Share
Sign up for Prowler Updates
New checks and engine updated to v3.4
ProwlerPro is now using Prowler Open Source as scanner engine v3.4 and new checks are added.
New services covered like Organizations best practices, SSM Incidents, Resource Explorer, Backup, additional checks for CloudTrail, ECR scan on push check updated, GuardDuty, VPC best practices, IAM. Now iam_policy_no_administrative_privileges has been renamed to iam_customer_unattached_policy_no_administrative_privileges and the following new important IAM checks:
- iam_aws_attached_policy_no_administrative_privileges: Ensure IAM AWS-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
- iam_customer_attached_policy_no_administrative_privileges: Ensure IAM Customer-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
- iam_customer_unattached_policy_no_administrative_privileges: Ensure IAM policies that allow full “:” administrative privileges are not created – iam [low]
Recent Articles
Announcing a New Partnership with InstaSecure
At Prowler, we’ve always believed that visibility is just the beginning. Seeing your cloud risks—clearly, quickly, and comprehensively—is foundational. But in today’s complex environments, it’s not enough. Security teams don’t...
Google Bought Wiz for $32B. Let’s Talk About What That Means
$32 billion is a lot of money. It’s enough to get everyone’s attention — especially if you're in the business of securing cloud infrastructure. With Google acquiring Wiz for one...
Open Cloud Security Is Here—And It’s Just the Beginning
--- This is a reposting from OpenCloudSecurity.org --- Tuesday something pretty remarkable happened: hundreds of security engineers, cloud architects, and open source builders came together for the first-ever Open Cloud...