwareDataType].first[chip_type]: "Apple M1 Pro"

Example output on Linux:

Retrieve the size and filesystem type of the root volume:
command.stdout.trim: "56G ext4"

Retrieve the system manufacturer:
machine.baseboard.manufacturer: "ASUSTeK COMPUTER INC."

Retrieve the system product name:
machine.baseboard.product: "H87I-PLUS"

Retrieve the type of CPU:
command.stdout.trim: "Intel(R) Core(TM) i7-4785T CPU @ 2.20GHz"

Retrieve the amount of physical memory:
command.stdout.trim.+: "16636M"

πŸ› BUG FIXES AND UPDATES​

  • Discover private repos when scanning GitHub organizations.
  • Add --discover organization to the GitHub provider to scan just the organization itself, not repos within the organization.
  • Remove unnecessary AWS tag collection from the AWS global DynamoDB table discovery.
  • Don't collect the root user in "Collect regular user" query pack queries.
  • Add missing impact to CIS GKE Benchmark Level 1.
  • Don't show the unnecessary Mondoo Job Environment platform overview information for Kubernetes assets.
  • Fix the Mondoo Kubernetes Operator to properly report container scanning status.
  • Don't fail a data export if CVE data cannot be found.
  • Ensure that all JSON data in exports can be properly parsed by Splunk.
  • Ensure Azure question packs in the registry show the correct icons.