Prowler
Screenshot at

Sign up for Prowler Updates

Please enable JavaScript in your browser to complete this form.
Laura Franzese headshot
Laura Franzese // April 24, 2025

Prowler Wins DefectDojo’s Best Infrastructure Security Tool for Open-Source Cybersecurity

We’re honored to share that Prowler has been named as one of the Best Infrastructure Security Tools in the inaugural DefectDojo Open-Source Security Awards.

This recognition means a lot—not just because of what it says about the work we’ve done, but because of who it’s coming from. Their platform powers DevSecOps workflows for teams around the world, and they know firsthand what makes a security tool both useful and sustainable.

In their words, the awards highlight open-source tools that are “accurate, robust, and low-noise”—qualities that we aim for with every release.

Why this matters

Prowler started as a CLI tool for AWS audits. Today, it’s grown into a multi-cloud security platform that supports AWS, Azure, GCP, and Kubernetes. We’ve stayed open from the beginning—not just in source code, but in approach. We believe that security tools should be explainable, flexible, and built in the open, because transparency builds trust. And trust is the foundation of security.

This award reflects the reality of more than 11 million downloads across the world who’ve helped make Prowler what it is: a reliable, adaptable, open-source foundation for cloud security. We’re grateful to our community, our users, and the teams who test, file issues, build integrations, and help shape every release.

A few words from Toni

“Security doesn’t belong behind closed doors. We started Prowler to make cloud security open, accessible, and adaptable to real-world complexity. This recognition from DefectDojo is a reflection of the community that’s built around Prowler. We’re proud to be part of the movement shaping the future of open-source cybersecurity.”
— Toni de la Fuente, founder and CEO, Prowler

Security shouldn’t be a black box. With Prowler, we’re aiming for something better: clear, usable, and community-driven cloud security.

We’re thankful to DefectDojo for this recognition—and we’re just getting started.

What’s next

Join us next week at RSAC! We’ll be in the Expo all week at Moscone South, booth 642 in the Spanish Pavilion. Stop by to meet the team, preview some sweet new features, and pick up exclusive RSAC swag!

🔗 Learn more about the DefectDojo Awards
🔍 Explore Prowler on GitHub
🚀 Get started with Prowler Cloud

Recent Articles

py iam expand
August 21, 2025

Unmasking Hidden Dangers: How Prowler Now Detects Obfuscated IAM Policies

It all started with a fascinating blog post from the team at Permiso introducing their "Sky Scalpel" tool. Their research highlighted a clever technique for hiding dangerous permissions within AWS...

bedrock header
August 12, 2025

Bedrock’s New API Keys: Convenience at a Hidden Security Cost

Recently, the AWS team rolled out the red carpet for a slick new feature in their post, "Accelerate AI development with Amazon Bedrock API keys." The promise was a dream...

June 24, 2025

CSPM for GCP: Securing Your Google Cloud Environment with Modern Cloud Security Posture Management

Modern organizations rapidly embrace the Google Cloud Platform for its scalability, innovation capabilities, and cost-effectiveness.  However, this digital transformation comes with a critical challenge: maintaining robust security across increasingly complex...