Prowler
Screen Shot at

Sign up for Prowler Updates

Please enable JavaScript in your browser to complete this form.
Laura Franzese headshot
Laura Franzese // February 12, 2025

What’s New in Prowler 5.3

We’ve been working hard to enhance Prowler across the board—improving visibility, expanding provider support, and making cloud security management more efficient. This release brings real-time scan visibility, Microsoft365 support, UI improvements, and new security checks for AWS, Kubernetes, and Microsoft365. Whether you are monitoring security at scale or running targeted compliance checks, Prowler 5.3 makes it easier than ever to secure your cloud environments.

🚀 A Smoother, More Responsive Experience

Real-Time Scan Visibility

Scans now appear immediately after being launched, removing the previous delay.

Why It Matters:
This means less friction when starting scans—so you can get to the meaningful work of detecting and resolving security issues faster.

🎨 Improved UI & UX

  • Enhanced Sign-In & Sign-Up Experience – We’ve refined the forms to make the login and registration process smoother.
  • Better Form Validation & Error Handling – Clearer guidance and feedback ensure you know exactly what needs to be fixed when filling out forms.

Why It Matters:
Security tools should be easy to use. With clearer forms and real-time feedback, you can navigate Prowler’s interface with confidence.

💻 API Updates

🕐 Scheduled Scans

  • Daily scheduled scans are now created beforehand in a SCHEDULED state, making them visible before they run.

🔎 Findings Enhancements

  • Findings endpoints now require at least one date filter when retrieving all findings.
  • Performance boost for the findings metadata endpoint, making queries faster.

Why It Matters:
With these improvements, you can better track and query findings while ensuring scheduled scans are visible upfront.

☁️ Expanded Provider Support

  • Increased the allowed length of the provider UID for Kubernetes providers to fully support AWS EKS, Azure AKS, and GCP GKE.

Why It Matters:
Kubernetes users now have a more seamless experience when managing providers across multi-cloud environments.

🔧 SDK: Microsoft365 Support 🎉

We’re excited to introduce Microsoft365 as a new cloud provider in Prowler!

  • This release brings dedicated security and compliance checks tailored for Microsoft365 environments.
  • Currently available in Prowler CLI and coming soon to the API and UI.

Try it out now:

prowler microsoft365 {--sp-env-auth | --az-cli-auth | --browser-auth}
  • Service Principal Credentials: Uses a registered app in Entra (Azure AD) with client credentials.
  • Azure CLI: Uses your existing logged-in Azure CLI session.
  • Interactive Browser: Opens a browser window for manual sign-in.

🔎 Five New Microsoft365 Security Checks

  • admincenter_groups_not_public_visibility
  • admincenter_settings_password_never_expire
  • admincenter_users_admins_reduced_license_footprint
  • admincenter_users_between_two_and_four_global_admins
  • entra_thirdparty_integrated_apps_not_allowed

Run prowler microsoft365 --list-checks to see all available checks.

Why It Matters:
Microsoft365 is a critical part of many organizations’ cloud environments. These new checks ensure your configurations align with best practices for security and compliance.

📖 New Compliance Framework

  • CIS Microsoft 365 Foundations Benchmark v4.0.0

Why It Matters:
Staying aligned with industry benchmarks is crucial. This update helps you maintain compliance effortlessly.

✅ New AWS Security Check

  • kms_cmk_not_multi_region – Ensures that AWS KMS Customer Managed Keys (CMKs) are not multi-region, helping enforce key management security best practices.

Special thanks to @wunzeco for contributing this check!

Why It Matters:
Misconfigured KMS keys can introduce security risks. This new check helps ensure proper key isolation and security posture.

🚀 Get Started with Prowler 5.3

Ready to try out the new features? Upgrade to Prowler 5.3 now and start securing your cloud environments with even more precision!

🔗 Full Changelog

Want to see it live?

Join Prowler engineers for a 60-minute live webinar that dives into the Prowler SDK-Core February 20th @ 9:00 AM – 10:00 AM PT.

Save Your Spot

Recent Articles

Screenshot at
March 18, 2025

Google Bought Wiz for $32B. Now What?

Well, that escalated quickly. Google just dropped $32 billion on Wiz—one of the biggest security acquisitions ever. That’s not just a big check; that’s a statement. A statement that cloud...

Screenshot at
March 13, 2025

Announcing the First-Ever Open Cloud Security Conference – CFP Now Open!

--- This is a repost from OpenCloudSecurity.org --- If you care about securing cloud environments with open-source tools, this is the event you’ve been waiting for. On April 8, 2025,...

March 10, 2025

Prowler 5.4 is Here!

We’ve been busy making Prowler even more powerful and user-friendly. With Prowler 5.4, we’re introducing a revamped UI, expanded Microsoft 365 security coverage from the CLI, social login integration, and...