Announcing Prowler 5.6

Prowler 5.6 is now available! We’ve been working hard behind the scenes to bring this milestone release to our community. In this release, you can bring Microsoft 365 into the same workflow you already use for AWS, Azure, and GCP—no extra tools required. Every check is fully documented, versioned, and published in our public Prowler Hub, so you always know exactly what’s running against your environment.

Under the hood, Prowler Studio’s modular, AI-driven backend lets you define custom checks, automate policies, and extend functionality just like you’d manage any other code repository. Whether you’re exporting targeted compliance reports, tracking scan deltas, or building end-to-end security pipelines, Prowler 5.6 puts everything in your control. Check out the full release on GitHub for details, examples, and migration tips.

🧩 Introducing: Prowler Hub – Your Source for Checks and Compliance Frameworks

Prowler Hub is our growing public library of versioned checks, cloud service artifacts, and compliance frameworks with its mappings. It’s searchable, explainable, and built to serve the community.

Why this matters: Every engineer has asked, “What does this check actually do?” Prowler Hub answers that question in one place, lets you pin to a specific version, and pulls definitions into your own tools or dashboards.

Prowler Hub also provides a fully documented public API that you can integrate into your internal tools, dashboards, or automation workflows.

📚 Explore the API docs at: https://hub.prowler.com/api/docs

Whether you’re customizing policies, managing compliance, or enhancing visibility, Prowler Hub is built to support your security operations.

🤖 Prowler Studio

Security isn’t one-size-fits-all, and neither are your risks. Prowler Studio lets your team define exactly what “secure” means in your environment. Write custom checks, build fixers, and map them to your compliance requirements—visually or through code.

Why this matters: With Studio’s modular architecture and AI code assists, you can treat security rules as first-class code artifacts—versioned, reviewed, and automated alongside your application.

We’re excited to announce major updates to Prowler Studio, including a new package management system using uv and a modular structure with separated sub-packages:

• prowler-studio (includes Core + CLI by default)
• prowler-studio-core
• prowler-studio-cli
• prowler-studio-api
• prowler-studio-mcp-server

This release also introduces seamless integration with AI Code assists via MCP Server and comprehensive improved documentation for each component.

✅ Prowler ThreatScore Compliance Framework

The new Prowler ThreatScore compliance framework is now available for AWS, Azure, and GCP. Built on Prowler ThreatScore, it provides a unified way to assess cloud security posture across providers. ThreatScore evaluates your environment across four critical areas: Identity and Access Management, Attack Surface, Forensic Readiness, and Encryption — helping teams monitor, prioritize, and remediate risks more effectively in multi-cloud environments.

Why this matters: Rather than juggling different frameworks, ThreatScore gives you a single metric and report to prioritize remediation—no matter how many clouds you manage.

Try it out for your favourite provider with prowler <provider> --compliance prowler_threatscore_<provider>

📖 Compliance Exports

You can now download individual compliance frameworks directly from the Compliance page in the Prowler App, making it easier to share specific audit results with internal teams or external auditors.

Why this matters: Share exactly what your auditor or stakeholder needs without manual slicing and dicing. Previous scans won’t include frameworks; exports start with 5.6.

In addition, the overall scan report now bundles all supported compliance frameworks, giving you a complete view of your organization’s posture in a single export.

This feature is available starting with this release; previous scans will not include Compliance Frameworks.

❗ Delta indicator for findings

We’ve introduced a delta dot (•) next to findings that are new or have changed since the previous scan. This makes it easier for security teams to focus on what’s new, track changes over time, and prioritize triage and remediation efforts more efficiently.

Why this matters: Instantly spot drift and focus remediation efforts on what’s changed—no manual diffing required.

📄 SOC2 for Azure

You can now assess your Azure environment against the SOC2 framework. This brings Azure in line with our existing SOC2 support for AWS and GCP, expanding your ability to meet compliance requirements across cloud platforms.

Why this matters: Meet a critical audit requirement across all three major cloud providers with a consistent workflow.

Try it out now with prowler azure --compliance soc2_azure

☁️ Microsoft 365 (M365) support in Prowler App

You can now onboard and assess Microsoft 365 environments, both in Prowler App and CLI.

Why this matters: Extend your cloud security posture to cover collaboration tools and identity services in Microsoft 365 without adopting separate tools.

This release includes 33 new checks for Teams, Defender, Purview and Exchange — helping security teams strengthen identity governance and reduce risk exposure across Microsoft 365.

Check the new M365 checks with prowler m365 --services teams defender purview exchange --list-checks

🛡️ New Google Cloud Platform check – Unused Service Accounts

A new check has been added to detect unused service accounts in Google Cloud Platform (GCP). This helps identify dormant identities that may pose a risk if left unmanaged, enabling security teams to reduce attack surface by pruning unnecessary access credentials.

Why this matters: Dormant credentials are high-risk. This check helps you prune unnecessary identities and reduce your attack surface.

Try it out now with prowler gcp --check iam_service_account_unused

We know how messy real-world environments can get, and in 5.6 we’ve focused on making day-to-day security work smoother. You can now treat Microsoft 365 scans just like your other clouds, dig into checks in our public Hub, and build custom rules in Studio without jumping through hoops. With on-demand exports, change indicators, unified ThreatScore, SOC 2 for Azure, and new GCP hygiene checks, Prowler 5.6 helps you spend less time wrangling tools and more time fixing issues.

Let us know what you think – start your free trial of Prowler Cloud, and as always find us on our community Slack!