Skip to content

Prowler 1.6
Compare
Choose a tag to compare
@toniblyx toniblyx released this 21 Feb 14:55
· 3906 commits to master since this release
1.6
111615b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New features:

  • New forensics ready group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed prowler -c forensics-ready
  • Added option -e to exclude all extra checks (they may make prowler take longer to finish)
  • New check extra78 Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra79 Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra710 Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra711 Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra712 Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra713 Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra714 Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra715 Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra716 Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark)
  • New check extra717 Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra718 Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra719 Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)
  • New check extra720 Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark)
  • New check extra721 Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra722 Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)

Fixes:

Improvements:

  • PR #150 Load of authentication credentials
  • PR #164 check31 by @subramani95
  • PR #167 OSTYPE handling to support Alpine docker containers

Documentation:

Special thanks to:

@sidewinder12s @subramani95 @neonbunny and @SubatomicHero.

Assets 2
Loading