Scanner updated to Prowler 3.11.0 with new features

New features to highlight in this version:

🏷️ STS V2 Tokens (this will be in the SaaS immediately, so more regions may appear with findings)

• Now Prowler will call Regional AWS STS endpoints to get session tokens valid in all AWS Regions.

See more in https://docs.prowler.cloud/en/latest/tutorials/aws/role-assumption/#sts-endpoint-region

✅ New 9 checks for AWS! (this will be in the SaaS immediately, so more findings may appear)

• New Account check account_maintain_different_contact_details_to_security_billing_and_operations
• New CloudTrail check cloudtrail_multi_region_enabled_logging_management_events
• New EC2 DataLifecycle Manager service and check dlm_ebs_snapshot_lifecycle_policy_exists
• New EC2 EBS check ec2_ebs_volume_snapshots_exists
• New DocumentDB service and check documentdb_instance_storage_encrypted
• New Support check trustedadvisor_premium_support_plan_subscribed
• New Neptune service and check neptune_uses_a_public_subnet
• New Elasticache service and check elasticache_using_public_subnets
• New IAM check iam_use_temporary_credentials

🔎 Ignore Findings from services not in actual use (this will be a roll out in the SaaS over the next weeks)

• Prowler now allows you to ignore unused services findings, so you can reduce the number of findings in Prowler’s reports.
  prowler <provider> --ignore-unused-services

See more in https://docs.prowler.cloud/en/latest/tutorials/ignore-unused-services/

⚙️ New AWS Allowlist including AWS Control Tower resources (this will be nn the SaaS as a UI feature in a month)

• New allowlist file that ensures that applies to all resources created by AWS Control Tower when setting up a landing zone:
  prowler aws --allowlist prowler/config/aws_allowlist.yaml

See more in https://docs.prowler.cloud/en/latest/tutorials/allowlist/#default-aws-allowlist

More details here https://github.com/prowler-cloud/prowler/releases/tag/3.11.0