Welcome to the April 2022 recap of Mondoo releases. There are many updates that we hope you will like, including:
The Mondoo AWS integration now includes the ability to scan instances using instance EBS volume data. This method does not require credentials or a client installation, and can even scan stopped instances. On the AWS integration configuration page, users can enable this feature and change how scanning occurs.
We have expanded our support for Microsoft Windows across a number of operating systems:
We have also added a few custom resources for Windows:
The search box on the FLEET page now filters assets by tags and annotations. This simple feature adds a lot of power! For example, you can now search across multiple AWS accounts for assets with the same tag.
As cool as this is, we'll do you one better: you can also search across multiple cloud providers, or GitHub accounts, or... you get the idea.
Mondoo automatically imports tags for these assets during the integration setup. Also, Mondoo now automatically gathers more CI environment labels on GitLab, GitHub Actions, and Travis-CI.
To create custom annotations for any assets when scanning them via the Mondoo agent, you can configure them either in the UI or the CLI.
In the UI, you can configure custom annotations in each asset’s configuration tab:
For the CLI-based approach, you configure the desired annotations in your agent’s configuration file. Here is an example:
---
annotations:
mdm: by-bob
This will add all provided annotations to these assets and allow you to use them in custom searches.
The Mondoo Web Console has two new sets of graphs to help you see the state of your assets at a glance!
First, the new radial graphs now show the breakdown of your assets by score. Mouse hovers provide more detailed information from the dashboard.
Second, on the FLEET page, you'll see a new bar graph showing the same distribution of assets by letter grade.
This graph provides fast insights about your assets and fleet, and it also looks great!
Mondoo has moved to .com! As of April 12th, we’ve officially migrated our web console to https://console.mondoo.com and our API to https://us.api.mondoo.com
. The previous URLs will redirect to the new locations until they reach EOL later this year. We encourage you to update your bookmarks and Mondoo Client configurations. All new configurations generated by Mondoo will use the new API location.
Mondoo 5.34.1 includes a migrate
sub-command that can automatically update your Mondoo configuration to the new API endpoint:
## Check which API Endpoint we're using:
$ cat .config/mondoo/mondoo.yml | yq .api_endpoint
https://api.mondoo.app
## Upgrade the config:
$ mondoo migrate
→ Migrate Mondoo CLI configuration:
→ loaded configuration from /home/benr/.config/mondoo/mondoo.yml
→ saving mondoo config path=/home/benr/.config/mondoo/mondoo.yml
→ migrated configuration successfully
## Check the new API endpoint:
$ cat .config/mondoo/mondoo.yml | yq .api_endpoint
https://us.api.mondoo.com # <-- Good!
We released 3 new policies:
Additionally, Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8 have now both been CIS-certified, alongside Ubuntu 20.04.
Vulnerability and advisory detection has been expanded to:
EOL detection has been expanded to:
Additionally we updated the following policies:
You can find all of these policies in your Policy Hub by clicking “Add Policies.”
The Mondoo Kubernetes Operator has been updated with Kubernetes Workload and Deployment scanning and the ability to scan Rancher-provisioned control plane and etcd nodes.
The Mondoo Kubernetes operator's admission controller now includes full scanning of each Kubernetes deployment and pod. With the admission controller enabled, these scans display on the FLEET page.
Additionally:
See the mondoo-operator repo for more details. Stay tuned for a guided operator setup and improved UI experience coming soon.
You can now identify the system you're scanning through the ssh-host-key with the --id-detector CLI flag.
mondoo scan --id-detector ssh-host-key
A new user setting allows you to change the entire UI to a color palette accessible to users with deuteranomaly, tritanomaly, or protanomaly.
Mondoo now detects and scans the Pop!_OS Linux distribution by System76.
The mondoo policy describe
and mondoo policy list
commands have been updated with a fresh new output format to improve readability. mondoo policy list
now also includes policy version information, and a new --list-all
flag lets you list all private, public, and enabled policies at once.