Navigating AWS Security: How ProwlerPro Makes it Easier

AWS security for the cloud can be a daunting task for many organizations. With so many different tools and options available, it can be hard to know where to start. In this blog post, we’re going to take a look at five ways AWS security for the cloud is hard, and how ProwlerPro can make it easier. 

  1. Keeping track of compliance failures. With ever-changing security policies, it’s hard to see all of your system’s compliance issues. ProwlerPro lets you easily see a list of compliance issues within your accounts for the CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, and ENS security frameworks. 
  2. Holistic view of your infrastructure: With so many different components in your infrastructure, it can be hard to keep track of how they all fit together and how they could impact the security of your organization. ProwlerPro can help by giving you a clear and comprehensive view of your entire infrastructure, showing you how all the different components might be vulnerable.
  3. Keeping an eye on network security: With so many different network security tools and options available, it can be hard to know which ones are right for your organization. ProwlerPro can help by providing a detailed report of all the AWS security in place, and highlighting any areas where you may be vulnerable.
  4. Vulnerability scanning: With the ever-changing threat landscape, it can be hard to keep track of all the vulnerabilities that exist in your infrastructure. ProwlerPro can help by providing automated vulnerability scanning, identifying any potential vulnerabilities in your system with clear dashboards that can be easily shared in your org.
  5. Staying compliant: With so many different compliance regulations to follow, it can be hard to know which ones apply to your organization, and how to stay compliant. ProwlerPro can help by providing a detailed report of all the compliance regulations that apply to your organization, and highlighting any areas where you may be falling short.

ProwlerPro is a powerful service that can help organizations make sense of AWS security for the cloud. With its detailed reports and easy-to-use dashboards, it makes it easy to stay on top of your organization’s cloud security posture and compliance. By using ProwlerPro, you can more easily ensure your AWS security is as strong as possible, and can keep sensitive data and resources safe from threats.


Win ProwlerPro Swag!

Be one of the next 50 people to sign up and complete a scan in ProwlerPro and win exclusive ProwlerPro swag like Miir coffee mugs, hats, North Face jackets and more.

Prowler Power-Ups: 9 Projects to Enhance Your Security Posture

Are you looking to enhance your AWS security with Prowler? Look no further! Here are 9 Prowler related projects that will save the day:

  1. Terraform AWS Prowler Monitoring: Create a collection of AWS log metric filters and alarms to monitor and alert on security-related events in your AWS environment. These checks and alarms satisfy section 3 of the CIS for AWS requirements of the Prowler Monitoring checks. 
  2. QuickSight powered AWS Security Dashboard: Building Prowler into a QuickSight dashboard allows for real-time visualization of security findings, making it easier to identify and address potential threats.
  3. CloudFormation template: Use this template to perform a point in time assessment of your AWS account, helping you and your team identify and remediate any security issues. We have this one as well for CodeBuild.
  4. Multi-Account Security Assessment: This assessment works for multiple accounts. This report also comes with an Excel template to use for reporting to management, allowing you to track and report on security findings over time.
  5. AWS Fargate: Use this code to perform security assessments in AWS Organizations using Prowler on AWS Fargate, making it easy to scale and automate security assessments across multiple accounts.
  6. Python Script: Easily share and communicate security findings with your team by using this script to generate an HTML report from a CSV.
  7. Ansible code for Splunk integration: Use the Ansible code for Splunk integration which includes a dashboard set up for Splunk, to get a better visibility of your security posture.
  8. Sample Helm chart for Prowler: This example Helm chart makes it easy to deploy Prowler on Kubernetes.
  9. CloudFormation and Terraform templates: The CloudFormation and Terraform templates which include the permissions needed for Prowler and ProwlerPro to assume the role and scan an account.

By implementing these Prowler related projects, you can improve your overall security posture and better protect your AWS environment from potential threats.


Toni de la Fuente

Founder of Prowler Open Source & Lead of Prowler Pro

I’m founder of Prowler Open Source, tool for AWS security best practices. I also worked for AWS as security engineer and security consultant. I’m passionate about FLOSS (Free Libre Open Source Software) in general and Information Security, Incident Response and Digital Forensics in particular. I like everything related to cloud computing and automation. I have done some things for security and the Open Source community like Prowler, phpRADmin, Nagios plugin for Alfresco, Alfresco BART (backup tool). I’ve also contributed in books and courses related to Linux, Monitoring and AWS Security for PacktPublishing.


Win ProwlerPro Swag!

Be one of the next 50 people to sign up and complete a scan in ProwlerPro and win exclusive ProwlerPro swag like Miir coffee mugs, hats, North Face jackets and more.

Prowler: The Top Security Tool for Securing the Cloud

As more and more businesses move their operations to the cloud, the need for robust and reliable security tools has never been greater. This is where ProwlerPro comes in.

According to OSS Insight, Prowler is the top security tool for securing the cloud in December 2022 based on popularity growth (stars). This ranking of Prowler—the engine behind ProwlerPro– is a testament to the effectiveness and reliability of our product, and we’re proud to offer it to businesses everywhere.

Image captured January 17, 2023  – Credit https://ossinsight.io/collections/security-tool

One of the key advantages of ProwlerPro is the expertise of its engineers. Per capita, our engineers are responsible for securing more of the cloud than any other engineers in the world. This level of expertise ensures that ProwlerPro is constantly updated with the latest security features and practices to keep your business safe.

ProwlerPro also offers a wide range of features to protect your business from a variety of threats. Some of the key features include:

  • Automatic security configuration assessments
  • Compliance checks
  • Vulnerability scanning

Prowler version 3.1.0 was released this week and its code name is Revelations, the second song of the Peace of Mind album of Iron Maiden that was written by Bruce Dickinson. This last month has been a real revelation for us as we realized how our community has grown and how well received version 3 has been. We have surpassed 2 million downloads since the project started in 2016.

This version comes with a new AWS IAM check that prevents a cross-service confused deputy attack. We also added support for custom reports so it will be easier to generate outputs other than the CSV, JSON, HTML, etc. And we solved almost 30 issues.

With ProwlerPro, you can rest assured that your business is protected from the latest threats and vulnerabilities. Plus, with the ability to customize the security measures to fit your specific needs, ProwlerPro is the perfect solution for businesses of all sizes.


Toni de la Fuente

Founder of Prowler Open Source & Lead of Prowler Pro

I’m founder of Prowler Open Source, tool for AWS security best practices. I also worked for AWS as security engineer and security consultant. I’m passionate about FLOSS (Free Libre Open Source Software) in general and Information Security, Incident Response and Digital Forensics in particular. I like everything related to cloud computing and automation. I have done some things for security and the Open Source community like Prowler, phpRADmin, Nagios plugin for Alfresco, Alfresco BART (backup tool). I’ve also contributed in books and courses related to Linux, Monitoring and AWS Security for PacktPublishing.


Win ProwlerPro Swag!

Be one of the next 50 people to sign up and complete a scan in ProwlerPro and win exclusive ProwlerPro swag like Miir coffee mugs, hats, North Face jackets and more.

Prowler v3 – Piece of Mind

Today we are releasing a new major version of Prowler 🎉🥳🎊🍾, the Version 3 aka Piece of Mind.

Take Prowler v3 as our 🎄Christmas gift 🎁 for the Cloud Security Community.


Artwork property of Iron Maiden

Piece of Mind was the fourth studio album of Iron Maiden. Its meaning fits perfectly with what we do with Prowler in both senses: being protected and at the same time, this is the software I would have wanted to write when I started Prowler back in 2016 (this is now, more than ever, a piece of my mind). Now this has been possible thanks to my awesome team at Verica.

No doubt that 2022 has been a pretty interesting year for us, we launched ProwlerPro and released many minor versions of Prowler. Now enjoy Sun and Steel while you keep reading these release notes.

If you are an Iron Maiden fan as I am, you have noticed the latest minor release of Prowler (2.12) was a song from this very same album, just a clue of what was coming! In Piece of Mind you can find one of the most popular heavy metal songs of all times, The Trooper, which will be a Prowler version to be released during 2023.

Prowler v3 is more than a new version of Prowler, it is a whole new piece of software, we have fully rewritten it in Python and we have made it multi-cloud adding Azure as our second supported Cloud Provider. Prowler v3 is also way faster, being able to scan an entire AWS account across all regions 37 times faster than before. Yes! You read it correctly, what before took hours now it takes literally few minutes or even seconds.

New documentation site:

We are also releasing today our brand new documentation site for Prowler at https://docs.prowler.cloud and it is also stored in the docs folder in the repo.

What’s Changed:

Here is a list of the most important changes in Prowler v3:

  • 🐍 Python: we got rid of all bash and it is now all in Python.
  • 🚀 Faster: huge performance improvements.
    An account that took 2.5 hours to scan in v2 now only takes 4 minutes to scan in v3.
  • 💻 Developers and Community: we have made it easier to contribute with new checks and new compliance frameworks. We also included unit tests and native logging features. And now the CLI supports long arguments and options.
  • ☁️ Multi-cloud: in addition to AWS, we have added Azure.
  • Checks and Groups: all checks are now more comprehensive and we provide resolution actions in most of them. Their ID is no longer tight to CIS but they are self-explanatory. Groups now are dynamically generated based on checks metadata like services, categories, severity and more).
  • ⚖️ Compliance: we are including full support for CIS 1.4, CIS 1.5 and the new Spanish ENS in this release, more to come soon! Compliance also has its own output file with its own metadata and to create your own is easier than ever before making more comprehensive reports.
  • 🧩 Compatibility with v2: most of the options are the same in this version in order to support backward compatibility however some options like assume role or AWS Organizations query are now different and easier to use.
  • 🔄 Consolidated output formats: now both CSV and JSON reports come with the same attributes and compared to v2, they come with more than 40 values per finding. HTML, CSV and JSON are created every time you run prowler.
  • 📊 Quick Inventory: introduced in v2, we have fine tuned the Quick Inventory feature and now you can get a list of all resources in your AWS accounts within seconds.

Prowler new default overview:

prowler-3-output

Prowler updated HTML report:

html-output

Prowler compliance overview:

compliance-cis-sample

Prowler list of Azure checks:

azure-checks

What is coming next?

  • More Cloud Providers and more checks: in addition to adding more new checks to AWS and Azure, we plan to include GCP and OCI soon, let us know if you want to contribute!
  • XML-JUNIT support: we didn’t add that to v3, if you miss it, let us know in https://github.com/prowler-cloud/prowler/discussions
  • Compliance: we will add more compliance frameworks to have as many as in Prowler v2, we appreciate help though!
  • Tags based audit: you will be able to scan only those resources with specific tags.

Toni de la Fuente

Founder of Prowler Open Source & Lead of Prowler Pro

I’m founder of Prowler Open Source, tool for AWS security best practices. I also worked for AWS as security engineer and security consultant. I’m passionate about FLOSS (Free Libre Open Source Software) in general and Information Security, Incident Response and Digital Forensics in particular. I like everything related to cloud computing and automation. I have done some things for security and the Open Source community like Prowler, phpRADmin, Nagios plugin for Alfresco, Alfresco BART (backup tool). I’ve also contributed in books and courses related to Linux, Monitoring and AWS Security for PacktPublishing.


Win ProwlerPro Swag!

Be one of the next 50 people to sign up and complete a scan in ProwlerPro and win exclusive ProwlerPro swag like Miir coffee mugs, hats, North Face jackets and more.