Sign up for Prowler Updates

Please enable JavaScript in your browser to complete this form.
Toni de la Fuente headshot
Toni de la Fuente // May 8, 2023

New checks and engine updated to v3.4

ProwlerPro is now using Prowler Open Source as scanner engine v3.4 and new checks are added.

New services covered like Organizations best practices, SSM Incidents, Resource Explorer, Backup, additional checks for CloudTrail, ECR scan on push check updated, GuardDuty, VPC best practices, IAM. Now iam_policy_no_administrative_privileges has been renamed to iam_customer_unattached_policy_no_administrative_privileges and the following new important IAM checks:

  • iam_aws_attached_policy_no_administrative_privileges: Ensure IAM AWS-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
  • iam_customer_attached_policy_no_administrative_privileges: Ensure IAM Customer-Managed policies that allow full “:” administrative privileges are not attached – iam [high]
  • iam_customer_unattached_policy_no_administrative_privileges: Ensure IAM policies that allow full “:” administrative privileges are not created – iam [low]

Recent Articles

Grey Minimalist Tips Blog Banner
November 11, 2024

Secure the Home! Making sense of K8s Security.

For those already in Salt Lake City ready for this years' KubeCon North America, I'm jealous! I'll be sitting this one out this year, but it does give me time...

Meet the Prowler Team at TechCrunch
October 25, 2024

Meet the Prowler Team at TechCrunch Disrupt 2024

Next week, Prowler will be at TechCrunch Disrupt 2024, participating in the Startup Battlefield 200. You’ll find us at booth O15 in the Security, Privacy, and Social Networking section of...

Screen Shot at
September 25, 2024

Meet Prowler at CloudSecNext Summit in Denver

Next week, Prowler is heading to CloudSecNext Summit 2024 in Denver, and we want to connect with you! Whether you're a seasoned cloud security practitioner or just beginning your journey,...