-p-130x130q80.png)
What's New
·
Finding What Really Matters: Introducing PDF Reports for Prowler ThreatScore
Finding What Really Matters: Introducing PDF Reports for Prowler ThreatScore
New
Promotion: Lighthouse AI credits included
Secure you Cloud at
AI Speed.
World's most widely adopted, open cloud security platform that detects vulrenabilitites, prioritizes risk, accelerates remediation, and ensures continuous compliance.
Chad Lorenc
Security Practice Manager Amazon Web Services
"One of the best open-source and cost- effective cloud posture management tools out there. Call it 'CSPM' or whatever four-letter acronym you prefer — they do it all."
Trusted by the world leaders
Complete code-to-cloud coverage, driven by Agentic AI
Customer Outcomes
Why Thousands of Customers Trust Prowler
Get Complete Cloud Visibility
See everything, instantly. Prowler discovers every cloud resource: containers, serverless functions, identities, databases, and more — in minutes. Gain full visibility across your environments without deploying agents or impacting performance.
Fix What Matters Most
Prowler automatically prioritizes risks based on severity, context, and impact helping you address the most critical findings first. With clear, actionable insights, your team can remediate faster and strengthen your security posture efficiently.
Achieve Continuous Compliance
Prowler continuously monitors your cloud environment to maintain compliance with industry standards such as CIS, GDPR, NIST, and more including your own custom frameworks. Automated evidence collection ensures you’re always prepared for audits, without the manual effort.
Customize to Your Requirements
Prowler adapts to your environment, not the other way around. Create and manage custom checks, mute alerts that don’t matter to you, or add users with granular role-based access control (RBAC). With Prowler, you get full flexibility and control over your cloud security posture.
The Cloud Security Innovator 2025
Latio Cloud Security Report 2025
Prowler Love
Don’t take our word for it
Can't thank you enough for this tool. Default go to tool for cloud security, just as nmap was for every netsec folk. All the very best #prowler
Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness
Prowler stands out as a top-tier tool in terms of functionality and community engagement. It supports security assessments and compliance across major cloud environments such as AWS, Azure, GCP, and Kubernetes, offering robust features comparable to those of commercial solutions.
One of the best open-source and cost-effective cloud posture management tools out there. Call it “CSPM” or whatever four-letter acronym you prefer—they do it all.
Prowler contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
I was pretty amazed by the tool. I'd definitely recommend this open source tool to audit your AWS account to fix security issues.
Learn how to… set up Prowler to push findings to Security Hub… [a] cool project that automated the entire process.
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness
Prowler makes it super easy to identify vulnerabilities, improve security posture, and stay compliant with cloud best practices. Highly recommend it for anyone working on cloud security!
Security Hub native integration with Prowler is now the recommended solution for sending findings from Prowler.
World's Most Widely Adopted Open Cloud Security Platform
40M+
Downloads
12K+
GitHub Stars
300+
Contributors Worldwide
Blog
Learn More
Explore practical guides, expert tips, and real-world use cases — all in one place.
