We’re excited that you landed on our GitHub page!

🐈 cnquery is a cloud-native tool for querying your entire fleet.

🐈‍⬛ cnspec is a cloud-native solution to assess the security and compliance of your business-critical infrastructure.

The Mondoo unified security platform finds and prioritizes vulnerabilities and misconfigurations that pose the highest risk to your business. Mondoo's security data fabric analyzes the threat and exposure of every finding within the unique context of your infrastructure. Instead of a flood of irrelevant security alerts, Mondoo shows you how you can make an immediate and significant impact on your security posture.

📌 Prioritize the issues that present the greatest risk to your infrastructure

🏗 Build security into the development process from the start

🌊 Eliminate the flood of irrelevant security alerts

🤝 Enlist the DevOps team to help secure your company

⏳ Save time and friction during audit cycles

🧰 Avoid tool sprawl

🎯 Make an immediate and significant impact on your security posture

Check out the mondoohq/samples repository to see sample use cases of cnquery and cnspec in action!

Mondoo was founded in 2020 by DevOps and security experts who previously founded InSpec, devsec.io, and OpenStack.

What we believe:

• Security needs to happen at the code level

• Security needs to be more developer friendly

• Security needs to be seen as beneficial, not burdensome

We built Mondoo so that DevOps and Security practitioners can work together to automate their security and compliance for all types of infrastructure with a single, easy-to-use platform featuring: 👉 policy as code 👈

Try Mondoo for free before you make any commitment! No sales pitch or demo required –- it’s hands on from the start. Begin improving your security posture now, in minutes instead of months.

❇️ Get started with Mondoo. Book a demo: https://mondoo.com/contact

🧑‍💻 Learn how it works: https://mondoo.com/docs/