mondoo

Mondoo provides a cloud-native security platform that combines vulnerability management with infrastructure security assessment capabilities. The company's core offerings include cnspec and cnquery, two open source tools built on their security data fabric architecture. cnspec is a security scanning tool that assesses infrastructure configurations against security policies and compliance frameworks. It checks systems for misconfigurations and vulnerabilities across the full technology stack, using policies based on CIS benchmarks and industry best practices. The tool supports policy-as-code, allowing organizations to automate compliance verification and integrate security scanning into development and production workflows. cnquery is an infrastructure query tool that integrates with over 850 resources to provide visibility into operations and development platforms. It uses MQL (Mondoo Query Language), which combines graph database approaches with filtering capabilities to query infrastructure components across containers, cloud instances, and Kubernetes clusters. The platform supports scanning across multiple environments including AWS, Azure, GCP, Kubernetes, Linux, Windows, and container registries. Both tools can operate in various deployment modes including local installations, containers, and air-gapped environments. Scan results can be exported in multiple formats or integrated with the Mondoo Platform, a web-based console for exploring infrastructure data and managing security findings across assets. The company focuses on autonomous vulnerability management that reduces manual security work and accelerates remediation timelines.