Workflow

Prowler

Latest version: v4.2.4

Safety actively analyzes 641221 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 26

7.195

Other changes:
* CloudTrail checks check21, check22, check23, check24, check26, check27 now include shadow trails in the results (those trails used for multi-region and AWS organizations)
* New group called `cisig2` for CIS Critical Security Controls v8 by artfulbodger
* We have deprecated Discord and now we only use Slack, join us [here](https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog)!

New features:

* feat(checks): Adding commands for checks 117 and 118 by belialboy in https://github.com/prowler-cloud/prowler/pull/1289
* feat(extra780): Check for Cognito or SAML authentication on OpenSearch by kagahd in https://github.com/prowler-cloud/prowler/pull/1291
* feat(extra7195): Added check for dependency confusion in codeartifact by congon4tor in https://github.com/prowler-cloud/prowler/pull/1329
* feat(group): CIS Critical Security Controls v8 by artfulbodger in https://github.com/prowler-cloud/prowler/pull/1347
* feat(audit_id): add optional audit_id field to postgres connector by sergargar in https://github.com/prowler-cloud/prowler/pull/1362
* feat(db-connector): Include UUID for findings ID by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1368
* feat(slack): add Slack badge to README instead of deprecated Discord by sergargar in https://github.com/prowler-cloud/prowler/pull/1401
* feat(extra7111): Exception handling by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1408
* feat(stable tag): Inclusion of stable tag point to last release by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1419
* docs(spelling): Typo corrections by olivier987654 in https://github.com/prowler-cloud/prowler/pull/1394

Enhancements:

* chore(issues): Link Q&A by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1305
* docs(outputs): added CVS and JSON details by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1313
* docs(dockerfile): Dockerfile build instructions by walkerab in https://github.com/prowler-cloud/prowler/pull/1370
* chore(actions): Bump Trufflehog to v3.13.0 by gliptak in https://github.com/prowler-cloud/prowler/pull/1382
* delete(shortcut.sh): Remove ScoutSuite by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1388
* fix(checks): CloudTrail checks 2.X now include shadow trails in the results (those trails used for multi-region and AWS organizations)

Fixes:
* fix(check12): Improve remediation by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1281
* fix(extra712): changed Macie service detection by williambrady in https://github.com/prowler-cloud/prowler/pull/1286
* fix(permissions): Include missing appstream:DescribeFleets permission by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1278
* fix(appstream): Handle timeout errors by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1296
* fix(security-groups): Include TCP as the IpProtocol by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1323
* fix(credential_report): Do not generate for 117 and 118 by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1322
* fix(inventory): Variable assigning syntax in inventory mode by JArmandoG in https://github.com/prowler-cloud/prowler/pull/1283
* fix(check120): correct AWS support policy name by JArmandoG in https://github.com/prowler-cloud/prowler/pull/1328
* fix(postgresql): Connector field by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1372
* fix(postgresql): Missing space by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1374
* fix(checks): Include missing output in checks by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1380
* fix(checks): Handle checks not returning result by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1383
* fix(inventory): quick inventory input fixed by sergargar in https://github.com/prowler-cloud/prowler/pull/1397
* fix(check_extra77): Add missing check_resource_id to the report by kagahd in https://github.com/prowler-cloud/prowler/pull/1402
* fix(missing permissions): add missing permissions of checks by sergargar in https://github.com/prowler-cloud/prowler/pull/1403
* fix(region_bugs): Remove duplicate outputs by sergargar in https://github.com/prowler-cloud/prowler/pull/1390
* fix(extra740): remove additional info and fix max_items by sergargar in https://github.com/prowler-cloud/prowler/pull/1405
* fix(extra77): Deleted resource id from exception results by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1409
* fix(extra7183): Exception handling error UnsupportedOperationException by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1410
* fix(extra7184): Error handling GetSnapshotLimits api call by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1411

New Contributors:

* williambrady made their first contribution in https://github.com/prowler-cloud/prowler/pull/1286
* belialboy made their first contribution in https://github.com/prowler-cloud/prowler/pull/1289
* kagahd made their first contribution in https://github.com/prowler-cloud/prowler/pull/1291
* JArmandoG made their first contribution in https://github.com/prowler-cloud/prowler/pull/1283
* congon4tor made their first contribution in https://github.com/prowler-cloud/prowler/pull/1329
* artfulbodger made their first contribution in https://github.com/prowler-cloud/prowler/pull/1347
* walkerab made their first contribution in https://github.com/prowler-cloud/prowler/pull/1370
* olivier987654 made their first contribution in https://github.com/prowler-cloud/prowler/pull/1394

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/2.11.0...2.12.0

7.194

- New **beta** feature called Prowler Quick Inventory, run `./prowler -i` and tell us how it works for you. More information here: https://github.com/prowler-cloud/prowler#inventory
![Screenshot 2022-07-21 at 11 10 14](https://user-images.githubusercontent.com/3985464/180176714-e4d62c5b-3e05-4e65-b689-02147b271c3c.png)
![Screenshot 2022-07-21 at 11 10 23](https://user-images.githubusercontent.com/3985464/180176735-fbae605d-017a-4cf9-802f-89a8dcb3da01.png)

- Look at the new IAM check `extra7185` that will help you find IAM customer managed policies that may lead into privilege escalation.
- Now you can send findings directly to a PostgreSQL DB. More here https://github.com/prowler-cloud/prowler#database-providers-connector.
- We have refactored the whole core to improve how everything is put together, that is helping us to write the new v3 in python.

New features:
* feat(check) Directory Service by lemelop in https://github.com/prowler-cloud/prowler/pull/1164
* feat(check): PublicAccessBlockConfiguration by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1167
* feat(check): Amazon WorkSpaces storage volumes are encrypted by rajarshidas in https://github.com/prowler-cloud/prowler/pull/1166
* feat(inventory): Prowler quick inventory including IAM resources by toniblyx in https://github.com/prowler-cloud/prowler/pull/1258
* feat(ecr_lifecycle): Check Lifecycle policy by massyn in https://github.com/prowler-cloud/prowler/pull/1260
* feat(checks): New IAM privilege escalation check by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1168
* feat(codebuild_timeout): Increase codebuild timeout to maximum. by sergargar in https://github.com/prowler-cloud/prowler/pull/1192
* feat(db) Create a PostgreSQL connector for Prowler by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1171
* feat(checks): Amazon AppStream checks by rajarshidas in https://github.com/prowler-cloud/prowler/pull/1216
* feat(check): Ensure default internet access from Amazon AppStream fleet should be disabled. by rajarshidas in https://github.com/prowler-cloud/prowler/pull/1233
* feat(dockerfile): Include psql client in the Prowler scanner image by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1238
* feat(db-connector): Support environment variables by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1236
* feat(inventory): Prowler quick inventory by toniblyx in https://github.com/prowler-cloud/prowler/pull/1245

Enhancements:
* feat(output): Consolidate prowler output functions by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1180
* refactor(Prowler): Main logic refactor by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1189
* feat(extra7185): Update severity of check extra7185 by sergargar in https://github.com/prowler-cloud/prowler/pull/1178
* feat(actions): Trigger by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1209
* feat(check): Directory Service - Ensure Radius server is using the recommended security protocol by rajarshidas in https://github.com/prowler-cloud/prowler/pull/1203
* docs(readme): Update inventory and checks by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1257
* feat(check7164): 365 days or more in a Cloudwatch log retention should be consider PASS by bcarranza in https://github.com/prowler-cloud/prowler/pull/1240

Fixes:
* fix(extra767): Remove false positive for check_extra767 by zsecducna in https://github.com/prowler-cloud/prowler/pull/1198
* fix(update_deprecate_runtimes): Deprecated runtimes for lambda were updated. by sergargar in https://github.com/prowler-cloud/prowler/pull/1170
* fix(runtimes_extra762): Detect nodejs versions correctly. by sergargar in https://github.com/prowler-cloud/prowler/pull/1177
* fix(SQS_encryption_type): Add SQS encryption types to extra728. by sergargar in https://github.com/prowler-cloud/prowler/pull/1175
* fix(typo): Max session duration error message by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1179
* fix(apigateway_iam): Error handling and permissions for extra745. by sergargar in https://github.com/prowler-cloud/prowler/pull/1176
* fix(assume_role): Use date instead of jq by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1181
* fix(check119_remediation): Update check remediation text. by sergargar in https://github.com/prowler-cloud/prowler/pull/1185
* fix(codebuild_update): AWS CLI and permissions update. by sergargar in https://github.com/prowler-cloud/prowler/pull/1183
* fix(extra7187): Remove commas from the metadata by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1187
* fix(outputs): Replace each comma occurrence before sending to csv file by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1188
* fix(shellcheck): Main variables by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1194
* fix(session_duration): Use jq with TZ=UTC by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1195
* fix(instance-metadata): Credentials recovering by sergargar in https://github.com/prowler-cloud/prowler/pull/1207
* fix(actions): Dockerfile path by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1208
* fix(junit_xml output): Fix xml output integration. by sergargar in https://github.com/prowler-cloud/prowler/pull/1210
* fix(instance metadata): missing raw flag in jq parser by n4ch04 in https://github.com/prowler-cloud/prowler/pull/1214
* fix(shub_fails): Treat failed findings as failed in SHub. by sergargar in https://github.com/prowler-cloud/prowler/pull/1219
* fix(extra7162): Query AWS log groups using LOG_GROUP_RETENTION_PERIOD_DAYS by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1232
* fix(backupInitialAWSCredentials): Do nothing if no initial creds by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1239
* fix(postgres): Fix postgres connector issues. by sergargar in https://github.com/prowler-cloud/prowler/pull/1244
* fix(add-checks-regions): Missing regions in checks by sergargar in https://github.com/prowler-cloud/prowler/pull/1247
* fix(Dockerfile): Prowler path by jfagoagas in https://github.com/prowler-cloud/prowler/pull/1254
* fix(apigatewayv2): handle BadRequestException by sergargar in https://github.com/prowler-cloud/prowler/pull/1261
* fix(codebuild): expired token error by sergargar in https://github.com/prowler-cloud/prowler/pull/1262
* fix(extra7173): Correct check and alternative name by vigah in https://github.com/prowler-cloud/prowler/pull/1270
* docs(readme): Fix spelling by r8bhavneet in https://github.com/prowler-cloud/prowler/pull/1271
* docs(readme): Fix spelling errors by andsiu https://github.com/prowler-cloud/prowler/pull/1274
* fix(ci): Remove `yum check-update` by jfagoagas https://github.com/prowler-cloud/prowler/pull/1275

New Contributors
* lemelop made their first contribution in https://github.com/prowler-cloud/prowler/pull/1164
* rajarshidas made their first contribution in https://github.com/prowler-cloud/prowler/pull/1166
* zsecducna made their first contribution in https://github.com/prowler-cloud/prowler/pull/1198
* bcarranza made their first contribution in https://github.com/prowler-cloud/prowler/pull/1240
* massyn made their first contribution in https://github.com/prowler-cloud/prowler/pull/1260
* vigah made their first contribution in https://github.com/prowler-cloud/prowler/pull/1270
* r8bhavneet made their first contribution in https://github.com/prowler-cloud/prowler/pull/1271

**Full Changelog**: https://github.com/prowler-cloud/prowler/compare/2.10.0...2.11.0

7.193

7.192

7.191

7.190

Page 1 of 26

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.