Securing Your Infrastructure: A Guide to Extensible Security Posture Management (xSPM)
Are you looking to improve your organization's security posture? Look no further than ...
Understanding cnquery and cnspec: Open Source CLI Security Tools
If you're looking to improve the security of your infrastructure, cnquery and cnspec are ...
Mondoo Secures SOC2 Type 1 Certification
Mondoo is proud to announce that we have achieved SOC2 Type 1 certification, ...
Detect Host Misconfigurations with Open-Source, Agentless cnspec
Assessing and remediating host misconfigurations is critical to maintaining a secure ...
SSL/TLS Certificate Verification: How to Identify Expired Certificates
Why MQL: An Extension of GraphQL
MQL is Mondoo’s own GraphQL-based query and policy language for exploring and testing ...
A Complete Guide to Easy VMWare Patch Management
What is patch management? Patch management is the process of distributing and applying ...
Critical Linux Vulnerability (ZDI-22-1690, ZDI-CAN-17816): Find and Fix with cnquery
The Zero Day Initiative issued on 22 December 2022 a new critical Linux Kernel ...
ICYMI: Mondoo Release Highlights for November 2022
As the year is coming to a close, we have a lot of exciting changes to share from our ...
Agent-Based or Agentless Cloud Security Scanning
Have you ever asked a group of security or operations engineers which is better: ...
How to Fix the PrintNightmare (CVE-2021-34527 / KB5004948) Vulnerability
This article lets you walk in a hacker's shoes. It provides step-by-step instructions for ...
Finding Lost AWS Resources with cnquery
We all understand that resources get lost in the cloud. Between working across regions, ...
Automating the NSA Kubernetes Hardening Guide with Mondoo
A quick introduction to the Kubernetes Hardening Guide by the NSA and CISA The release of ...
Side Scanning EC2 Instances with cnspec
Just when you think you can’t have it all, you can.
How to secure your Amazon EKS Cluster
Sometimes when you're running Kubernetes workloads in AWS using EKS, it feels like Amazon ...
Reveal Vulnerabilities in AWS EC2 Instances with cnspec
Vulnerabilities are bad. We all know this. They expose your infrastructure to attackers.
Top 5 Security Themes from Kubecon North America 2022
KubeCon + CloudNativeCon North America 2022 may have come and gone but the learning ...
ICYMI: Mondoo Release Highlights for October 2022
We hit a major milestone in October: Mondoo version 7! For important information about ...
Should Your Infrastructure Security Shift Left or Right?
A darling of conference talks, videos, and articles, shift left security has generated ...
The Debut of DevOpsDays Eindhoven
The very first edition of devopsdays Eindhoven was something special. Among the local ...
High OpenSSL Vulnerabilities (CVE-2022-3602 & CVE-2022-3786): Find, Fix, and Enforce Through Open Source
Find the OpenSSL high vulnerabilities (CVE-2022-3602 and CVE-2022-3786) in your ...
New OSS Security Projects: cnquery and cnspec
Introducing cnquery and cnspec Maintaining real-time insights into the current state of ...
You Asked, We Delivered! Full-Stack Kubernetes Security
Mondoo's new full-stack Kubernetes security answers with unrivaled detail and clarity: ...
ICYMI: Mondoo Release Highlights for September 2022
Welcome to the September 2022 recap of Mondoo releases. We are a bit late this month, ...
Security Automation Takes Center Stage at HashiConf 2022
HashiConf Global 2022 wrapped up the first week of October in sunny Los Angeles, CA. We ...
DevOps Days Chicago Recap
DevOps Days Chicago returned to action this September 21st and 22nd, and Mondoo was there ...
sec4dev 2022: Security for All
Recently, Mondoonauts had the pleasure of sponsoring the 2022 sec4dev conference in ...
Kubernetes Security: Don’t Forget the Nodes
Kubernetes has allowed us to shift from a server-centric deployment mindset to an ...
The 2022 Security Conference Trifecta
As summer comes to a close it’s a good time to reflect on “Security Summer Camp,” the ...
Mondoo’s Packer Plugin Earns Verified Status with HashiCorp
The Mondoo team has two exciting announcements: We’re now a member of the HashiCorp ...
Mondoo’s Full-Stack Security Platform Is Now Red Hat Certified
Mondoo’s full-stack security platform has always featured industry-leading operating ...
ICYMI: Mondoo Release Highlights for August 2022
Welcome to the August 2022 recap of Mondoo releases. We have a lot of exciting changes to ...
A Complete Guide to Easy Windows Patch Management
What is patch management? Patch management is the process of distributing and applying ...
Full-Stack Kubernetes Security: Mondoo Operator for Kubernetes 1.0
Protecting your Kubernetes infrastructure from attackers requires deep integration and a ...
A Complete Guide to Easy Linux Patch Management
What is patch management? Patch management is the process of distributing and applying ...
How to Handle a Ransomware Incident
A ransomware incident stresses an IT organization to its very limits and brings a company ...
What in the World Is a CNAPP (and Do I Need One)?
You’ve heard your CISO talking about CNAPPs (along with CSPM, CWPP, and so on). What is a ...
SCaLE 19x Recap
The 19th “Annual” Southern California Linux Expo (SCaLE) has come and gone. Originally ...
ICYMI: Mondoo Release Highlights for July 2022
Welcome to the July 2022 recap of Mondoo releases.
What Do the New Security Guidelines for PowerShell Mean for You?
Cybersecurity agencies in the US, UK, and New Zealand have issued new recommendations for ...
Exposing What's Under the Hood of Ransomware Attacks
Ransomware is devastating to a company because it damages critical data. During an ...
CVEs: Close the Gaps That Let in Attackers
IT organizations are making cybercrime too easy. Projects like the National Vulnerability ...