From 7b2fdd701eee443394c7b6ed5d31a9a6fc287954 Mon Sep 17 00:00:00 2001 From: Letha Date: Mon, 26 Aug 2024 14:20:23 -0700 Subject: [PATCH] :broom: Make titles consistently use Mondoo and not policy (#432) Plus some other cleanup stuff --- core/mondoo-aws-security.mql.yaml | 4 ++-- core/mondoo-azure-security.mql.yaml | 4 ++-- core/mondoo-dns-security.mql.yaml | 4 ++-- core/mondoo-edr-policy.mql.yaml | 2 +- core/mondoo-email-security.mql.yaml | 2 +- core/mondoo-gcp-security.mql.yaml | 4 ++-- core/mondoo-github-best-practices.mql.yaml | 4 ++-- core/mondoo-github-security.mql.yaml | 4 ++-- core/mondoo-gitlab-security.mql.yaml | 4 ++-- core/mondoo-http-security.mql.yaml | 4 ++-- core/mondoo-kubernetes-best-practices.mql.yaml | 4 ++-- core/mondoo-kubernetes-security.mql.yaml | 4 ++-- core/mondoo-linux-security.mql.yaml | 4 ++-- core/mondoo-linux-workstation-security.mql.yaml | 2 +- core/mondoo-macos-security.mql.yaml | 2 +- core/mondoo-macos-vulnerability.mql.yaml | 4 ++-- core/mondoo-microsoft-vulnerability.mql.yaml | 4 ++-- core/mondoo-ms365-security.mql.yaml | 4 ++-- core/mondoo-okta-security.mql.yaml | 4 ++-- core/mondoo-openssl-vulnerability.mql.yaml | 4 ++-- core/mondoo-slack-security.mql.yaml | 4 ++-- core/mondoo-terraform-aws-security.mql.yaml | 2 +- core/mondoo-terraform-gcp-security.mql.yaml | 4 ++-- core/mondoo-tls-security.mql.yaml | 2 +- core/mondoo-vmware-vulnerability.mql.yaml | 4 ++-- core/mondoo-windows-11-compatibility.mql.yaml | 4 ++-- core/mondoo-windows-security.mql.yaml | 6 +++--- core/mondoo-windows-workstation-security.mql.yaml | 4 ++-- core/mondoo-xz-vulnerability.mql.yaml | 4 ++-- extra/mondoo-google-workspace-security.mql.yaml | 4 ++-- 30 files changed, 55 insertions(+), 55 deletions(-) diff --git a/core/mondoo-aws-security.mql.yaml b/core/mondoo-aws-security.mql.yaml index 453824a1..6c280541 100644 --- a/core/mondoo-aws-security.mql.yaml +++ b/core/mondoo-aws-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-aws-security - name: AWS Security + name: Mondoo AWS Security version: 3.0.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - AWS Security by Mondoo provides guidance for establishing minimum recommended security and operational best practices for Amazon Web Services (AWS). The checks in this policy bundle are based on AWS's Operational Best Practices recommendations as part of the [AWS Config conformance packs](https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html). + The Mondoo AWS Security policy provides guidance for establishing minimum recommended security and operational best practices for Amazon Web Services (AWS). The checks in this policy bundle are based on AWS's Operational Best Practices recommendations as part of the [AWS Config conformance packs](https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html). ## Remote scan diff --git a/core/mondoo-azure-security.mql.yaml b/core/mondoo-azure-security.mql.yaml index bf9ec6bc..58800248 100644 --- a/core/mondoo-azure-security.mql.yaml +++ b/core/mondoo-azure-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-azure-security - name: Microsoft Azure Security + name: Mondoo Microsoft Azure Security version: 2.0.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: |- ## Overview - Microsoft Azure Security by Mondoo provides guidance for establishing minimum recommended security and operational best practices for Microsoft Azure. + The Mondoo Microsoft Azure Security policy provides guidance for establishing minimum recommended security and operational best practices for Microsoft Azure. ## Getting Started diff --git a/core/mondoo-dns-security.mql.yaml b/core/mondoo-dns-security.mql.yaml index 890edf91..91c145e9 100644 --- a/core/mondoo-dns-security.mql.yaml +++ b/core/mondoo-dns-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-dns-security - name: DNS Security + name: Mondoo DNS Security version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - The DNS Security policy by Mondoo includes checks for assessing the configuration of DNS records. + The Mondoo DNS Security policy includes checks for assessing the configuration of DNS records. ## Remote scan diff --git a/core/mondoo-edr-policy.mql.yaml b/core/mondoo-edr-policy.mql.yaml index fcd7e35c..5f032647 100644 --- a/core/mondoo-edr-policy.mql.yaml +++ b/core/mondoo-edr-policy.mql.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BUSL-1.1 policies: - uid: mondoo-edr-policy - name: Endpoint Detection and Response (EDR) Policy + name: Mondoo Endpoint Detection and Response (EDR) version: 1.3.1 license: BUSL-1.1 tags: diff --git a/core/mondoo-email-security.mql.yaml b/core/mondoo-email-security.mql.yaml index 7a1c1b46..b79db658 100644 --- a/core/mondoo-email-security.mql.yaml +++ b/core/mondoo-email-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-email-security - name: Email Security Policy + name: Mondoo Email Security version: 1.0.0 license: BUSL-1.1 tags: diff --git a/core/mondoo-gcp-security.mql.yaml b/core/mondoo-gcp-security.mql.yaml index e0366a5d..44e4680e 100644 --- a/core/mondoo-gcp-security.mql.yaml +++ b/core/mondoo-gcp-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-gcp-security - name: Google Cloud (GCP) Security + name: Mondoo Google Cloud (GCP) Security version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: |- ## Overview - Google Cloud Security by Mondoo provides guidance for establishing minimum recommended security and operational best practices for Google Cloud. + The Mondoo Google Cloud Security policy provides guidance for establishing minimum recommended security and operational best practices for Google Cloud. ## Remote scan diff --git a/core/mondoo-github-best-practices.mql.yaml b/core/mondoo-github-best-practices.mql.yaml index a7af023d..a6a058e9 100644 --- a/core/mondoo-github-best-practices.mql.yaml +++ b/core/mondoo-github-best-practices.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-github-repository-best-practices - name: GitHub Repository Best Practices + name: Mondoo GitHub Repository Best Practices version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | # Overview - GitHub Repository Best Practices by Mondoo provides assessments of public and private GitHub repositories to ensure a minimum recommended operational best practices. + The Mondoo GitHub Repository Best Practices policy provides assessments of public and private GitHub repositories to ensure a minimum recommended operational best practices. ## About remote scanning diff --git a/core/mondoo-github-security.mql.yaml b/core/mondoo-github-security.mql.yaml index 8d619a73..de7d20f3 100644 --- a/core/mondoo-github-security.mql.yaml +++ b/core/mondoo-github-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-github-organization-security - name: GitHub Organization Security + name: Mondoo GitHub Organization Security version: 1.5.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - GitHub Organization Security by Mondoo provides guidance for establishing minimum recommended security and operational best practices for GitHub organizations. + The Mondoo GitHub Organization Security policy provides guidance for establishing minimum recommended security and operational best practices for GitHub organizations. ## About remote scanning diff --git a/core/mondoo-gitlab-security.mql.yaml b/core/mondoo-gitlab-security.mql.yaml index 8349a51c..1f50e7ba 100644 --- a/core/mondoo-gitlab-security.mql.yaml +++ b/core/mondoo-gitlab-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-gitlab-security - name: GitLab Security + name: Mondoo GitLab Security version: 1.4.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - The GitLab Security policy by Mondoo offers guidance on establishing minimum recommended security best practices for GitLab groups and projects. + The Mondoo GitLab Security policy offers guidance on establishing minimum recommended security best practices for GitLab groups and projects. ## Remote scan diff --git a/core/mondoo-http-security.mql.yaml b/core/mondoo-http-security.mql.yaml index 479f5a59..3f843867 100644 --- a/core/mondoo-http-security.mql.yaml +++ b/core/mondoo-http-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-http-security - name: HTTP Security + name: Mondoo HTTP Security version: 1.1.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - The HTTP Security by Mondoo policy includes checks for ensuring the security of HTTP headers. + The Mondoo HTTP Security policy includes checks for ensuring the security of HTTP headers. ## Remote scan diff --git a/core/mondoo-kubernetes-best-practices.mql.yaml b/core/mondoo-kubernetes-best-practices.mql.yaml index 919af24d..90a6dd51 100644 --- a/core/mondoo-kubernetes-best-practices.mql.yaml +++ b/core/mondoo-kubernetes-best-practices.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-kubernetes-best-practices - name: Kubernetes Best Practices + name: Mondoo Kubernetes Best Practices version: 1.1.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: |- ## Overview - The Kubernetes Best Practices by Mondoo policy bundle provides guidance for establishing reliable Kubernetes clusters by encouraging the adoption of best practices. + The Mondoo Kubernetes Best Practices policy bundle provides guidance for establishing reliable Kubernetes clusters by encouraging the adoption of best practices. ## Remote scan diff --git a/core/mondoo-kubernetes-security.mql.yaml b/core/mondoo-kubernetes-security.mql.yaml index 39169502..8d1aea2d 100644 --- a/core/mondoo-kubernetes-security.mql.yaml +++ b/core/mondoo-kubernetes-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-kubernetes-security - name: Kubernetes Cluster and Workload Security + name: Mondoo Kubernetes Cluster and Workload Security version: 1.2.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: |- # Overview - The Kubernetes Cluster and Workload Security by Mondoo provides guidance for establishing secure Kubernetes cluster configurations and workload deployments. + The Mondoo Kubernetes Cluster and Workload Security policy provides guidance for establishing secure Kubernetes cluster configurations and workload deployments. If you have questions, comments, or have identified ways to improve this policy, please write us at hello@mondoo.com, or reach out in [GitHub Discussions](https://github.com/orgs/mondoohq/discussions). diff --git a/core/mondoo-linux-security.mql.yaml b/core/mondoo-linux-security.mql.yaml index f0fe024a..7b52a75b 100644 --- a/core/mondoo-linux-security.mql.yaml +++ b/core/mondoo-linux-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-linux-security - name: Linux Security + name: Mondoo Linux Security version: 2.4.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: |- ## Overview - The Linux Security by Mondoo provides guidance for establishing a secure baseline configuration for Linux systems running on x86 and x64 platforms. + The Mondoo Linux Security policy provides guidance for establishing a secure baseline configuration for Linux systems running on x86 and x64 platforms. This policy includes queries to help harden Linux systems by: - Identifying problematic services that may be running diff --git a/core/mondoo-linux-workstation-security.mql.yaml b/core/mondoo-linux-workstation-security.mql.yaml index a848d262..cf3ca7ed 100644 --- a/core/mondoo-linux-workstation-security.mql.yaml +++ b/core/mondoo-linux-workstation-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-linux-workstation-security - name: Linux Workstation Security + name: Mondoo Linux Workstation Security version: 1.1.0 license: BUSL-1.1 tags: diff --git a/core/mondoo-macos-security.mql.yaml b/core/mondoo-macos-security.mql.yaml index f5f63139..7ebaac93 100644 --- a/core/mondoo-macos-security.mql.yaml +++ b/core/mondoo-macos-security.mql.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BUSL-1.1 policies: - uid: mondoo-macos-security - name: macOS Security + name: Mondoo macOS Security version: 1.3.1 license: BUSL-1.1 tags: diff --git a/core/mondoo-macos-vulnerability.mql.yaml b/core/mondoo-macos-vulnerability.mql.yaml index 504e6e48..f42cacb9 100644 --- a/core/mondoo-macos-vulnerability.mql.yaml +++ b/core/mondoo-macos-vulnerability.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-macos-vulnerability - name: macOS Vulnerability Policy + name: Mondoo macOS Vulnerability version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - Mondoo macOS Vulnerability Policy checks for macOS vulnerabilities. It should be used in combination with the macOS Security Policy. + The Mondoo macOS Vulnerability policy checks for macOS vulnerabilities. It should be used in combination with the Mondoo macOS Security policy. ### Run policy diff --git a/core/mondoo-microsoft-vulnerability.mql.yaml b/core/mondoo-microsoft-vulnerability.mql.yaml index 320754d7..ee1ec254 100644 --- a/core/mondoo-microsoft-vulnerability.mql.yaml +++ b/core/mondoo-microsoft-vulnerability.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-microsoft-vulnerability - name: Microsoft Vulnerability Policy + name: Mondoo Microsoft Vulnerability version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - Mondoo Microsoft Vulnerability Policy checks for Windows and Microsoft Application vulnerabilities. It should be used in combination with the Platform Vulnerability Policy to identify missing patches. + The Mondoo Microsoft Vulnerability policy checks for Windows and Microsoft Application vulnerabilities. It should be used in combination with the Platform Vulnerability Policy to identify missing patches. ### Run policy diff --git a/core/mondoo-ms365-security.mql.yaml b/core/mondoo-ms365-security.mql.yaml index d08a04f5..041ac8bd 100644 --- a/core/mondoo-ms365-security.mql.yaml +++ b/core/mondoo-ms365-security.mql.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BUSL-1.1 policies: - uid: mondoo-ms365-security - name: Microsoft 365 Security + name: Mondoo Microsoft 365 Security version: 2.0.0 license: BUSL-1.1 tags: @@ -15,7 +15,7 @@ policies: desc: |- ## Overview - Microsoft 365 Security by Mondoo provides guidance for establishing minimum recommended security and operational best practices for Microsoft 365. + The Mondoo Microsoft 365 Security policy provides guidance for establishing minimum recommended security and operational best practices for Microsoft 365. ## Remote scan diff --git a/core/mondoo-okta-security.mql.yaml b/core/mondoo-okta-security.mql.yaml index 3c686c9e..9ef25e55 100644 --- a/core/mondoo-okta-security.mql.yaml +++ b/core/mondoo-okta-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-okta-security - name: Okta Organization Security + name: Mondoo Okta Organization Security version: 2.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | # Overview - The Mondoo Okta Security policy bundle provides security recommendations for Okta organizations. This policy supports scanning of Okta organizations as well as Terraform projects using the [Okta Terraform provider](https://registry.terraform.io/providers/okta/okta/latest/docs) from the HashiCorp Terraform Registry. + The Mondoo Okta Organization Security policy provides security recommendations for Okta organizations. This policy supports scanning of Okta organizations as well as Terraform projects using the [Okta Terraform provider](https://registry.terraform.io/providers/okta/okta/latest/docs) from the HashiCorp Terraform Registry. ## About remote scanning diff --git a/core/mondoo-openssl-vulnerability.mql.yaml b/core/mondoo-openssl-vulnerability.mql.yaml index 60f35a3b..430198f0 100644 --- a/core/mondoo-openssl-vulnerability.mql.yaml +++ b/core/mondoo-openssl-vulnerability.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-openssl-vulnerability - name: OpenSSL Vulnerability Policy + name: Mondoo OpenSSL Vulnerability version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - OpenSSL Vulnerability Policy by Mondoo checks for vulnerable OpenSSL installation on Unix/ Linux system. + The Mondoo OpenSSL Vulnerability policy checks for vulnerable OpenSSL installation on Unix/Linux system. ## Remote scan diff --git a/core/mondoo-slack-security.mql.yaml b/core/mondoo-slack-security.mql.yaml index eb60d54c..0ffa0683 100644 --- a/core/mondoo-slack-security.mql.yaml +++ b/core/mondoo-slack-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-slack-security - name: Slack Team Security + name: Mondoo Slack Team Security version: 1.4.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - The Slack Team Security by Mondoo policy ensures that Slack Teams configurations follow best security practices. + The Mondoo Slack Team Security policy ensures that Slack team configurations follow best security practices. ### Prerequisites diff --git a/core/mondoo-terraform-aws-security.mql.yaml b/core/mondoo-terraform-aws-security.mql.yaml index 58b63a70..3cfd9ef5 100644 --- a/core/mondoo-terraform-aws-security.mql.yaml +++ b/core/mondoo-terraform-aws-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-terraform-aws-security - name: Terraform HCL Security Static Analysis for AWS + name: Mondoo Terraform HCL Security Static Analysis for AWS version: 1.2.1 license: BUSL-1.1 tags: diff --git a/core/mondoo-terraform-gcp-security.mql.yaml b/core/mondoo-terraform-gcp-security.mql.yaml index 98b98b1d..481c4367 100644 --- a/core/mondoo-terraform-gcp-security.mql.yaml +++ b/core/mondoo-terraform-gcp-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-terraform-gcp-security - name: Terraform HCL Security Static Analysis for Google Cloud + name: Mondoo Terraform HCL Security Static Analysis for Google Cloud version: 1.2.1 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - This checks for security misconfigurations in Terraform HCL for Google Cloud. + This policy checks for security misconfigurations in Terraform HCL for Google Cloud. ## Local scan diff --git a/core/mondoo-tls-security.mql.yaml b/core/mondoo-tls-security.mql.yaml index 15937194..6b835970 100644 --- a/core/mondoo-tls-security.mql.yaml +++ b/core/mondoo-tls-security.mql.yaml @@ -18,7 +18,7 @@ policies: The Transport Layer Security (TLS) protocol is the primary means of protecting network communications. - The TLS/SSL Security policy by Mondoo includes checks for ensuring the security and configuration of TLS/SSL connections and certificates. + The Mondoo TLS/SSL Security policy includes checks for ensuring the security and configuration of TLS/SSL connections and certificates. ## Remote scan diff --git a/core/mondoo-vmware-vulnerability.mql.yaml b/core/mondoo-vmware-vulnerability.mql.yaml index 30b8cb10..4811f070 100644 --- a/core/mondoo-vmware-vulnerability.mql.yaml +++ b/core/mondoo-vmware-vulnerability.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-vmware-vulnerability - name: VMware vCenter Vulnerability Policy + name: Mondoo VMware vCenter Vulnerability version: 1.1.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - Mondoo OpenSSL VMware vCenter Policy checks for vulnerable vCenter/ESXi configuration. It should be used in combination with the Platform Vulnerability Policy to identify missing patches. + The Mondoo VMware vCenter policy checks for vulnerable vCenter/ESXi configuration. It should be used in combination with the Platform Vulnerability Policy to identify missing patches. ### Run policy diff --git a/core/mondoo-windows-11-compatibility.mql.yaml b/core/mondoo-windows-11-compatibility.mql.yaml index 52d67cec..35a2fcc6 100644 --- a/core/mondoo-windows-11-compatibility.mql.yaml +++ b/core/mondoo-windows-11-compatibility.mql.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BUSL-1.1 policies: - uid: mondoo-windows-11-compatibility - name: Windows 11 Compatibility for Workstations + name: Mondoo Microsoft Windows 11 Compatibility for Workstations version: 1.0.6 tags: mondoo.com/platform: windows @@ -12,7 +12,7 @@ policies: email: hello@mondoo.com docs: desc: | - The Windows 11 Compatibility Policy checks if a Windows workstation is compatible with Windows 11. The policy checks for the following requirements: + The Mondoo Microsoft Windows 11 Compatibility policy checks if a Windows workstation is compatible with Microsoft Windows 11. The policy checks for the following requirements: - CPU compatibility - RAM requirements - HDD requirements diff --git a/core/mondoo-windows-security.mql.yaml b/core/mondoo-windows-security.mql.yaml index 9b4ccb50..08c8e38e 100644 --- a/core/mondoo-windows-security.mql.yaml +++ b/core/mondoo-windows-security.mql.yaml @@ -2,7 +2,7 @@ # SPDX-License-Identifier: BUSL-1.1 policies: - uid: mondoo-windows-security - name: Windows Security + name: Mondoo Microsoft Windows Security version: 2.3.2 license: BUSL-1.1 tags: @@ -39,9 +39,9 @@ policies: ### Prerequisites - Remote scans of windows hosts suitable authentication method such as winRM enabled or SSH keys. + Remote scans of Windows hosts require an authentication method such as winRM or SSH keys. - ### Scan a remote Windows (SSH authentication) + ### Scan a remote Windows device (SSH authentication) ```bash cnspec scan ssh @ -i /path/to/ssh_key diff --git a/core/mondoo-windows-workstation-security.mql.yaml b/core/mondoo-windows-workstation-security.mql.yaml index 0c24eb62..6ee8d5e3 100644 --- a/core/mondoo-windows-workstation-security.mql.yaml +++ b/core/mondoo-windows-workstation-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-windows-workstation-security - name: Windows Workstation Security + name: Mondoo Microsoft Windows Workstation Security version: 0.4.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - This policy provides prescriptive guidance for establishing a secure configuration posture for Windows Client systems running on x86 and x64 platforms. + This policy provides prescriptive guidance for establishing a secure configuration posture for Microsoft Windows client systems running on x86 and x64 platforms. Commands and scripts are provided which should work on Windows 10 and 11. diff --git a/core/mondoo-xz-vulnerability.mql.yaml b/core/mondoo-xz-vulnerability.mql.yaml index 00e362b7..cee230c0 100644 --- a/core/mondoo-xz-vulnerability.mql.yaml +++ b/core/mondoo-xz-vulnerability.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-xz-vulnerability-policy - name: xz Vulnerability (CVE-2024–3094) + name: Mondoo xz Vulnerability (CVE-2024–3094) version: 1.0.0 license: BUSL-1.1 tags: @@ -14,7 +14,7 @@ policies: email: hello@mondoo.com docs: desc: | - The xz-utils package 5.6.0 and 5.6.1 has a vulnerability in the xz command line tool that allows for arbitrary code execution when processing a specially crafted .xz file. This vulnerability is due to a stack-based buffer overflow in the xz_decomp function in xz-dec.c. An attacker can exploit this vulnerability by sending a specially crafted .xz file to a target system, which could allow the attacker to execute arbitrary code on the target system. + The xz-utils package versions 5.6.0 and 5.6.1 have a vulnerability in the xz command line tool that allows arbitrary code execution when processing a specially crafted .xz file. This vulnerability is due to a stack-based buffer overflow in the xz_decomp function in xz-dec.c. An attacker can exploit this vulnerability by sending a specially crafted .xz file to a target system, which could allow the attacker to execute arbitrary code on the target system. This policy checks for the presence of xz libs on the system and ensures that the version is not vulnerable. groups: diff --git a/extra/mondoo-google-workspace-security.mql.yaml b/extra/mondoo-google-workspace-security.mql.yaml index 44e01044..c3001895 100644 --- a/extra/mondoo-google-workspace-security.mql.yaml +++ b/extra/mondoo-google-workspace-security.mql.yaml @@ -3,7 +3,7 @@ policies: - uid: mondoo-google-workspace-security - name: Google Workspace Security + name: Mondoo Google Workspace Security version: 1.0.0 license: BUSL-1.1 tags: @@ -16,7 +16,7 @@ policies: desc: | ## Overview - The Mondoo Google Workspace Security policy by Mondoo ensures that Google Workspace configurations follow best security practices. + The Mondoo Google Workspace Security policy ensures that Google Workspace configurations follow best security practices. ### Prerequisites