prowler v3.3 releases: AWS security assessment, auditing and hardening
Prowler: AWS Security Tool
Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness Tool.
It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others.
Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 – 05-23-2018
Features
+200 checks covering security best practices across all AWS regions and most of AWS services and related to the next groups:
- Identity and Access Management [group1]
- Logging [group2]
- Monitoring [group3]
- Networking [group4]
- CIS Level 1 [cislevel1]
- CIS Level 2 [cislevel2]
- Extras see Extras section [extras]
- Forensics related group of checks [forensics-ready]
- GDPR [gdpr] Read more here
- HIPAA [hipaa] Read more here
- Trust Boundaries [trustboundaries] Read more here
- Secrets
- Internet exposed resources
- EKS-CIS
- Also includes PCI-DSS, ISO-27001, FFIEC, SOC2, ENS (Esquema Nacional de Seguridad of Spain).
- AWS FTR [FTR] Read more here
With Prowler you can:
- Get a direct colorful or monochrome report
- A HTML, CSV, JUNIT, JSON or JSON ASFF format report
- Send findings directly to Security Hub
- Run specific checks and groups or create your own
- Check multiple AWS accounts in parallel or sequentially
- And more! Read examples below
Changelog v3.3
New features to highlight in this version:
🏷️ Resource Tags everywhere:
⚖️ Compliance everywhere:
- Now all findings in outputs like HTML, CSV and JSON contains any security framework related to the finding.
🛡️ Security Hub integration with compliance from Prowler:
- All findings sent to Security Hub include their compliance information and all frameworks that they belongs to. This allow user to filter by Compliance Associated Standards ID and others and take advantage of all new supported frameworks in Prowler:
📊 New inventory output include regions:
- When running Prowler Quick Inventory (
prowler -i
) the output is as nice as this one:
✅ 3 new checks:
- s3_bucket_level_public_access_block
- rds_instance_transport_encrypted – this is valid so far only for Postgresql and MS SQL Server
- cloudwatch_log_group_no_secrets_in_logs
- More…
Screenshot
- Sample screenshot of report first lines:
- Sample screenshot of a single check for check 3.3:
Install & Use
Copyright 2018 Netflix, Inc.
Source: https://github.com/Alfresco/