Skip to content

Releases: mondoohq/cnspec-policies

v2.21.0

04 Dec 05:38
791caaf
Compare
Choose a tag to compare

What's Changed

  • More improvements to the Mondoo Linux Security policy by @tas50 in #451
  • fix dmarc checks in mail policy by @atomic111 in #456

Full Changelog: v2.20.0...v2.21.0

v2.20.0

18 Nov 08:28
38e0723
Compare
Choose a tag to compare

What's Changed

  • 🧹 Improving azure policies - Blob storage by @HRouhani in #440
  • 🧹 Improving azure policies by @HRouhani in #441
  • Azure version Update by @HRouhani in #442
  • Sync over the latest and greatest spellcheck config by @tas50 in #443
  • Bump check-spelling/check-spelling from 0.0.23 to 0.0.24 by @dependabot in #444
  • 🧹 Fix a couple auditd-related checks by @mm-weber in #445
  • Improve formatting + checks in Mondoo Linux policy by @tas50 in #446
  • More updates to the Linux policy by @tas50 in #447
  • Fix aide setup instruction + SSH v2 check by @tas50 in #448
  • Improve formatting of remediation steps by @tas50 in #449

Full Changelog: v2.19.0...v2.20.0

v2.19.0

06 Oct 13:29
42b693b
Compare
Choose a tag to compare

What's Changed

  • Bump contributor-assistant/github-action from 2.5.1 to 2.6.0 by @dependabot in #435
  • 🧹 fix: Ensure root group is empty by @mm-weber in #437
  • 🧹 Update github policies to use new resource fields by @jaym in #436
  • Bump contributor-assistant/github-action from 2.6.0 to 2.6.1 by @dependabot in #438
  • fix sentinelone check in edr policy by @atomic111 in #439

Full Changelog: v2.18.0...v2.19.0

v2.18.0

17 Sep 18:17
2c8432f
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.17.0...v2.18.0

v2.17.0

23 Aug 16:21
573a15c
Compare
Choose a tag to compare

What's Changed

  • 🧹 Fix: Container image pull should be consistent by @mm-weber in #406
  • 🧹 Fix pq: unsupported Unicode escape sequence in Kubernetes Cluster and Workload Security by @mm-weber in #408
  • fix powershell remediation script by @atomic111 in #410
  • 🧹 Minor windows improvements by @HRouhani in #411
  • 🧹 K8s: Update checks related to workload and securityContext by @mm-weber in #412
  • Adds support for Wazuh to EDR policy by @scottford-io in #413
  • 🧹 Fixes double mql issues: Mondoo Linux Policy by @mm-weber in #415
  • 🧹 quick fix props: by @mm-weber in #417
  • 🧹 Improving windows policies by @HRouhani in #418
  • Discretionary access control permission regex rule not consistent with remediation by @ceso in #404
  • add titles for each edr variant by @atomic111 in #419
  • Removed check for running sentineld-shell by @marcelhuth in #422
  • 🧹 Mondoo Linux Policy - Fix: Don't run kernel.parameters checks from inside containers by @mm-weber in #424
  • ⭐️ introduce property for gh release branches by @chris-rock in #423
  • ⭐️ Add Sophos Endpoint Defense to EDR Policy by @tomtrix in #421
  • ⭐️ Adding Dockerfile best Security practices by @HRouhani in #426
  • Bump contributor-assistant/github-action from 2.4.0 to 2.5.1 by @dependabot in #428
  • 🧹 update aws policy asset filter by @chris-rock in #429
  • ⭐️ add recommendations from OWASP HTTP Security Response Headers by @chris-rock in #427

New Contributors

Full Changelog: v2.16.0...v2.17.0

v2.16.0

07 Jun 12:44
c393a41
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.15.0...v2.16.0

v2.15.0

29 Apr 20:02
cf4c984
Compare
Choose a tag to compare

What's Changed

Full Changelog: v2.14.0...v2.15.0

v2.14.0

17 Apr 08:27
0bc544d
Compare
Choose a tag to compare

What's Changed

  • ✨ Mondoo Email Security- added: Ensure Reverse IP Lookup PTR record is set by @mm-weber in #346
  • Bump peter-evans/repository-dispatch from 2 to 3 by @dependabot in #343
  • ✨ Update to v9/variants: Google Cloud (GCP) Security by @mm-weber in #347
  • Update platform metadata for the registry by @tas50 in #350
  • ⭐️ update macos policy by @atomic111 in #349
  • added subject alternate name support by @schnipschnap in #351
  • ⭐ Update Mondoo Azure Policy to variants: by @mm-weber in #348
  • 🧹 Increasing the min password length by @HRouhani in #353
  • add check to test if macOS is up to date by @atomic111 in #356
  • Fix docs link + update spellcheck by @tas50 in #357
  • guid for powershell commands by @schnipschnap in #358
  • adding discrimination between DC and MS by @schnipschnap in #355
  • update the macOS up to date query, get actionable output by @atomic111 in #360
  • New policy to check if the EDR solution is running by @atomic111 in #359
  • Add more forbidden patterns to spellcheck by @tas50 in #354
  • Updates to the spellcheck patterns by @tas50 in #362
  • Be more specific in the EDR filter by @tas50 in #361
  • improve asset filter for email security policy by @atomic111 in #363
  • Bump softprops/action-gh-release from 1 to 2 by @dependabot in #364
  • Simplify asset check filters by @tas50 in #365
  • 🧹 Azure NSG checks - Fix bug by @mm-weber in #367
  • Bump contributor-assistant/github-action from 2.3.1 to 2.3.2 by @dependabot in #368
  • 🧹 Windows : change from OsLocale to OsLanguage by @HRouhani in #369
  • Remove dead link to open registry + spellcheck updates by @tas50 in #370
  • add ESET solution to edr policy by @atomic111 in #372
  • add policy to identify xz backdoor by @atomic111 in #373
  • fix title of the check in xz vuln policy by @atomic111 in #376
  • ignore deactivated users in Slack 2FA check by @jaybrueder in #375
  • 🧹 Fix MacOS issues: Ensure Bluetooth Sharing Is Disabled && more by @mm-weber in #377
  • 🧹 macOS: Improve desc: Enable FileVault by @mm-weber in #379
  • fix http policy to produce better output by @atomic111 in #380
  • add policy to check the if the hardware is windows 11 compatible by @atomic111 in #374
  • Fix name of policy file by @tas50 in #381
  • 🧹 Updating Azure Policies to Align with Recent Azure Ecosystem Developments by @HRouhani in #378
  • 🧹 Fixing Azure Lint issue - extra mql by @HRouhani in #382

New Contributors

Full Changelog: v2.13.0...v2.14.0

v2.13.0

06 Feb 21:46
3753f36
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v2.12.0...v2.13.0

v2.12.0

03 Jan 18:24
e64ae24
Compare
Choose a tag to compare

What's Changed

  • 🎉 introduce props for Windows RDP max idle time check by @atomic111 in #307
  • Fix remediation for sshd ClientAliveInterval by @tomtrix in #308
  • Improve the titles of AWS checks by @tas50 in #311
  • Update more titles for consistency by @tas50 in #312
  • Capitalize Terraform in policies by @tas50 in #313
  • Add spaces to headers by @tas50 in #314
  • Improve codeblocks in the k8s policy by @tas50 in #317
  • Update impact scores for Chef policies by @tas50 in #310

New Contributors

Full Changelog: v2.11.0...v2.12.0