Workflow

Prowler-cloud

Latest version: v4.2.4

Safety actively analyzes 641954 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 25 of 26

1.6

New features:
- New **forensics ready** group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed `prowler -c forensics-ready`
- Added option `-e` to exclude all extra checks (they may make prowler take longer to finish)
- New check `extra78` Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to sidewinder12s
- New check `extra79` Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to sidewinder12s
- New check `extra710` Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to sidewinder12s
- New check `extra711` Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to sidewinder12s
- New check `extra712` Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra713` Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra714` Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra715` Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra716` Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark)
- New check `extra717` Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra718` Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra719` Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)
- New check `extra720` Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark)
- New check `extra721` Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark)
- New check `extra722` Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)

Fixes:
- Typo in extra72 by neonbunny
- check114 by subramani95

Improvements:
- PR 150 Load of authentication credentials
- PR 164 check31 by subramani95
- PR 167 OSTYPE handling to support Alpine docker containers

Documentation:
- Added section https://github.com/Alfresco/prowler#forensics-ready-checks to README
- Added all new extra checks to README

Special thanks to:
sidewinder12s subramani95 neonbunny and SubatomicHero.

1.5

New features:
- More extra checks to find public AMIs, ECR repos and EC2 snapshots
- New flag `-l` to list all available checks
- New Dockerfile to create your own image with prowler

Fixes:
- Issue 133 text fix in check36
- Issue 137 fix in check114
- Issue 136 fix in check113
- Issue 135 fix regarding [[]] statements
- Issue 134 fix in check124
- Issue 131 fix in check312
- Issue 130 fix in check12
- Issue 129 fix in checks section 3

Improvements:
- Refactored title and checks id in the script

Documentation:
- Added section how to add Custom Checks to README
- Added section Third Party Integrations to README

Thanks to st33v wassies tomas-milata sente pbugnion

1.4

- New features
101 Added -n option to show check numbers easier to sort, ie. 1.02 instead of 1.2.
- Improvements
83 better check73 checking bucket permissions (ACL and Policies)
81 Improved extra73 - S3 bucket permissions
84 Improved and error handling for check15 and check111, improved check41
- Fixes
82 Fixed bug in extra73 for buckets in EU (eu-west-1)
86 Fix LICENSE
87 Fix temp file issue
91 Broken sed expression & typos
92 Fix scored output
95 Added --max-items option to extra72
97 Removed printCurrentDate() and added current date to banner
98 Updated infoReferenceLong() text and moved the function call
99 Remove bit.ly reference
100 Removed printCurrentDate reference
103 Fix check14 if users contain same strings as table tittle

Thanks MrSecure neonbunny hemedga jphuynh steverigby for your help and suggestions.

1.3

- Fixes regarding SNS checks and some other small fixes
- Added CIS profile definitions (profile1 and profile2 as stated in their documentation)
- Added extra checks (extra71, extra72 and extra73 to check admins w/o MFA, Search Publicly shared EBS Snapshots and S3 buckets open to the internet)
- Improved documentation

1.2

57
58
59
60
61
62

1.1.1

Page 25 of 26

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.