Compliance

Summary CINC Auditor is an open-source, license-free rebuild of Chef InSpec that enables infrastructure compliance testing and auditing using the same profile

Summary CVE (Common Vulnerabilities and Exposures) is a publicly maintained dictionary of known security vulnerabilities and exposures, each assigned a unique

Summary DORA (Digital Operational Resilience Act) is an EU regulation that entered into force in January 2025, requiring financial institutions and their

Summary GDPR (General Data Protection Regulation) is the EU regulation that sets out rights for individuals over their personal data and obligations for

Summary HIPAA (Health Insurance Portability and Accountability Act) is a U.S. federal law that sets national standards for protecting sensitive patient health

Summary ISO 27001 is the leading international standard for information security management systems (ISMS), providing a systematic approach to managing

Summary Mondoo is a security posture management platform that enables organizations to continuously assess and enforce security policies across cloud

Summary The NIS2 Directive (Network and Information Security Directive 2) is an EU regulation that mandates minimum cybersecurity standards across critical and

A lot has happened in the eight months since we covered Mondoo's March 2025 release. If you're already using the platform, you've probably noticed some big

In today’s fast-paced digital world security isn’t optional, it’s a foundation. Whether you're running microservices in Kubernetes, managing cloud resources, or

Mondoo bills itself as a comprehensive exposure management platform – think a single pane for all your security needs, on-prem and in the cloud. In practice,

In the rapidly evolving world of software development, securing and managing the integrity of codebases is paramount, particularly for organizations subject to

Ensuring Access Control and Secrets Management with HashiCorp Boundary and Vault in HCP and AWS Ensuring access controls and secrets management is critical in

In today's fast-paced digital landscape, efficient case management is crucial for organizations to stay on top of security and compliance issues. Mondoo, a

In the previous posts of this blog series, we introduced the Mondoo platform, its Terraform provider resources, data sources, and imports, exploring how they

Introduction In today's fast-paced digital landscape, ensuring compliance with various frameworks is crucial for companies to maintain the security and

In the previous posts of this blog series, we introduced the Mondoo platform, its Terraform provider resources and data sources, exploring how they enhance

As organizations strive to safeguard their digital assets, innovative solutions like Mondoo have emerged to enhance security and compliance across various

In an era where information security management is more crucial than ever, organizations are seeking innovative solutions to safeguard their digital assets

In today's dynamic and complex cloud environments, organisations face significant challenges in managing costs while ensuring compliance and operational

This is the second post in a series about IT compliance with Mondoo. This post will focus on how to add your own custom policies to Mondoo. Make sure to

This is the first post in a series about IT compliance with Mondoo. This post will focus on the basics of Mondoo and how you can use it to get insights about

The first Infracoders/DevOps/CloudNative Meetup after the summer break took place on the 11th of September, 2018 in Graz. About 15 Infracoders were excited