Prowler is an Open Source security tool to perform AWS, GCP and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security Pillar, AWS Foundational Technical Review (FTR), ENS (Spanish National Security Scheme) and your custom security frameworks.

These details have not been verified by PyPI

Project links

Project description

Prowler SaaS and Prowler Open Source are as dynamic and adaptable as the environment they’re meant to protect. Trusted by the leaders in security.

Learn more at prowler.com

Join our Prowler community!

Description

Prowler is an Open Source security tool to perform AWS, Azure, Google Cloud and Kubernetes security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness, and also remediations! We have Prowler CLI (Command Line Interface) that we call Prowler Open Source and a service on top of it that we call Prowler SaaS.

Prowler CLI

prowler <provider>

Prowler CLI Execution

Prowler Dashboard

prowler dashboard

Prowler Dashboard

It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security Pillar, AWS Foundational Technical Review (FTR), ENS (Spanish National Security Scheme) and your custom security frameworks.

Provider	Checks	Services	Compliance Frameworks	Categories
AWS	553	77 -> `prowler aws --list-services`	30 -> `prowler aws --list-compliance`	9 -> `prowler aws --list-categories`
GCP	77	13 -> `prowler gcp --list-services`	2 -> `prowler gcp --list-compliance`	2 -> `prowler gcp --list-categories`
Azure	138	17 -> `prowler azure --list-services`	3 -> `prowler azure --list-compliance`	2 -> `prowler azure --list-categories`
Kubernetes	83	7 -> `prowler kubernetes --list-services`	1 -> `prowler kubernetes --list-compliance`	7 -> `prowler kubernetes --list-categories`

💻 Installation

Pip package

Prowler is available as a project in PyPI, thus can be installed using pip with Python >= 3.9, < 3.13:

pip install prowler
prowler -v

More details at https://docs.prowler.com

Containers

The available versions of Prowler are the following:

latest: in sync with master branch (bear in mind that it is not a stable version)
v3-latest: in sync with v3 branch (bear in mind that it is not a stable version)
<x.y.z> (release): you can find the releases here, those are stable releases.
stable: this tag always point to the latest release.
v3-stable: this tag always point to the latest release for v3.

The container images are available here:

From GitHub

Python >= 3.9, < 3.13 is required with pip and poetry:

git clone https://github.com/prowler-cloud/prowler
cd prowler
poetry shell
poetry install
python prowler.py -v

If you want to clone Prowler from Windows, use git config core.longpaths true to allow long file paths.

📐✏️ High level architecture

You can run Prowler from your workstation, a Kubernetes Job, a Google Compute Engine, an Azure VM, an EC2 instance, Fargate or any other container, CloudShell and many more.

Architecture

Deprecations from v3

General

Allowlist now is called Mutelist.
The --quiet option has been deprecated, now use the --status flag to select the finding's status you want to get from PASS, FAIL or MANUAL.
All INFO finding's status has changed to MANUAL.
The CSV output format is common for all the providers.

We have deprecated some of our outputs formats:

The native JSON is replaced for the JSON OCSF v1.1.0, common for all the providers.

AWS

Deprecate the AWS flag --sts-endpoint-region since we use AWS STS regional tokens.
To send only FAILS to AWS Security Hub, now use either --send-sh-only-fails or --security-hub --status FAIL.

📖 Documentation

Install, Usage, Tutorials and Developer Guide is at https://docs.prowler.com/

📃 License

Prowler is licensed as Apache License 2.0 as specified in each file. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

4.5.2

Nov 12, 2024

4.5.1

Nov 7, 2024

4.5.0

Nov 5, 2024

4.4.1

Oct 18, 2024

4.4.0

Sep 30, 2024

4.3.7

Sep 23, 2024

4.3.6

Sep 20, 2024

4.3.5

Aug 22, 2024

4.3.4

Aug 22, 2024

4.3.3

Aug 7, 2024

4.3.2

Aug 5, 2024

4.3.1

Aug 1, 2024

4.3.0

Jul 29, 2024

4.2.4

Jun 7, 2024

4.2.3

Jun 6, 2024

4.2.2

Jun 4, 2024

4.2.1

May 29, 2024

4.2.0

May 28, 2024

4.1.0

Apr 19, 2024

4.0.1

Apr 9, 2024

4.0.0

Apr 4, 2024

3.16.17

Sep 20, 2024

3.16.16

Aug 16, 2024

3.16.15

Aug 14, 2024

3.16.14

Jul 26, 2024

3.16.13

Jul 22, 2024

3.16.12

Jul 16, 2024

3.16.11

Jul 4, 2024

3.16.10

Jul 2, 2024

3.16.9

Jun 6, 2024

3.16.8

Jun 3, 2024

3.16.7

Jun 3, 2024

3.16.6

May 30, 2024

3.16.5

May 21, 2024

3.16.4

May 8, 2024

3.16.3

Apr 24, 2024

3.16.2

Apr 15, 2024

3.16.1

Apr 9, 2024

3.16.0

Apr 4, 2024

3.15.3

Mar 22, 2024

3.15.2

Mar 21, 2024

3.15.1

Mar 20, 2024

3.15.0

Mar 14, 2024

3.14.0

Feb 20, 2024

3.13.1 yanked

Feb 20, 2024

Reason this release was yanked:

The CI automation pushed some feature commits to a hotfix branch.

3.13.0

Feb 8, 2024

3.12.1

Jan 12, 2024

3.12.0

Jan 8, 2024

3.11.3

Nov 16, 2023

3.11.2

Nov 14, 2023

3.11.1

Nov 10, 2023

3.11.0

Oct 31, 2023

3.10.0

Oct 11, 2023

3.9.0

Aug 25, 2023

3.8.2

Aug 14, 2023

3.8.1

Aug 10, 2023

3.8.0

Aug 3, 2023

3.7.2

Jul 26, 2023

3.7.1

Jul 12, 2023

3.7.0

Jul 6, 2023

3.6.1

Jun 16, 2023

3.6.0

Jun 13, 2023

3.5.3

May 24, 2023

3.5.2

May 18, 2023

3.5.1

May 16, 2023

3.5.0

May 11, 2023

3.4.1

Apr 25, 2023

3.4.0

Apr 20, 2023

3.3.4

Apr 5, 2023

3.3.3 yanked

Apr 5, 2023

Reason this release was yanked:

Yanked since some code that do not belong to this release was pushed.

3.3.2

Mar 30, 2023

3.3.1 yanked

Mar 30, 2023

Reason this release was yanked:

We release a fix with new features that doesn't belong to this version.

3.3.0

Mar 16, 2023

3.2.4

Feb 27, 2023

3.2.3 yanked

Feb 27, 2023

Reason this release was yanked:

This release is broken due to a FileNotFoundError.

3.2.2

Feb 23, 2023

3.2.1

Feb 21, 2023

3.2.0

Feb 13, 2023

3.1.4

Feb 7, 2023

3.1.3

Feb 3, 2023

3.1.2

Jan 26, 2023

3.1.1

Jan 20, 2023

3.1.0

Jan 17, 2023

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

prowler-4.5.2.tar.gz (1.9 MB view details)

Uploaded Nov 12, 2024 Source

Built Distribution

prowler-4.5.2-py3-none-any.whl (3.6 MB view details)

Uploaded Nov 12, 2024 Python 3

File details

Details for the file prowler-4.5.2.tar.gz.

File metadata

Download URL: prowler-4.5.2.tar.gz
Upload date: Nov 12, 2024
Size: 1.9 MB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.4 CPython/3.10.12 Linux/6.5.0-1025-azure

File hashes

Hashes for prowler-4.5.2.tar.gz
Algorithm	Hash digest
SHA256	`4f2e69765100523bf0e1fa7fcd9d3f6b5621e5b3feb2cc8a3713de807bdb7bd4`
MD5	`64533fb75e5e6daab61f43e5824fcd3a`
BLAKE2b-256	`8c620b238b139abef6021ad704befa1b71311f853d830d9405dca1e4a9f6916d`

See more details on using hashes here.

File details

Details for the file prowler-4.5.2-py3-none-any.whl.

File metadata

Download URL: prowler-4.5.2-py3-none-any.whl
Upload date: Nov 12, 2024
Size: 3.6 MB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.4 CPython/3.10.12 Linux/6.5.0-1025-azure

File hashes

Hashes for prowler-4.5.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`1462660a8fb68303027fe2dcae56aa83e796ecde5df11e2eaa76d51f37b61d2c`
MD5	`f216a98f4eb6c4ffbe9a2635f282ae6f`
BLAKE2b-256	`506fb28bffe4f0fb9d6efbc12c5a6319e790ebdfc985d6bdc94421e31ac829fc`