This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+10 more
Summary
AI summaryAdded 27 audit categories with compliance mapping for CIS, PCI-DSS, and HIPAA.
Full changelog
Audit Pro — 27 Categories, 406+ Checks, Compliance Mapping
Added
- 27 audit categories (was 9) with 406+ security checks (was 46) — Lynis-parity coverage
- Compliance mapping — CIS Ubuntu L1/L2 (290), PCI-DSS v4.0 (89), HIPAA §164.312 (41)
audit --list-checks— Static catalog of all checks with severity and compliance refsaudit --profile— Filter by compliance profile (cis-level1, cis-level2, pci-dss, hipaa)audit --compliance— Framework-grouped compliance report- VPS detection — Auto-detect virtualization type with irrelevant check skipping
- Interactive menu — Audit + notify sub-menus updated with v1.10 options
Changed
- Weighted category scoring, semantic check IDs, snapshot schema v2
- Terminal formatter with category grouping, VPS banner, stats header
- Provider-specific boot timeout (Vultr 135s, Linode 120s)
- 3,992 tests across 178 suites (+659 new)
Fixed
- Pre-release audit cleanup, Vultr/Linode provision timeout
Full Changelog: https://github.com/kastelldev/kastell/compare/v1.9.1...v1.10.0
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About kastelldev/kastell
Server security auditing and hardening toolkit. 413 security checks across 29 categories (SSH, Firewall, Docker, TLS, HTTP Headers), CIS/PCI-DSS/HIPAA compliance mapping, 19-step production hardening, fleet management, and forensic evidence collection. Supports Hetzner, DigitalOcean, Vultr, and Linode. 13 MCP tools.
Related context
Related tools
Beta — feedback welcome: [email protected]