Prowler

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. Get a direct colorful or monochrome report. Get an HTML, CSV, JUNIT, JSON, or JSON ASFF (Security Hub) format report.

Features

Identity and Access Management
Forensics related group of checks [forensics-ready]
Run specific checks and groups or create your own
Internet exposed resources
Also includes PCI-DSS, ISO-27001, FFIEC, SOC2, ENS
Send findings directly to Security Hub
Check multiple AWS accounts in parallel or sequentially

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow Prowler

Prowler Web Site

Other Useful Business Software

$300 in Free Credit Towards Top Cloud Services

Build VMs, containers, AI, databases, storage—all in one place.

Start your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.

Get Started

Rate This Project

User Reviews

Be the first to post a review of Prowler!

Additional Project Details

Programming Language

Unix Shell

Related Categories

Unix Shell Security Software, Unix Shell Cloud Services Software, Unix Shell Command Line Tools

Registered

2022-03-31

Similar Business Software

Diplomat Managed File Transfer

Diplomat MFT by Coviant Software is a secure, reliable managed file transfer solution designed to simplify and automate SFTP, FTPS, and HTTPS file transfers. Built for seamless integration, Diplomat MFT works across major cloud storage platforms, including AWS S3, Azure Blob, Google Cloud,...

See Software
Carbide

Carbide is a tech-enabled service that strengthens your company’s information security and privacy management capabilities. Our platform and expert services are tailored for companies aiming for a sophisticated security posture, particularly valuable for organizations that must meet rigorous...

See Software
Gearset

Gearset is the complete, enterprise-ready Salesforce DevOps platform, enabling teams to implement best practices across the entire DevOps lifecycle. With powerful solutions for metadata and CPQ deployments, CI/CD, testing, code scanning, sandbox seeding, backups, archiving, observability, and...

See Software
Proton Drive

Proton Drive is the all-in-one workspace for storing sensitive data and collaborating with your teams, clients, and partners. Collaborate securely without compromising control: Share client files, contracts, and sensitive business documents with full end-to-end encryption. You control who...

See Software
Securden Unified PAM

Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate...

See Software
Google Cloud SQL

Fully managed relational database service for MySQL, PostgreSQL, and SQL Server with rich extension collections, configuration flags, and developer ecosystems. New customers get $300 in free credits to spend on Cloud SQL. You won’t be charged until you upgrade. Reduce maintenance costs with...

See Software