✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🎯 New Overview Experience

We've expanded and refined the Overview to give you a clearer, more actionable understanding of your cloud security posture at a glance. The new panels bring richer visual context, better prioritization cues, and faster navigation across your environments.

🚨 Attack Surface

Instantly understand your most exposed risks, including internet-facing resources, leaked secrets, privilege-escalation paths, and critical misconfigurations.

From this release forward, this view will display data as soon as new scans are run.

📡 Service Watchlist

A real-time view of your riskiest cloud services, helping you focus remediation on the areas with the highest impact.

📈 Findings Severity Over Time

Track how your security posture evolves. This panel visualizes severity trends (Critical, High, Medium, Low, Informational) across days, weeks, or months so you can measure progress and detect regressions.

🧬 Risk Pipeline

A complete flow of findings from their source providers (AWS, Azure, Google Cloud, Kubernetes, GitHub, Microsoft 365, OCI, IaC, MongoDB Atlas) into their severity levels. Ideal for understanding where risk originates and how it distributes across your environments.

🌍 Threat Map

A global, region-based view of findings to help you quickly pinpoint where misconfigurations occur geographically, with pass/fail ratios per region.

🧮 Risk Plot

A severity-weighted visualization of your Threat Score, enabling you to immediately identify high-risk environments and understand how critical findings influence overall exposure, not just by volume but by impact.

⏳ Navigation Loading Bar

To improve the overall user experience, we've introduced a new navigation loading bar. This subtle progress indicator replaces silent page transitions, giving users immediate feedback that something is happening in the background. It makes the interface feel faster, smoother, and more responsive, especially when loading large datasets.

🤖 MCP Server - Prowler Management

The Prowler MCP Server has been completely redesigned to give AI assistants and LLMs control over your Prowler environment. The new version introduces comprehensive tools for:

• Findings: Query security findings directly
• Provider Management: Add, configure, and manage cloud provider connections
• Resource Management: Browse and inspect your cloud resources
• Muting Management: Mute and unmute findings programmatically
• Scan Management: Trigger and monitor security scans

This enables powerful AI-driven security workflows. Ask your AI assistant to scan your accounts, identify critical findings, or generate compliance reports, all through natural language.

🌐 New Cloud Providers

🍃 MongoDB Atlas

MongoDB Atlas is now fully supported in the Prowler App, enabling you to assess and monitor the security posture of your managed database clusters directly from the UI.

☁️ Alibaba Cloud (CLI Only)

Alibaba Cloud is now available in the Prowler CLI. Full Prowler App support is coming in the next release!

See the 63 available checks in Prowler Hub

🤖 Lighthouse AI - Amazon Bedrock API Key Support

Lighthouse AI now supports Amazon Bedrock API key authentication as an alternative to IAM access keys. This simplifies onboarding by allowing users to authenticate with a single API key instead of managing IAM credentials. Both authentication methods (IAM Access Key Pair and Bedrock API Key) are fully supported.

Read more about it here.

📚 Compliance Improvements

🔒 CIS 2.0 for Alibaba Cloud

New CIS Alibaba Cloud Foundation Benchmark v2.0.0 compliance framework, providing comprehensive security configuration guidelines for Alibaba Cloud environments.

✅ SOC 2 Processing Integrity

Added Processing Integrity requirements to the SOC 2 compliance framework for AWS, Azure, and GCP providers, expanding coverage for data processing controls.

🏦 RBI Cyber Security Framework - Thanks to @KonstGolfi

New RBI Cyber Security Framework compliance support for Azure provider, helping organizations in the Indian financial sector meet regulatory requirements.

📦 pnpm Migration

The UI has migrated from npm to pnpm for package management, bringing faster installs, stricter dependency resolution, and more consistent builds across environments.

🔍 All Providers in Prowler Hub

Explore all Prowler security checks, compliance frameworks, and supported providers in one place at Prowler Hub. Browse checks by provider, search for specific security controls, and discover which compliance frameworks map to each check, all in a beautifully designed, searchable interface.

🧩 New Checks

GitHub - Repository

• repository_immutable_releases_enabled - Thanks to @Sakeeb91

GCP - Compute & CloudStorage

• compute_instance_preemptible_vm_disabled
• compute_instance_automatic_restart_enabled
• compute_instance_deletion_protection_enabled
• cloudstorage_uses_vpc_service_controls

UI

🚀 Added

• Risk Plot component with interactive legend and severity navigation to Overview page (#9469)
• Navigation progress bar for page transitions using Next.js onRouterTransitionStart (#9465)
• Findings Severity Over Time chart component to Overview page (#9405)
• Attack Surface component to Overview page (#9412)

🔄 Changed

• Migrate package manager from npm to pnpm for faster installs and stricter dependency resolution (#9442)
• Pin pnpm to version 10 in Dockerfile for consistent builds (#9452)
• Compliance Watchlist component to Overview page (#9199)
• Service Watchlist component to Overview page (#9316)
• Risk Pipeline component with Sankey chart to Overview page (#9317)
• Threat Map component to Overview Page (#9324)
• MongoDB Atlas provider support (#9253)
• Lighthouse AI support for Amazon Bedrock API key (#9343)

🐞 Fixed

• Show top failed requirements in compliance specific view for compliance without sections (#9471)

API

🚀 Added

• New endpoint to retrieve an overview of the attack surfaces (#9309)
• New endpoint GET /api/v1/overviews/findings_severity/timeseries to retrieve daily aggregated findings by severity level (#9363)
• Lighthouse AI support for Amazon Bedrock API key (#9343)
• Exception handler for provider deletions during scans (#9414)
• Support to use admin credentials through the read replica database (#9440)

🔄 Changed

• Error messages from Lighthouse celery tasks (#9165)
• Restore the compliance overview endpoint's mandatory filters (#9338)

SDK

🚀 Added

• cloudstorage_uses_vpc_service_controls check for GCP provider (#9256)
• Alibaba Cloud provider with CIS 2.0 benchmark (#9329)
• repository_immutable_releases_enabled check for GitHub provider (#9162)
• compute_instance_preemptible_vm_disabled check for GCP provider (#9342)
• compute_instance_automatic_restart_enabled check for GCP provider (#9271)
• compute_instance_deletion_protection_enabled check for GCP provider (#9358)
• Update SOC2 - Azure with Processing Integrity requirements (#9463)
• Update SOC2 - GCP with Processing Integrity requirements (#9464)
• Update SOC2 - AWS with Processing Integrity requirements (#9462)
• RBI Cyber Security Framework compliance for Azure provider (#8822)

🔄 Changed

• Update AWS Macie service metadata to new format (#9265)
• Update AWS Lightsail service metadata to new format (#9264)
• Update AWS GuardDuty service metadata to new format (#9259)
• Update AWS Network Firewall service metadata to new format (#9382)
• Update AWS MQ service metadata to new format (#9267)
• Update AWS Macie service metadata to new format (#9265)
• Update AWS Lightsail service metadata to new format (#9264)

🐞 Fixed

• Fix duplicate requirement IDs in ISO 27001:2013 AWS compliance framework by adding unique letter suffixes
• Removed incorrect threat-detection category from checks metadata (#9489)
• GCP cloudstorage_uses_vpc_service_controls check to handle VPC Service Controls blocked API access (#9478)

MCP

🚀 Added

• Remove all Prowler App MCP tools; and add new MCP Server tools for Prowler Findings and Compliance (#9300)
• Add new MCP Server tools for Prowler Providers Management (#9350)
• Add new MCP Server tools for Prowler Resources Management (#9380)
• Add new MCP Server tools for Prowler Scans Management (#9509)
• Add new MCP Server tools for Prowler Muting Management (#9510)