prowler v3.3 releases: AWS security assessment, auditing and hardening

Prowler: AWS Security Tool

Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness Tool.

It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others.

Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 – 05-23-2018

Features

+200 checks covering security best practices across all AWS regions and most of AWS services and related to the next groups:

• Identity and Access Management [group1]
• Logging [group2]
• Monitoring [group3]
• Networking [group4]
• CIS Level 1 [cislevel1]
• CIS Level 2 [cislevel2]
• Extras see Extras section [extras]
• Forensics related group of checks [forensics-ready]
• GDPR [gdpr] Read more here
• HIPAA [hipaa] Read more here
• Trust Boundaries [trustboundaries] Read more here
• Secrets
• Internet exposed resources
• EKS-CIS
• Also includes PCI-DSS, ISO-27001, FFIEC, SOC2, ENS (Esquema Nacional de Seguridad of Spain).
• AWS FTR [FTR] Read more here

With Prowler you can:

• Get a direct colorful or monochrome report
• A HTML, CSV, JUNIT, JSON or JSON ASFF format report
• Send findings directly to Security Hub
• Run specific checks and groups or create your own
• Check multiple AWS accounts in parallel or sequentially
• And more! Read examples below

Changelog v3.3

New features to highlight in this version:

🏷️ Resource Tags everywhere:

• Now all findings outputs like HTML, CSV and JSON for AWS provider contains every resource tags.
  

⚖️ Compliance everywhere:

• Now all findings in outputs like HTML, CSV and JSON contains any security framework related to the finding.
  

🛡️ Security Hub integration with compliance from Prowler:

• All findings sent to Security Hub include their compliance information and all frameworks that they belongs to. This allow user to filter by Compliance Associated Standards ID and others and take advantage of all new supported frameworks in Prowler:
  

📊 New inventory output include regions:

• When running Prowler Quick Inventory (prowler -i) the output is as nice as this one:

✅ 3 new checks:

• s3_bucket_level_public_access_block
• rds_instance_transport_encrypted – this is valid so far only for Postgresql and MS SQL Server
• cloudwatch_log_group_no_secrets_in_logs
• More…

Screenshot

• Sample screenshot of report first lines:

• Sample screenshot of a single check for check 3.3:

Install & Use

Copyright 2018 Netflix, Inc.

Source: https://github.com/Alfresco/