Sign up for Prowler Updates

Please enable JavaScript in your browser to complete this form.
Toni de la Fuente headshot
Toni de la Fuente // May 8, 2023

New checks and engine updated to v3.4

ProwlerPro is now using Prowler Open Source as scanner engine v3.4 and new checks are added.

New services covered like Organizations best practices, SSM Incidents, Resource Explorer, Backup, additional checks for CloudTrail, ECR scan on push check updated, GuardDuty, VPC best practices, IAM. Now iam_policy_no_administrative_privileges has been renamed to iam_customer_unattached_policy_no_administrative_privileges and the following new important IAM checks:

  • iam_aws_attached_policy_no_administrative_privileges: Ensure IAM AWS-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
  • iam_customer_attached_policy_no_administrative_privileges: Ensure IAM Customer-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
  • iam_customer_unattached_policy_no_administrative_privileges: Ensure IAM policies that allow full “:” administrative privileges are not created – iam [low]

Recent Articles

prowler hacktoberfest
September 29, 2025

Secure the Cloud: Contribute to Prowler This Hacktoberfest

This week marks the start of Hacktoberfest 2025, as they describe it, the annual month-long celebration of all things open source! At Prowler, open source is at our core. We...

Screenshot at
September 11, 2025

Introducing Prowler’s GitHub Provider: Secure Your Repositories at Scale 

Recently we have seen a rise of incidents related to supply chain attacks, and specifically with the security of the development pipelines: tj-actions, reviewdog/action-setup, Amazon Q Developer, nx and others....

Screenshot at
September 5, 2025

Automate Multi-Cloud Security at Scale: Bulk Provider Provisioning in Prowler

Managing cloud security across dozens or even hundreds of cloud accounts is a challenge, especially when you have to do it for multiple cloud providers. Manually onboarding each account is...