Releases: prowler-cloud/prowler
Releases · prowler-cloud/prowler
Prowler 1.6
New features:
- New forensics ready group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed
prowler -c forensics-ready
- Added option
-e
to exclude all extra checks (they may make prowler take longer to finish) - New check
extra78
Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra79
Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra710
Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra711
Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra712
Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra713
Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra714
Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra715
Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra716
Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark) - New check
extra717
Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra718
Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra719
Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark) - New check
extra720
Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark) - New check
extra721
Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra722
Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)
Fixes:
- Typo in extra72 by @neonbunny
- check114 by @subramani95
Improvements:
- PR #150 Load of authentication credentials
- PR #164 check31 by @subramani95
- PR #167 OSTYPE handling to support Alpine docker containers
Documentation:
- Added section https://github.com/Alfresco/prowler#forensics-ready-checks to README
- Added all new extra checks to README
Special thanks to:
Prowler 1.5
New features:
- More extra checks to find public AMIs, ECR repos and EC2 snapshots
- New flag
-l
to list all available checks - New Dockerfile to create your own image with prowler
Fixes:
- Issue #133 text fix in check36
- Issue #137 fix in check114
- Issue #136 fix in check113
- Issue #135 fix regarding [[]] statements
- Issue #134 fix in check124
- Issue #131 fix in check312
- Issue #130 fix in check12
- Issue #129 fix in checks section 3
Improvements:
- Refactored title and checks id in the script
Documentation:
- Added section how to add Custom Checks to README
- Added section Third Party Integrations to README
Prowler 1.4
- New features
#101 Added -n option to show check numbers easier to sort, ie. 1.02 instead of 1.2. - Improvements
#83 better check73 checking bucket permissions (ACL and Policies)
#81 Improved extra73 - S3 bucket permissions
#84 Improved and error handling for check15 and check111, improved check41 - Fixes
#82 Fixed bug in extra73 for buckets in EU (eu-west-1)
#86 Fix LICENSE
#87 Fix temp file issue
#91 Broken sed expression & typos
#92 Fix scored output
#95 Added --max-items option to extra72
#97 Removed printCurrentDate() and added current date to banner
#98 Updated infoReferenceLong() text and moved the function call
#99 Remove bit.ly reference
#100 Removed printCurrentDate reference
#103 Fix check14 if users contain same strings as table tittle
Thanks @MrSecure @neonbunny @hemedga @jphuynh @steverigby for your help and suggestions.
Prowler 1.3
- Fixes regarding SNS checks and some other small fixes
- Added CIS profile definitions (profile1 and profile2 as stated in their documentation)
- Added extra checks (extra71, extra72 and extra73 to check admins w/o MFA, Search Publicly shared EBS Snapshots and S3 buckets open to the internet)
- Improved documentation
Prowler 1.2
Prowler 1.1.1
Merge pull request #55 from MrSecure/spelling fix spelling error in CSV output
Prowler 1.1
Added csv output option (-M) and code clean up thanks to @MrSecure
Prowler 1.0
Initial version to keep track of changes from now on.