Download Latest Version Prowler 5.9.2 source code.tar.gz (47.4 MB)
Email in envelope

Get an email when there's a new version of Prowler

Home / 5.8.0
Name Modified Size InfoDownloads / Week
Parent folder
Prowler 5.8.0 source code.tar.gz 2025-07-03 45.4 MB
0
Prowler 5.8.0 source code.zip 2025-07-03 49.8 MB
0
README.md 2025-07-03 17.3 kB
0
Totals: 3 Items   95.3 MB 0

New features to highlight in this version

πŸ“˜ Detailed Views for All Supported Compliance Standards

You asked for more clarityβ€”we delivered. Now every supported compliance framework (like ENS-RD2022, CIS, ISO, NIST, etc.) includes a fully detailed view to help your team understand, prioritize, and act faster.

compliance detailed view

πŸ” What’s New: - Interactive Pie Chart: quickly assess pass, fail, and manual statuses across all requirements. - Top Failed Sections: instantly identify where most issues occur, broken down by type, if any. - Failure Heatmap: visualize section-level failure rates to prioritize efforts. - Per-Category Drilldown: view grouped sections, with their findings, with expandable breakdowns per compliance framework.

Screenshot 2025-07-03 at 15 29 55

Now live across all frameworks in your Compliance tab!

[!WARNING] The detailed views are only available for new scans from v5.8.0 onwards. Therefore, all the compliance overviews from previous scans are not available.

πŸ€– Introducing Prowler Lighthouse β€” Your AI Cloud Security Analyst

Say hello to Prowler Lighthouse, your always-on, AI-powered cloud security assistant.

Designed for teams with or without dedicated security resources, Lighthouse helps you: - Understand your compliance status - Prioritize failed and manual security checks - Remediate vulnerabilities and misconfigurations - Ask questions in natural language like β€œWhat is the CIS 1.10 compliance status of my Kubernetes cluster?”

lighouse use case

βš™οΈ Customizable & Secure

In the Lighthouse Configuration Panel, you can:

  • Choose your preferred LLM (e.g., GPT-4o Mini)
  • Set your secure API Key
  • Provide business-specific context to tailor responses

lighhouse config

It not only summarizes your security posture but also highlights where to focus your attention.

Now available in the Lighthouse tab. Start chatting today!

πŸš€ User Profile

We've revamped the User Profile interface to provide a cleaner, more actionable view of your account:

  • Organization Info: instantly view your Organization ID, join date, and email identity at the top.
  • Active Roles: clear breakdown of user permissions.
  • Organization Membership: Quickly see which organization you're part of and your role within it.
  • Quick Actions: Copy your Organization ID with a click and update organization names directly from the interface.

✨ Try it out by visiting your Profile page and experience the streamlined design!

profile

πŸ“Œ Affected Resource Name in Findings

Quickly pinpoint misconfigurations with the new "Resource name" column in the findings table!

  • Instantly identify the specific resource affected by each finding.
  • No more diggingβ€”this small but powerful update improves triage and remediation workflows.

resource in findings

πŸ” GCP Service Account Key Authentication

You can now connect your Google Cloud Platform account by simply pasting your Service Account Key JSON.

  • No need for CLI setup or external tooling
  • Just paste your key and click Next
  • Fast and secure onboarding

This makes it easier than ever to authenticate and start scanning your GCP environment.

GCP Service Account Key

πŸ”‘ M365 Authentication App-Only (Service Principal) Authentication

Prowler now supports Microsoft 365 app-only (service principal) authentication via OAuth 2.0 client-credentials: just register an Azure AD app, grant it the necessary application-level permissions, grant admin consent, and supply your tenant ID, client ID and secret.

This lets Prowler run fully unattended scans against Exchange Online, SharePoint, Teams, etc., simplifies CI/CD integration and enforces least-privilege access.

πŸ™Œ Special thanks to @silverhack for their support and guidance in resolving key Microsoft 365 authentication issues.

Your contributions help make Prowler stronger for everyone! πŸ’œ

πŸ†• Checks

We’ve added 21 new security checks across multiple cloud providers and services to help you stay ahead of evolving risks:

  • AWS: 1 new check
  • Azure: 11 new checks
  • Microsoft 365: 3 new checks
  • GitHub: 6 new checks

πŸ§ͺ Run a scan now to see how your environment stacks up!

πŸ›‘οΈ Baseline NIS 2 Compliance

We’ve added baseline NIS 2 compliance support for AWS, Azure, and GCP, aligning with the EU 2022/2555 directive annex.

This update includes:

  • Core risk management measures
  • Incident handling and response criteria
  • Applicability for both essential and important cloud service providers

Start assessing your NIS 2 readiness directly from the Compliance tab today.

πŸ†• Compliance Frameworks

We've expanded our compliance coverage to include three major standards:

  • CIS 4.0 for GCP β€” Updated benchmarks for Google Cloud environments
  • CIS 1.11 for Kubernetes β€” Latest hardening guidance for K8s clusters
  • ISO 27001 for Microsoft 365 β€” Security controls mapped to M365 services

Run a scan now to assess your posture against the latest industry benchmarks.

πŸ› οΈ IaC Provider powered by checkov

Prowler now supports Infrastructure-as-Code (IaC) scanning using Checkov!

Simply point it at your local files and catch security issues before you deploy:

  • Supports Terraform, CloudFormation, ARM, Kubernetes YAML, and more
  • Detects misconfigurations and compliance drift pre-deployment
  • Seamlessly integrates into your CI/CD or local workflows

Shift left with IaC scanningβ€”now available in Prowler!

[!NOTE] Try it out now with prowler iac

UI

πŸš€ Added

  • New profile page with details about the user and their roles (#7780)
  • Improved SnippetChip component and show resource name in new findings table (#7813)
  • Possibility to edit the organization name (#7829)
  • GCP credential method (Account Service Key) (#7872)
  • Compliance detail view: ENS (#7853)
  • Compliance detail view: ISO (#7897)
  • Compliance detail view: CIS (#7913)
  • Compliance detail view: AWS Well-Architected Framework (#7925)
  • Compliance detail view: KISA (#7965)
  • Compliance detail view: ProwlerThreatScore (#7979)
  • Compliance detail view: Generic (rest of the compliances) (#7990)
  • Compliance detail view: MITRE ATTACK (#8002)
  • Improve Scan ID filter by adding more context and enhancing the UI/UX (#8046)
  • Lighthouse chat interface (#7878)
  • Google Tag Manager integration (#8058)

πŸ”„ Changed

  • Provider UID filter to scans page (#7820)
  • Aligned Next.js version to v14.2.29 across Prowler and Cloud environments for consistency and improved maintainability (#7962)
  • Refactor credentials forms with reusable components and error handling (#7988)
  • Updated the provider details section in Scan and Findings detail pages (#7968)
  • Make user and password fields optional but mutually required for M365 cloud provider (#8044)
  • Improve filter behaviour and relationships between filters in findings page (#8046)
  • Set filters panel to be always open by default (#8085)
  • Updated "Sign in"/"Sign up" capitalization for consistency (#8136)
  • Duplicate API base URL as an env var to make it accessible in client components (#8131)

🐞 Fixed

  • Sync between filter buttons and URL when filters change (#7928)
  • Improve heatmap perfomance (#7934)
  • SelectScanProvider warning fixed with empty alias (#7998)
  • Prevent console warnings for accessibility and SVG(#8019)

API

πŸš€ Added

  • Support GCP Service Account key (#7824)
  • GET /compliance-overviews endpoints to retrieve compliance metadata and specific requirements statuses (#7877)
  • Lighthouse configuration support (#7848)

πŸ”„ Changed

  • Reworked GET /compliance-overviews to return proper requirement metrics (#7877)
  • Optional user and password for M365 provider (#7992)

🐞 Fixed

  • Scheduled scans are no longer deleted when their daily schedule run is disabled (#8082)

SDK

πŸš€ Added

  • storage_geo_redundant_enabled check for Azure provider (#7980)
  • storage_cross_tenant_replication_disabled check for Azure provider (#7977)
  • CIS 1.11 compliance framework for Kubernetes (#7790)
  • Support HTTPS_PROXY and K8S_SKIP_TLS_VERIFY in Kubernetes (#7720)
  • Weight for Prowler ThreatScore scoring (#7795)
  • entra_users_mfa_capable check for M365 provider (#7734)
  • admincenter_organization_customer_lockbox_enabled check for M365 provider (#7732)
  • admincenter_external_calendar_sharing_disabled check for M365 provider (#7733)
  • Level for Prowler ThreatScore in the accordion in Dashboard (#7739)
  • CIS 4.0 compliance framework for GCP (7785)
  • repository_has_codeowners_file check for GitHub provider (#7752)
  • repository_default_branch_requires_signed_commits check for GitHub provider (#7777)
  • repository_inactive_not_archived check for GitHub provider (#7786)
  • repository_dependency_scanning_enabled check for GitHub provider (#7771)
  • repository_secret_scanning_enabled check for GitHub provider (#7759)
  • repository_default_branch_requires_codeowners_review check for GitHub provider (#7753)
  • NIS 2 compliance framework for AWS (#7839)
  • NIS 2 compliance framework for Azure (#7857)
  • Search bar in Dashboard Overview page (#7804)
  • NIS 2 compliance framework for GCP (#7912)
  • storage_account_key_access_disabled check for Azure provider (#7974)
  • storage_ensure_file_shares_soft_delete_is_enabled check for Azure provider (#7966)
  • Make validate_mutelist method static inside Mutelist class (#7811)
  • Avoid bypassing IAM check using wildcards (#7708)
  • storage_blob_versioning_is_enabled new check for Azure provider (#7927)
  • New method to authenticate in AppInsights in check app_function_application_insights_enabled (#7763)
  • ISO 27001 2022 for M365 provider (#7985)
  • codebuild_project_uses_allowed_github_organizations check for AWS provider (#7595)
  • IaC provider (#7852)
  • Azure Databricks service integration for Azure provider, including the databricks_workspace_vnet_injection_enabled check (#8008)
  • databricks_workspace_cmk_encryption_enabled check for Azure provider (#8017)
  • Appication auth for PowerShell in M365 provider (#7992)
  • storage_account_default_to_entra_authorization_enabled check for Azure provider (#7981)
  • Improve overview page from Prowler Dashboard (#8118)
  • keyvault_ensure_public_network_access_disabled check for Azure provider (#8072)
  • monitor_alert_service_health_exists check for Azure provider (#8067)
  • Replace Domain.Read.All with Directory.Read.All in Azure and M365 docs (#8075)
  • Refactor IaC provider to use Checkov as Python library (#8093)
  • New check codebuild_project_not_publicly_accessible for AWS provider (#8127)

🐞 Fixed

  • Consolidate Azure Storage file service properties to the account level, improving the accuracy of the storage_ensure_file_shares_soft_delete_is_enabled check (#8087)
  • Migrate Azure VM service and managed disk logic to Pydantic models for better serialization and type safety, and update all related tests to use the new models and fix UUID handling (#https://github.com/prowler-cloud/prowler/pull/8151)
  • organizations_scp_check_deny_regions check to pass when SCP policies have no statements (#8091)
  • Fix logic in VPC and ELBv2 checks (#8077)
  • Retrieve correctly ECS Container insights settings (#8097)
  • Fix correct handling for different accounts-dates in prowler dashboard compliance page (#8108)
  • Handling of block-project-ssh-keys in GCP check compute_instance_block_project_wide_ssh_keys_disabled (#8115)
  • Handle empty name in Azure Defender and GCP checks (#8120)

πŸ”„ Changed

  • Reworked S3.test_connection to match the AwsProvider logic (#8088)

πŸ—‘οΈ Removed

  • OCSF version number references to point always to the latest (#8064)
Source: README.md, updated 2025-07-03