prowler

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. (by prowler-cloud)

Prowler Alternatives

Similar projects and alternatives to prowler

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better prowler alternative or higher similarity.

prowler reviews and mentions

Posts with mentions or reviews of prowler. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-08-14.
  • Automated penetration testing for a cloud infrastructure
    2 projects | reddit.com/r/cybersecurity | 14 Aug 2022
    Here is a good open source option to get started: https://github.com/prowler-cloud/prowler
  • Pentesting
    2 projects | reddit.com/r/AskNetsec | 28 Jul 2022
    To add onto what /u/mekkr_ has said; you can also use tools like Prowler to ensure your environment is compliant. Prowler also has conmon and forensic capabilities.
  • Using Prowler to Audit your AWS account for vulnerabilities.
    2 projects | dev.to | 5 May 2022
    Few days ago I came across this repository and I found Prowler(Go Star the repo).
  • About Optimizing for Speed: How to do complete AWS Security&Compliance Scans in 5 minutes
    3 projects | dev.to | 14 Apr 2022
    Prowler
  • Automating Prowler for Compliance Checking in AWS
    2 projects | dev.to | 27 Mar 2022
    AWSTemplateFormatVersion: "2010-09-09" Description: "Create EC2 instanace with Prowler pre-configured and tied to roles to run" # Template Parameters # ImageId : Default is AWS Linux 2 ami-0e1d30f2c40c4c701 # InstanceType : Default is t3.micro # VpcId : VPC to launch in # SubnetId : Subnet to connect # KeyName : Keypair to use # CidrIp : CIDR range for SSH x.x.x.x/x Resources: # Create Prowler Instance - Parameters for ImageId, InstanceType, SubnetId, SecurityGroupIds, and KeyName ProwlerInstance: Type: 'AWS::EC2::Instance' Properties: ImageId: !Ref ImageId InstanceType: !Ref InstanceType SubnetId: !Ref SubnetId SecurityGroupIds: - !Ref InstanceSecurityGroup KeyName: !Ref KeyName IamInstanceProfile: !Ref ProwlerInstanceProfile Tags: - Key: Name Value: Prowler BlockDeviceMappings: - DeviceName: /dev/xvda Ebs: VolumeSize: 8 Encrypted: true # Run bash to install and configure Prowler UserData: Fn::Base64: !Sub | #!/bin/bash -xe sudo yum update -y sudo yum remove -y awscli cd /home/ec2-user curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/home/ec2-user/awscliv2.zip" unzip /home/ec2-user/awscliv2.zip sudo /home/ec2-user/aws/install sudo yum install -y python3 jq git sudo pip3 install detect-secrets==1.0.3 git clone https://github.com/prowler-cloud/prowler /home/ec2-user/prowler chown -R ec2-user:ec2-user /home/ec2-user/prowler ProwlerInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: InstanceProfileName: prowler-ec2-instance-profile Path: / Roles: - !Ref ProwlerEc2InstanceRole # Create Security Group InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow ssh from specific host GroupName: ProwlerSecurityGroup VpcId: !Ref VpcId SecurityGroupIngress: - IpProtocol: 'tcp' FromPort: '22' ToPort: '22' CidrIp: !Ref CidrIp # Create EC2 Instance Role to run security checks and attach to instance ProwlerEc2InstanceRole: Type: AWS::IAM::Role Properties: RoleName: prowler-ec2-instance-role AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/SecurityAudit - arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Path: / # Parameters for cloudformation template with some defaults Parameters: ImageId: Type: String Description: AMI - Linux 2 Default: 'ami-0e1d30f2c40c4c701' InstanceType: Type: String Description: Instance type to be used - t3.micro default Default: t3.micro VpcId: Type: AWS::EC2::VPC::Id Description: VPC to be used SubnetId: Type: AWS::EC2::Subnet::Id Description: Subnet to be used KeyName: Type: AWS::EC2::KeyPair::KeyName Description: Keyname CidrIp: Type: String Description: CidrIp to be used to connect from x.x.x.x/x Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Network Configuration" Parameters: - ImageId - InstanceType - VpcId - SubnetId - KeyName - CidrIp Conditions: {}
  • Starting to use AWS CLI at work. Need beginner tips.
    4 projects | reddit.com/r/aws | 16 Jan 2022
    For SecOps often a wrapper library like https://github.com/toniblyx/prowler will provide you the results you need for audits. If they don't exist natively then you can extend the library to add them for future use.
  • SSH Bastion Host Best Practices
    3 projects | news.ycombinator.com | 13 Jan 2022
  • Is there any way to efficiently audit security groups?
    3 projects | reddit.com/r/aws | 28 Apr 2021
    Prowler does a pretty good audit of the security groups (as well as the whole account).
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 5 Dec 2022
    InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code. Learn more →

Stats

Basic prowler repo stats
15
6,999
9.2
5 days ago
Workflow assistant built for devs & their teams
Automate the mundane part of your day, with live actionable messages for your GitHub & Jira tasks.
www.zigi.ai