Scanner updated to Prowler 3.11.0 with new features

New features to highlight in this version:

🏷️ STS V2 Tokens (this will be in the SaaS immediately, so more regions may appear with findings)

Now Prowler will call Regional AWS STS endpoints to get session tokens valid in all AWS Regions.

✅ New 9 checks for AWS! (this will be in the SaaS immediately, so more findings may appear)

New Account check account_maintain_different_contact_details_to_security_billing_and_operations
New CloudTrail check cloudtrail_multi_region_enabled_logging_management_events
New EC2 DataLifecycle Manager service and check dlm_ebs_snapshot_lifecycle_policy_exists
New EC2 EBS check ec2_ebs_volume_snapshots_exists
New DocumentDB service and check documentdb_instance_storage_encrypted
New Support check trustedadvisor_premium_support_plan_subscribed
New Neptune service and check neptune_uses_a_public_subnet
New Elasticache service and check elasticache_using_public_subnets
New IAM check iam_use_temporary_credentials

🔎 Ignore Findings from services not in actual use (this will be a roll out in the SaaS over the next weeks)

Prowler now allows you to ignore unused services findings, so you can reduce the number of findings in Prowler’s reports.
prowler <provider> --ignore-unused-services

See more in https://docs.prowler.cloud/en/latest/tutorials/ignore-unused-services/

⚙️ New AWS Allowlist including AWS Control Tower resources (this will be nn the SaaS as a UI feature in a month)

New allowlist file that ensures that applies to all resources created by AWS Control Tower when setting up a landing zone:
prowler aws --allowlist prowler/config/aws_allowlist.yaml

See more in https://docs.prowler.cloud/en/latest/tutorials/allowlist/#default-aws-allowlist

More details here https://github.com/prowler-cloud/prowler/releases/tag/3.11.0