prowler: AWS security assessment, auditing and hardening

by ddos ·

Prowler: AWS Security Tool

Prowler is a command-line tool for AWS Security Best Practices Assessment, Auditing, Hardening, and Forensics Readiness Tool.

It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including those related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others.

Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 – 05-23-2018

 

Features

+200 checks covering security best practices across all AWS regions and most of AWS services and related to the next groups:

  • Identity and Access Management [group1]
  • Logging [group2]
  • Monitoring [group3]
  • Networking [group4]
  • CIS Level 1 [cislevel1]
  • CIS Level 2 [cislevel2]
  • Extras see Extras section [extras]
  • Forensics related group of checks [forensics-ready]
  • GDPR [gdpr] Read more here
  • HIPAA [hipaa] Read more here
  • Trust Boundaries [trustboundaries] Read more here
  • Secrets
  • Internet exposed resources
  • EKS-CIS
  • Also includes PCI-DSS, ISO-27001, FFIEC, SOC2, ENS (Esquema Nacional de Seguridad of Spain).
  • AWS FTR [FTR] Read more here

With Prowler you can:

  • Get a direct colorful or monochrome report
  • A HTML, CSV, JUNIT, JSON or JSON ASFF format report
  • Send findings directly to Security Hub
  • Run specific checks and groups or create your own
  • Check multiple AWS accounts in parallel or sequentially
  • And more! Read examples below

Install & Use

Copyright 2018 Netflix, Inc.

Source: https://github.com/Alfresco/