Share
Sign up for Prowler Updates
New checks and engine updated to v3.4
ProwlerPro is now using Prowler Open Source as scanner engine v3.4 and new checks are added.
New services covered like Organizations best practices, SSM Incidents, Resource Explorer, Backup, additional checks for CloudTrail, ECR scan on push check updated, GuardDuty, VPC best practices, IAM. Now iam_policy_no_administrative_privileges has been renamed to iam_customer_unattached_policy_no_administrative_privileges and the following new important IAM checks:
- iam_aws_attached_policy_no_administrative_privileges: Ensure IAM AWS-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
- iam_customer_attached_policy_no_administrative_privileges: Ensure IAM Customer-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
- iam_customer_unattached_policy_no_administrative_privileges: Ensure IAM policies that allow full “:” administrative privileges are not created – iam [low]
Recent Articles
Google Bought Wiz for $32B. Now What?
Well, that escalated quickly. Google just dropped $32 billion on Wiz—one of the biggest security acquisitions ever. That’s not just a big check; that’s a statement. A statement that cloud...
Announcing the First-Ever Open Cloud Security Conference – CFP Now Open!
--- This is a repost from OpenCloudSecurity.org --- If you care about securing cloud environments with open-source tools, this is the event you’ve been waiting for. On April 8, 2025,...
Prowler 5.4 is Here!
We’ve been busy making Prowler even more powerful and user-friendly. With Prowler 5.4, we’re introducing a revamped UI, expanded Microsoft 365 security coverage from the CLI, social login integration, and...