Add 11.22 release notes (#367)

* Add 11.22 release notes

New week. New release

Signed-off-by: Tim Smith <[email protected]>

* Update releases/2024-09-17-mondoo-11.22-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-09-17-mondoo-11.22-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-09-17-mondoo-11.22-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-09-17-mondoo-11.22-is-out.md

Co-authored-by: Letha <[email protected]>

* Update releases/2024-09-17-mondoo-11.22-is-out.md

Co-authored-by: Letha <[email protected]>

* Add release notes for cases

Signed-off-by: Charles Johnson <[email protected]>

* shrink images, wee text edits

* spellcheck add

* Pull in the latest MQL updates

Signed-off-by: Tim Smith <[email protected]>

* Bump deps again

Signed-off-by: Tim Smith <[email protected]>

* Update .github/actions/spelling/expect.txt

* Add notebookinstancedetails to spellcheck

Signed-off-by: Tim Smith <[email protected]>

---------

Signed-off-by: Tim Smith <[email protected]>
Signed-off-by: Charles Johnson <[email protected]>
Co-authored-by: Letha <[email protected]>
Co-authored-by: Charles Johnson <[email protected]>

.github/actions/spelling/expect.txt

@@ -238,6 +238,7 @@ nginx
 noarch
 nodegroup
 nodepool
+notebookinstancedetails
 nsrecord
 NSUl
 nsurlsessiond

docs/mql/resources/aws-pack/README.md

@@ -141,7 +141,7 @@ Resources included in this pack:
 | [aws.sagemaker](aws.sagemaker.md)                                                                                                                 | AWS SageMaker                                                                                                          |
 | [aws.sagemaker.endpoint](aws.sagemaker.endpoint.md)                                                                                               | AWS SageMaker endpoint                                                                                                 |
 | [aws.sagemaker.notebookinstance](aws.sagemaker.notebookinstance.md)                                                                               | AWS SageMaker notebook instance                                                                                        |
-| [aws.sagemaker.notebookinstance.details](aws.sagemaker.notebookinstance.details.md)                                                               | AWS SageMaker notebook instance details                                                                                |
+| [aws.sagemaker.notebookinstancedetails](aws.sagemaker.notebookinstancedetails.md)                                                                 | AWS SageMaker notebook instance details                                                                                |
 | [aws.secretsmanager](aws.secretsmanager.md)                                                                                                       | AWS Secrets Manager                                                                                                    |
 | [aws.secretsmanager.secret](aws.secretsmanager.secret.md)                                                                                         | AWS Secrets Manager secret                                                                                             |
 | [aws.securityhub](aws.securityhub.md)                                                                                                             | AWS Security Hub                                                                                                       |

docs/mql/resources/aws-pack/aws.sagemaker.notebookinstance.md

@@ -18,10 +18,10 @@ AWS SageMaker notebook instance
 
 **Fields**
 
-| ID      | TYPE                                                                                | DESCRIPTION                               |
-| ------- | ----------------------------------------------------------------------------------- | ----------------------------------------- |
-| arn     | string                                                                              | ARN for the notebook instance             |
-| name    | string                                                                              | Name of the notebook instance             |
-| details | [aws.sagemaker.notebookinstance.details](aws.sagemaker.notebookinstance.details.md) | Details about the notebook                |
-| region  | string                                                                              | Region where the notebook instance exists |
-| tags    | map[string]string                                                                   | Tags for the notebook instance            |
+| ID      | TYPE                                                                              | DESCRIPTION                               |
+| ------- | --------------------------------------------------------------------------------- | ----------------------------------------- |
+| arn     | string                                                                            | ARN for the notebook instance             |
+| name    | string                                                                            | Name of the notebook instance             |
+| details | [aws.sagemaker.notebookinstancedetails](aws.sagemaker.notebookinstancedetails.md) | Details about the notebook                |
+| region  | string                                                                            | Region where the notebook instance exists |
+| tags    | map[string]string                                                                 | Tags for the notebook instance            |

docs/mql/resources/aws-pack/aws.sagemaker.notebookinstance.details.md → docs/mql/resources/aws-pack/aws.sagemaker.notebookinstancedetails.md

@@ -1,12 +1,12 @@
 ---
-title: aws.sagemaker.notebookinstance.details
-id: aws.sagemaker.notebookinstance.details
-sidebar_label: aws.sagemaker.notebookinstance.details
+title: aws.sagemaker.notebookinstancedetails
+id: aws.sagemaker.notebookinstancedetails
+sidebar_label: aws.sagemaker.notebookinstancedetails
 displayed_sidebar: MQL
 description: AWS SageMaker notebook instance details
 ---
 
-# aws.sagemaker.notebookinstance.details
+# aws.sagemaker.notebookinstancedetails
 
 **Supported platform**
 

docs/mql/resources/azure-pack/azure.subscription.keyvaultservice.key.autorotation.md

@@ -20,5 +20,5 @@ Azure Key Vault key auto-rotation
 
 | ID      | TYPE   | DESCRIPTION                  |
 | ------- | ------ | ---------------------------- |
-| kid     | string | Key ID (Key Identifier)      |
+| kid     | string | Key ID                       |
 | enabled | bool   | Auto-rotation enabled status |

docs/mql/resources/ms365-pack/README.md

@@ -18,6 +18,8 @@ Resources included in this pack:
 | [microsoft.application](microsoft.application.md)                                                         | Microsoft Entra ID application registration                                          |
 | [microsoft.application.permission](microsoft.application.permission.md)                                   | Microsoft Service Principal Permission                                               |
 | [microsoft.application.role](microsoft.application.role.md)                                               | Microsoft Entra ID app roles are custom roles to assign permissions to users or apps |
+| [microsoft.conditionalAccess](microsoft.conditionalaccess.md)                                             | Microsoft Conditional Access Policies                                                |
+| [microsoft.conditionalAccess.ipNamedLocation](microsoft.conditionalaccess.ipnamedlocation.md)             | Microsoft Conditional Access IP named location                                       |
 | [microsoft.devicemanagement](microsoft.devicemanagement.md)                                               | Microsoft device management                                                          |
 | [microsoft.devicemanagement.devicecompliancepolicy](microsoft.devicemanagement.devicecompliancepolicy.md) | Microsoft device compliance policy                                                   |
 | [microsoft.devicemanagement.deviceconfiguration](microsoft.devicemanagement.deviceconfiguration.md)       | Microsoft device configuration                                                       |

docs/mql/resources/ms365-pack/microsoft.conditionalaccess.ipnamedlocation.md

@@ -0,0 +1,20 @@
+---
+title: microsoft.conditionalAccess.ipNamedLocation
+id: microsoft.conditionalAccess.ipNamedLocation
+sidebar_label: microsoft.conditionalAccess.ipNamedLocation
+displayed_sidebar: MQL
+description: Microsoft Conditional Access IP named location
+---
+
+# microsoft.conditionalAccess.ipNamedLocation
+
+**Description**
+
+Microsoft Conditional Access IP named location
+
+**Fields**
+
+| ID      | TYPE   | DESCRIPTION                               |
+| ------- | ------ | ----------------------------------------- |
+| name    | string | Named location name                       |
+| trusted | bool   | Whether the location is marked as trusted |

docs/mql/resources/ms365-pack/microsoft.conditionalaccess.md

@@ -0,0 +1,19 @@
+---
+title: microsoft.conditionalAccess
+id: microsoft.conditionalAccess
+sidebar_label: microsoft.conditionalAccess
+displayed_sidebar: MQL
+description: Microsoft Conditional Access Policies
+---
+
+# microsoft.conditionalAccess
+
+**Description**
+
+Microsoft Conditional Access Policies
+
+**Fields**
+
+| ID             | TYPE                                                                                                    | DESCRIPTION       |
+| -------------- | ------------------------------------------------------------------------------------------------------- | ----------------- |
+| namedLocations | [][microsoft.conditionalAccess.ipNamedLocation](microsoft.conditionalaccess.ipnamedlocation.md) | IP named location |

releases/2024-09-10-mondoo-11.21-is-out.md

@@ -49,7 +49,6 @@ Harden your Microsoft Azure subscriptions with expanded checks in the CIS Azure
 - Fix false positive CVEs in packages on Red Hat Enterprise Linux and UBI container images.
 - Fix MRNs displaying in top security findings list instead of names.
 - Provide a helpful error message if the cnquery/cnspec GCP provider fails to authenticate with Google Cloud.
-- Improve handling of SMBIOS data on Windows to prevent errors displaying in the asset overview.
 - Fix mapping of checks to compliance frameworks when a policy includes variants.
 - Update integration setup flow to mention both recommended query packs and policies.
 - Show an unknown risk score when no risk is known for a CVE or advisory.

releases/2024-09-17-mondoo-11.22-is-out.md

@@ -0,0 +1,63 @@
+---
+slug: mondoo-11.22-is-out/
+title: Mondoo 11.22 is out!
+description: Announcing the 11.22 release of Mondoo with the new case overview, Zendesk ticketing support, a Microsoft Entra ID security policy, and more!
+authors: [tim, chip]
+image: /img/releases/2024-09-17-mondoo-11.22-is-out/case_jira.pn
+tags: [release, mondoo]
+---
+
+## 🥳 Mondoo 11.22 is out! This release includes the new case overview, Zendesk ticket support, a Microsoft Entra ID security policy, and more!
+
+Get this release: [Installation Docs](https://mondoo.com/docs/cnspec/) | [Package Downloads](https://releases.mondoo.com/cnspec/) | [Docker Container](https://hub.docker.com/r/mondoo/cnspec)
+
+---
+
+## 🎉 NEW FEATURES
+
+### Cases and ticket system integrations!
+
+![Case Overview](/img/releases/2024-09-17-mondoo-11.22-is-out/case_overview.png)
+
+Mondoo users can now group security findings into cases and assign those cases to external ticket systems for efficient tracking and resolution. Cases ship today with out-of-the-box support for Jira and Zendesk, with more to come.
+
+![Case Create Modal](/img/releases/2024-09-17-mondoo-11.22-is-out/case_create.png)
+
+Key highlights:
+
+- Group findings into cases for better organization and management.
+- Delegate cases to external teams using your existing ticketing systems.
+- Automatically update issues as your team remediates findings, ensuring real-time progress tracking.
+- Auto-close cases and corresponding tickets when all findings within a case are resolved.
+
+![A Jira ticket created by Mondoo](/img/releases/2024-09-17-mondoo-11.22-is-out/case_jira.png)
+
+This feature enhances collaboration and simplifies the remediation process, helping teams stay focused on securing your environment.
+
+### Microsoft Entra ID policy
+
+Secure your Microsoft Entra ID (previously Active Directory) with our new Mondoo Microsoft Entra ID Security policy. This policy includes essential checks to keep your directory data secure.
+
+## 🧹 IMPROVEMENTS
+
+### New checks in the CIS Azure Foundations benchmark policy
+
+Harden your Microsoft Azure subscriptions with expanded checks in the CIS Azure Foundations Benchmark policy. This policy now ensures that Azure Key Vault rotation is configured and AppService HTTP logs are enabled.
+
+## 🐛 BUG FIXES AND UPDATES
+
+- Improve rendering of complex remediation text in CIS policies.
+- Fix the alignment of the Start Scanning and Browse Integration buttons in new spaces.
+- Improve handling of SMBIOS data on Windows to prevent errors displaying in the asset overview.
+- Fix failures to scan more than 100 S3 buckets at a time.
+- Resolve an AWS serverless integration error shown in the console integration details page.
+- Improve the rendering of some CVE descriptions.
+- Update AWS policies to use the latest RDS MQL resources.
+- Install cnspec from install.mondoo.com instead of mondoo.com during Azure VM scans.
+- Fix false negatives when checking bootloader config on Linux distributions based on RHEL 9.
+- Skip GDM and firewalld checks when those packages aren't installed on Linux distributions based on RHEL 9.
+- Fix policy pages in the registry to display all checks when policies include duplicate check names.
+- Don't include asset, policies, or checks counts in ticket system integration pages.
+- Improve consistency of letter score calculations.
+- Add EOL detection support for FreeBSD 13.4.
+- Fix auto-closing of Jira tickets when all Mondoo assets have been deleted.