Add 11.35 release notes (#508)

* Add 11.35 release notes

New week. New release

Signed-off-by: Tim Smith <[email protected]>

* Add the headline

Signed-off-by: Tim Smith <[email protected]>

* Typo

Signed-off-by: Tim Smith <[email protected]>

* Update the dictionary

Signed-off-by: Tim Smith <[email protected]>

* Shrink the image

Signed-off-by: Tim Smith <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

Co-authored-by: Letha <[email protected]>

* Adds text about MS Defender for Cloud integration

Signed-off-by: Charles Johnson <[email protected]>

* Update releases/2024-12-17-mondoo-11.35-is-out.md

---------

Signed-off-by: Tim Smith <[email protected]>
Signed-off-by: Charles Johnson <[email protected]>
Co-authored-by: Letha <[email protected]>
Co-authored-by: Charles Johnson <[email protected]>

Author: 3 people

.github/actions/spelling/expect.txt

@@ -223,6 +223,7 @@ MKGQ
 mmvv
 moids
 mpim
+msdefender
 MSsqm
 multani
 multistring
@@ -300,6 +301,7 @@ rmi
 ROLEARN
 Ronacher
 rrfqiu
+rtsp
 rulegroup
 rulegroupreferencestatement
 saas

docs/platform/maintain/alerting/msteams.md

@@ -76,12 +76,12 @@ There are two solutions:
 
 - If you need to send Mondoo alerts to a private channel, you can change the Workflow flow to post alerts as a certain user:
 
-   1. Log into Microsoft Power Automate as the user you want to post Mondoo alerts.
+  1.  Log into Microsoft Power Automate as the user you want to post Mondoo alerts.
 
-   2. In the left navigation, select **My flows**.
+  2.  In the left navigation, select **My flows**.
 
-   3. Open the flow you created in the [steps above](#create-a-webhook-in-microsoft-teams).
+  3.  Open the flow you created in the [steps above](#create-a-webhook-in-microsoft-teams).
 
-   4. Change the last step in the flow (send adaptive card) to send the message as **User** instead of **Flow Bot**.
+  4.  Change the last step in the flow (send adaptive card) to send the message as **User** instead of **Flow Bot**.
 
 ---

releases/2024-12-17-mondoo-11.35-is-out.md

@@ -0,0 +1,172 @@
+---
+slug: mondoo-11.35-is-out/
+title: Mondoo 11.35 is out!
+description: Announcing the 11.35 release of Mondoo with Microsoft Defender for Cloud findings in Mondoo, Nmap scanning, performance improvements, and more!
+authors: [tim, chip]
+image: /img/releases/2024-12-17-mondoo-11.35-is-out/remediation.png
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 11.35 is out! This release includes Microsoft Defender for Cloud findings in Mondoo, Nmap scanning, performance improvements, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### Microsoft Defender for Cloud findings in Mondoo
+
+Mondoo now imports vulnerabilities discovered by Microsoft Defender for Cloud, so you can prioritize them alongside vulnerabilities discovered by Mondoo. Mondoo helps security teams quickly make sense of security findings regardless of where those findings originate, prioritize the most critical risks, and easily assign them to IT and DevOps with detailed remediation steps. This means that Mondoo significantly speeds up time to resolution and bolsters overall security posture.
+
+Vulnerabilities discovered by Microsoft Defender for Cloud appear in the Mondoo console alongside those discovered by Mondoo’s own scans. Mondoo automatically enriches all vulnerabilities found by Microsoft Defender with additional risk data and remediation advice, and prioritizes them based on the actual risk posed in the environment.
+
+Mondoo enriches the findings generated by Microsoft Defender for Cloud with severity, known exploit data, exploit prediction scoring, asset exposure, and business impact, to make sure your security teams are focused on resolving the most important problems.
+
+### Network security with Nmap scanning
+
+Nmap, short for Network Mapper, is a powerful and versatile open source tool used for network discovery and security auditing. Network administrators, security professionals, and penetration testers rely on Nmap to map out network structures, discover hosts, identify services, and detect vulnerabilities. Now you can integrate Nmap results with Mondoo findings using our new cnquery/cnspec Nmap provider.
+
+Scan active IP address in a network:
+
+```coffee
+nmap.network("192.168.178.0/24").hosts { name ports { * }  }
+nmap.network.hosts: [
+  0: {
+    ports: [
+      0: {
+        service: "http"
+        version: ""
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 443
+        product: "FRITZ!Box http config"
+      }
+      1: {
+        service: "sip"
+        version: ""
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 5060
+        product: "AVM FRITZ!OS SIP"
+      }
+    ]
+    name: "192.168.178.1"
+  }
+  1: {
+    ports: [
+      0: {
+        service: "rtsp"
+        version: "770.8.1"
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 5000
+        product: "AirTunes rtspd"
+      }
+      1: {
+        service: "rtsp"
+        version: "770.8.1"
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 7000
+        product: "AirTunes rtspd"
+      }
+    ]
+    name: "192.168.178.25"
+  }
+]
+```
+
+Scan a specific host IP:
+
+```coffee
+nmap.network(target: "192.168.178.25").hosts { ports }
+nmap.network.hosts: [
+  0: {
+    ports: [
+      0: nmap.port port=5000 service="rtsp"
+      1: nmap.port port=7000 service="rtsp"
+    ]
+  }
+]
+```
+
+## 🧹 IMPROVEMENTS
+
+### Performance improvements
+
+No one wants to wait so we made Mondoo faster than ever.
+
+- 4x faster compliance report generation
+- 7x faster asset discovery during large scans
+- 20x faster GitHub repository discovery in large organizations
+- Reduced GitHub API call usage during organization scans
+
+### New checks in Mondoo DNS Security
+
+The Mondoo DNS Security policy now includes full descriptions and impact scores for each check. There are also new checks to ensure DNSSEC is enabled and no DNS wildcard entries exist.
+
+### Display remediated asset count on CVEs
+
+It's important to observe not just the current state of CVEs, but also the work you've done to resolve them. Remediated counts on CVE and advisory pages provide the full scope of information.
+
+![Remediated Assets](/img/releases/2024-12-17-mondoo-11.35-is-out/remediation.png)
+
+### Expanded Terraform Provider Mondoo resources
+
+You can automate more of your Mondoo Platform configuration than ever with new resources in the [Terraform Provider Mondoo](https://registry.terraform.io/providers/mondoohq/mondoo/latest/docs). Thanks for these great contributions [@mati007thm](https://github.com/mati007thm)!
+
+- New `mondoo_exception` resource
+- New `mondoo_integration_email` resource
+- New `mondoo_integration_gitlab` resource
+- New `mondoo_integration_jira` resource
+- New `mondoo_integration_msdefender` resource
+- New `mondoo_integration_zendesk` resource
+
+### Resource updates
+
+#### aws.cloudfront.function
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### aws.dynamodb.table
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### aws.elb.loadbalancer
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### aws.rds.dbcluster
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### aws.rds.dbinstance
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### aws.s3.bucket
+
+- Deprecate `createdTime` in favor of a new `createdAt` field
+
+#### github.organization
+
+- New `totalPublicRepos` field
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Fix affected assets lists not containing assets scanned by older custom policies.
+- Show the link to discovered assets on each integration page.
+- Fix failures in the `files.find` resource with container image scans.
+- Improve display of VMware assets in the inventory overview.
+- Simplify the asset print view headers.
+- Rename "Sources" to "Learn More" on CVEs to better describe the purpose of the links.
+- Fix policy check metrics when exceptions are set.
+- Fix search for low security CVEs returning zero results in the vulnerability database.
+- Update CIS NTLM checks to also accept the "Deny All" setting.
+- Adjust scores in Windows policies to improve prioritization.
+- Ensure Kubernetes assets always contain asset overview information.

static/img/releases/2024-12-17-mondoo-11.35-is-out/remediation.png

@@ -3277,9 +3277,9 @@ caniuse-api@^3.0.0:
     lodash.uniq "^4.5.0"
 
 caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001646, caniuse-lite@^1.0.30001688:
-  version "1.0.30001689"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001689.tgz#67ca960dd5f443903e19949aeacc9d28f6e10910"
-  integrity sha512-CmeR2VBycfa+5/jOfnp/NpWPGd06nf1XYiefUvhXFfZE4GkRc9jv+eGPS4nT558WS/8lYCzV8SlANCIPvbWP1g==
+  version "1.0.30001690"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001690.tgz#f2d15e3aaf8e18f76b2b8c1481abde063b8104c8"
+  integrity sha512-5ExiE3qQN6oF8Clf8ifIDcMRCRE/dMGcETG/XGMD8/XiXm6HXQgQTh1yZYLXXpSOsEUlJm1Xr7kGULZTuGtP/w==
 
 ccount@^2.0.0:
   version "2.0.1"
@@ -4095,9 +4095,9 @@ [email protected]:
   integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==
 
 electron-to-chromium@^1.5.73:
-  version "1.5.74"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.74.tgz#cb886b504a6467e4c00bea3317edb38393c53413"
-  integrity sha512-ck3//9RC+6oss/1Bh9tiAVFy5vfSKbRHAFh7Z3/eTRkEqJeWgymloShB17Vg3Z4nmDNp35vAd1BZ6CMW4Wt6Iw==
+  version "1.5.75"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.5.75.tgz#bba96eabf0e8ca36324679caa38b982800acc87d"
+  integrity sha512-Lf3++DumRE/QmweGjU+ZcKqQ+3bKkU/qjaKYhIJKEOhgIO9Xs6IiAQFkfFoj+RhgDk4LUeNsLo6plExHqSyu6Q==
 
 emoji-regex@^8.0.0:
   version "8.0.0"
@@ -5750,9 +5750,9 @@ markdown-table@^3.0.0:
   integrity sha512-wiYz4+JrLyb/DqW2hkFJxP7Vd7JuTDm77fvbM8VfEQdmSMqcImWeeRbHwZjBjIFki/VaMK2BhFi7oUUZeM5bqw==
 
 math-intrinsics@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.0.0.tgz#4e04bf87c85aa51e90d078dac2252b4eb5260817"
-  integrity sha512-4MqMiKP90ybymYvsut0CH2g4XWbfLtmlCkXmtmdcDCxNB+mQcu1w/1+L/VD7vi/PSv7X2JYV7SCcR+jiPXnQtA==
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9"
+  integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==
 
 mdast-util-directive@^3.0.0:
   version "3.0.0"
@@ -8092,9 +8092,9 @@ resolve-pathname@^3.0.0:
   integrity sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng==
 
 resolve@^1.1.6, resolve@^1.14.2:
-  version "1.22.9"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.9.tgz#6da76e4cdc57181fa4471231400e8851d0a924f3"
-  integrity sha512-QxrmX1DzraFIi9PxdG5VkRfRwIgjwyud+z/iBwfRRrVmHc+P9Q7u2lSSpQ6bjr2gy5lrqIiU9vb6iAeGf2400A==
+  version "1.22.10"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.10.tgz#b663e83ffb09bbf2386944736baae803029b8b39"
+  integrity sha512-NPRy+/ncIMeDlTAsuqwKIiferiawhefFJtkNSW0qZJEqMEb+qBt/77B/jGeeek+F0uOeN05CDa6HXbbIgtVX4w==
   dependencies:
     is-core-module "^2.16.0"
     path-parse "^1.0.7"