Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
APACHE-2.0 License
Bot releases are hidden (Show)
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.12...3.16.13
Published by sergargar 3 months ago
entra_user_with_vm_access_has_mfa
metadata (#4454)Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.11...3.16.12
Published by sergargar 4 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.10...3.16.11
Published by sergargar 4 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.9...3.16.10
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.2.3...4.2.4
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.2.2...4.2.3
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.8...3.16.9
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.2.1...4.2.2
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.7...3.16.8
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.6...3.16.7
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.5...3.16.6
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.2.0...4.2.1
Published by sergargar 5 months ago
The blind men shout,
"Let the creatures out! We'll show the unbelievers"
Here we have Prowler 4.2.0 - 2 Minutes to Midnight π bringing a new look for Prowler with this Iron Maiden song.
π₯³ New Prowler logo
This version comes with a new look of Prowler thanks to the new logo:
πͺπΌ 55 New AWS checks
Prowler is improving its AWS coverage by including 55 new checks for Kafka, Lightsail, Storage Gateway, DynamoDB, Cognito, EC2, EventBridge, SNS and RDS.
Special thanks to our external contributors @madereddy, @rieck-srlabs and @Davidm4r for doing new checks π
See all the new available checks with prowler aws --list-checks
π HTML output is back!
We have listened you and as our community is always first, we brought our HTML back π
Get it again with prowler <provider> -M/--output-formats html
βοΈ Custom Checks Metadata
Now you can override the all the metadata fields from a check using the --custom-checks-metadata-file custom_checks_metadata.yaml
flag.
See more in https://docs.prowler.cloud/en/latest/tutorials/custom-checks-metadata/
π§ Other issues and bug fixes solved for all the cloud providers
dynamodb_table_cross_account_access
check by @sergargar in https://github.com/prowler-cloud/prowler/pull/3932
--kubeconfig-file
by @pedrooot in https://github.com/prowler-cloud/prowler/pull/3980
if
by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3733
aws_mutelist.yaml
by @emmanuel-ferdman in https://github.com/prowler-cloud/prowler/pull/3927
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.1.0...4.2.0
Published by sergargar 5 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.4...3.16.5
Published by sergargar 6 months ago
chore(v3): backport latest v4 changes by @sergargar in https://github.com/prowler-cloud/prowler/pull/3916
chore(backport): Add latest changes by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3960
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.3...3.16.4
Published by sergargar 6 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.2...3.16.3
Published by jfagoagas 6 months ago
There goes the siren that warns of the air raid
There comes the sound of the guns sending flak
Out for the scramble we've got to get airborne
Got to get up for the coming attack
Here we have Prowler 4.1.0 Aces High π ready to help you improve your Cloud security with this Iron Maiden song.
ποΈ GCP flags to list, exclude/include Project IDs
--project-ids
flag allows you to use *
, as a prefix or suffix, to include the project ids you want to scan.--list-project-ids
allows you to copy and paste values and know the accessible projects to be scanned with the provided crendentials.--excluded-project-ids
flag allows you to exclude the projects to be scanned and it also accepts *
.π¨ 13 new fixers (remediations) for AWS
prowler aws --list-fixers
then go per check to remediate the failed findings by prowler aws --check guardduty_is_enabled --fixer
.fixer_config.yaml
file present in the prowler/config
folder. You can read more about the fixer and how to configure it here
π New fields for the OCSF Detection Finding
check_id
, compliance
and all the Prowler check's metadata within the OCSF Detection Finding that Prowler generates in the .ocsf.json
output file. You can read more about this finding format here.π§ Other issues and bug fixes solved for all the cloud providers
if
by @jfagoagas in https://github.com/prowler-cloud/prowler/pull/3733
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.0.1...4.1.0
Published by jfagoagas 6 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.1...3.16.2
Published by sergargar 6 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/3.16.0...3.16.1
Published by sergargar 6 months ago
Full Changelog: https://github.com/prowler-cloud/prowler/compare/4.0.0...4.0.1