Mondoo Essentials

Gain hands-on experience with Mondoo, mastering its features, custom policies, and advanced security management.

Beginner

Security

2 days

Next public training	Language	Time & timezone	Sign up
21. May 2025 - 22. May 2025	EN	09:00 (Europe/Berlin)	Get a quote

Available as Private or Public training

Private Training Courses are exclusive groups for your company only. This has the advantage that we can address company-specific topics and questions that are relevant for the entire group.

We offer our courses as Public Courses on fixed dates. Attendees can purchase a seat at these courses. Minimum of 3 participants, mixed from different companies. Scheduled dates will appear at the top of this page

What you will learn in this course

This intensive two-day training course provides a comprehensive introduction to Mondoo, a leading security tool designed to enhance your organization's IT security. Participants will gain hands-on experience in configuring, and utilizing Mondoo to detect vulnerabilities, ensure compliance with standards like NIS2 and ISO 27001, and manage security risks across various environments.

Day 1 covers the fundamentals of Mondoo, including its architecture, initial configuration and core features. Participants will learn how to integrate Mondoo with different systems and platforms, such as cloud services, containers, and other infrastructure. This day will also cover vulnerability scanning, compliance checks, and security monitoring.

Day 2 focuses on advanced topics and practical applications. Participants will explore how to create custom policies, automate security tasks, and generate detailed reports. The course will also cover incident response and remediation techniques, ensuring participants are equipped to handle real-world security challenges.

Through interactive labs, participants will develop the skills needed to effectively leverage Mondoo for robust security management.

Agenda

Introduction to Mondoo

Setup and configuration

Integrating Mondoo with various systems (AWS/Azure, Kubernetes, VMs, Containers etc.)

Vulnerability scanning with cnquery

Compliance checks with MQL

Custom policy creation with cnspec

Automate security tasks and monitoring

Reporting and analytics

Incident response and remediation

audience

This course is designed for

IT security professionals responsible for securing infrastructure and managing security tools
Compliance officers responsible for ensuring organizational compliance with industry standards and regulations (e.g. NIS2, ISO 27001)
Auditors conducting security audits who need to understand the current state of security in an organization
DevOps engineers focused on combining software development and IT operations

prerequisites

To get most out of this course, you should have:

The key to personal training success is a balanced mix of encouragement and challenges - the motivating motto: really learn instead of just taking part.