Skip to content

Mondoo Blog

Christoph HartmannMarch 22, 20235 min read

Secure Your SaaS Applications with Mondoo's Open SSPM Solution

The modern business landscape is evolving rapidly, with more and more organizations ...
Start Reading
Patrick MünchMarch 15, 20236 min read

Secure Industry 4.0 with xSPM

Industry 4.0 has introduced a new level of integration between IT and operations ...
Start Reading
Dominik RichterMarch 14, 202316 min read

ICYMI: Mondoo Release Highlights for February 2023

Welcome to February 2023 release highlight of Mondoo. We are thrilled to announce the ...
Start Reading
Tim SmithMarch 10, 20236 min read

Container Image Security: Protecting Against CVEs

As a developer or security engineer you’re probably aware of the importance of ...
Start Reading
Patrick MünchMarch 10, 20235 min read

Fix Critical Word RTF Font Table Heap Bug CVE-2023-21716: Open Source Solution

Microsoft Word is an essential tool used by individuals and businesses globally. However, ...
Start Reading
Dominik RichterMarch 9, 20231 min read

Mondoo v8: Enhanced Policies & Query Packs for Simplified Security Posture

Get ready to enhance your security posture with Mondoo v8, our latest version featuring ...
Start Reading
Patrick MünchMarch 1, 20232 min read

Understanding the Differences Between xSPM and CSPM: Which Solution is Right for Your Organization?

In today's digital landscape, organizations need to ensure the security and compliance of ...
Start Reading
Christoph HartmannMarch 1, 20231 min read

Mondoo Launches Cloud-Based Enterprise Solution for Highly Regulated Industries

If you're in a highly regulated industry like healthcare, government or finance, data ...
Start Reading
Tim SmithFebruary 23, 20236 min read

Exploring the Latest Security Features in Ubuntu 22.10

If you're a sysadmin considering updating your desktop deployments or running non-LTS ...
Start Reading
Tim SmithFebruary 15, 20231 min read

Streamline Cloud Security with Mondoo's Open CSPM Solution

Securing cloud environments can be a challenging task for security and platform ...
Start Reading
Patrick MünchFebruary 13, 20235 min read

Maximizing Security with xSPM: Separation of Powers

Separation of powers in infrastructure security is crucial to reducing the risk of a ...
Start Reading
Dominik RichterFebruary 8, 202320 min read

ICYMI: Mondoo Release Highlights for January 2023

With the new year starting, we have already a number of exciting updates for the new ...
Start Reading
Christoph HartmannFebruary 7, 20232 min read

Protect Your VMware ESXi Servers from ESXiArgs Ransomware with CVE-2021-21974 Patch

VMware ESXi servers have been targeted by a new ransomware called ESXiArgs. The attackers ...
Start Reading
Christoph HartmannFebruary 7, 20231 min read

Kubernetes Security Posture Management: Protecting Your Cluster and Workloads

Recently, I had the opportunity to talk with Bhavin and Ryan from Kubernetes Bytes about ...
Start Reading
Patrick MünchFebruary 1, 20232 min read

Securing Your Infrastructure: A Guide to Extensible Security Posture Management (xSPM)

Are you looking to improve your organization's security posture? Look no further than ...
Start Reading
Victoria JeffreyJanuary 31, 20233 min read

Understanding cnquery and cnspec: Open Source CLI Security Tools

If you're looking to improve the security of your infrastructure, cnquery and cnspec are ...
Start Reading
Ben RockwoodJanuary 30, 20231 min read

Mondoo Secures SOC 2 Type 1 Certification

Mondoo is proud to announce that we have achieved SOC 2 Type 1 certification, ...
Start Reading
Victoria JeffreyJanuary 23, 20232 min read

Detect Host Misconfigurations with Open-Source, Agentless cnspec

Assessing and remediating host misconfigurations is critical to maintaining a secure ...
Start Reading
Patrick MünchJanuary 12, 20232 min read

SSL/TLS Certificate Verification: How to Identify Expired Certificates

Start Reading
Dominik RichterJanuary 5, 20236 min read

Why MQL: An Extension of GraphQL

MQL is Mondoo’s own GraphQL-based query and policy language for exploring and testing ...
Start Reading
Patrick MünchJanuary 4, 202313 min read

A Complete Guide to Easy VMWare Patch Management

What is patch management? Patch management is the process of distributing and applying ...
Start Reading
Patrick MünchDecember 23, 20222 min read

Critical Linux Vulnerability (ZDI-22-1690, ZDI-CAN-17816): Find and Fix with cnquery

The Zero Day Initiative issued on 22 December 2022 a new critical Linux Kernel ...
Start Reading
Dominik RichterDecember 23, 202215 min read

ICYMI: Mondoo Release Highlights for November 2022

As the year is coming to a close, we have a lot of exciting changes to share from our ...
Start Reading
Letha DunnDecember 15, 20229 min read

Agent-Based or Agentless Cloud Security Scanning

Have you ever asked a group of security or operations engineers which is better: ...
Start Reading
Patrick MünchDecember 12, 202215 min read

How to Fix the PrintNightmare (CVE-2021-34527 / KB5004948) Vulnerability

This article lets you walk in a hacker's shoes. It provides step-by-step instructions for ...
Start Reading
Victoria JeffreyDecember 6, 20221 min read

Finding Lost AWS Resources with cnquery

We all understand that resources get lost in the cloud. Between working across regions, ...
Start Reading
Manuel WeberDecember 5, 20224 min read

Automating the NSA Kubernetes Hardening Guide with Mondoo

A quick introduction to the Kubernetes Hardening Guide by the NSA and CISA The NSA and ...
Start Reading
Victoria JeffreyDecember 2, 20221 min read

Side Scanning EC2 Instances with cnspec

Just when you think you can’t have it all, you can.
Start Reading
Tim SmithDecember 1, 20224 min read

How to secure your Amazon EKS Cluster

Sometimes when you're running Kubernetes workloads in AWS using EKS, it feels like Amazon ...
Start Reading
Victoria JeffreyNovember 25, 20221 min read

Reveal Vulnerabilities in AWS EC2 Instances with cnspec

Vulnerabilities are bad. We all know this. They expose your infrastructure to attackers.
Start Reading
Ben RockwoodNovember 24, 20224 min read

Top 5 Security Themes from Kubecon North America 2022

KubeCon + CloudNativeCon North America 2022 may have come and gone but the learning ...
Start Reading
Dominik RichterNovember 22, 202218 min read

ICYMI: Mondoo Release Highlights for October 2022

We hit a major milestone in October: Mondoo version 7! For important information about ...
Start Reading
Letha DunnNovember 16, 202216 min read

Should Your Infrastructure Security Shift Left or Right?

A darling of conference talks, videos, and articles, shift left security has generated ...
Start Reading
Ivan MilchevNovember 7, 20222 min read

The Debut of DevOpsDays Eindhoven

The very first edition of devopsdays Eindhoven was something special. Among the local ...
Start Reading
Christoph HartmannNovember 1, 20227 min read

High OpenSSL Vulnerabilities (CVE-2022-3602 & CVE-2022-3786): Find, Fix, and Enforce Through Open Source

Find the OpenSSL high vulnerabilities (CVE-2022-3602 and CVE-2022-3786) in your ...
Start Reading
Dominik RichterNovember 1, 20224 min read

New OSS Security Projects: cnquery and cnspec

Introducing cnquery and cnspec Maintaining real-time insights into the current state of ...
Start Reading
Tim SmithOctober 26, 20224 min read

You Asked, We Delivered! Full-Stack Kubernetes Security

Mondoo's new full-stack Kubernetes security answers with unrivaled detail and clarity: ...
Start Reading
Dominik RichterOctober 25, 202212 min read

ICYMI: Mondoo Release Highlights for September 2022

Welcome to the September 2022 recap of Mondoo releases. We are a bit late this month, ...
Start Reading
Scott FordOctober 19, 20227 min read

Security Automation Takes Center Stage at HashiConf 2022

HashiConf Global 2022 wrapped up the first week of October in sunny Los Angeles, CA. We ...
Start Reading
Tim SmithOctober 18, 20222 min read

DevOps Days Chicago Recap

DevOps Days Chicago returned to action this September 21st and 22nd, and Mondoo was there ...
Start Reading
Yvo van DoornOctober 12, 20221 min read

sec4dev 2022: Security for All

Recently, Mondoonauts had the pleasure of sponsoring the 2022 sec4dev conference in ...
Start Reading
Tim SmithOctober 5, 20223 min read

Kubernetes Security: Don’t Forget the Nodes

Kubernetes has allowed us to shift from a server-centric deployment mindset to an ...
Start Reading
view raw