Skip to main content

How You Can Use Mondoo


Mondoo is a cloud security platform for infrastructure developers. Using Mondoo, your team will get automated risk assessment and real-time insights into all of your business critical infrastructure, across all of your infrastructure platforms.

Policy as Code

Security policies, compliance frameworks, or other types of regulatory policies, typically start in the form of a document that describes the policy, the rationale for it, as well as the impact, risk, or consequence if the policy is not followed. Some of the best examples of security policies are the CIS Benchmarks which cover everything from operating systems, to containers and Kubernetes, and entire cloud platforms.

While the CIS Benchmarks provide detailed information for each individual rule or control, including auditing and remediation steps, it still falls to individuals within an organization to carry out the work of implementing these policies. The work to prove compliance with CIS Benchmarks is often manual, which can lead to errors. When carried out as an exercise such as passing an audit, manual compliance only provides a temporary, snapshot in time, rather than an automated and continuous assessment.

As change is constant in modern application and infrastructure environments, it is critical businesses have a way of applying policy in a manner that is fast, efficient, and fully automated using code.

Business-Critical Infrastructure

Business critical infrastructure is any infrastructure in which major fault or interruption will result in a high cost for the business.

Some high-level examples of business-critical infrastructure may include:

  • Public cloud environments such as AWS, GCP, Azure, and Microsoft 365
  • Private cloud environments such VMware (VCenter and ESXi)
  • Kubernetes Clusters (EKS, GKE, AKS, and self-managed)
  • Servers and Endpoints (Linux, Windows, and macOS)
  • Software Supply Chain services and tooling (GitHub, GitLab, Jenkins, Azure DevOps Pipelines, CircleCI, and more)

Within the examples above there are many individual assets and resources that are critical to operating a secure business such as SSL certificates, system packages, and SSH configurations.

Mondoo is designed to ensure you have real-time visibility, and continuous assessment not just at the high-level, but also down to each individual component.

Continuous, Automated Risk Assessment

Change in your environment is constant, and the need to audit your systems configuration must be continuously monitored.

Mondoo continuously monitors your business critical systems according to the policies you apply and reports any deviation from those policies so that you can take immediate action.

Additionally, Mondoo policies also update continuously as new versions of benchmarks are released, or as they are customized to meet your specific requirements. Mondoo continuously checks for updates to policies and will immediately execute new versions of policies across any systems where those policies have been applied giving you real-time visibility.

Real-Time Answers to Your Most Pressing Questions

Mondoo Query Language (MQL) is a simple to understand, yet extremely powerful graphql-like query language that can be used to answer fine-grained questions about your entire fleet, or specific assets and resources within your fleet.

Mondoo queries can be run in real-time to provide answers to the most pressing security concerns, or you can use Mondoo queries to create policies that run continuously across your environment.

Certified Security Policies

Mondoo Policy Hub comes stocked with a massive collection of certified security policies (as-code) and benchmarks built on MQL, that are ready to be deployed across your fleet on day one.

Mondoo content is designed to be both flexible, and extensible. Use our content as-is to discover security vulnerabilities, exploits, and misconfigurations within your fleet, or easily customize the policies as needed per application, environment, team, business unit, or account.

Should you need to develop your own policies from scratch, MQL is both fast and easy to learn.

Ready to Get Going?

The best way to learn about Mondoo is to just get started with some hands-on exercises. If you are with us, then let’s get going!