github prowler-cloud/prowler 5.2.0
Prowler 5.2.0
on GitHub

one day ago

🎨 UI

Improved UX when setting up a provider using an IAM role

  • When adding AWS IAM Role credentials now you can skip static credentials if you are running Prowler within AWS, e.g: EC2, ECS, EKS since it will automatically use the default SDK credentials.
  • We've added CloudFormation and Terraform templates to deploy the ProwlerScan AWS IAM Role.
  • You can easily copy the IAM Role External ID 🎉

5 2-workFlow-1

Finding details layout looks completely different and now includes the first_seen

5 2-findingDetails

Scan details have been improved

5 2-scanDetails

Improved UX during the sign-up process

Improved UX during the sign-up process for first-time users on the scan page, and when users already have completed scans but cannot launch a new one due to the absence of a provider with a successful connection test.
5 2-scanPage

Provider setup has one less step

5.2-workFlow-2.mp4

💻 API

🐘 Update Django DB Manager with psycopg3 and connection pooling

The API DB Manager now uses psycopg3 to improve their reliability.

❗AWS IAM Role External ID

The IAM Role External ID now is a mandatory field when configuring the IAM Role authentication.

🥇 Finding First Seen

Now all the Findings has a first_seen_at field to quickly identify when was the first time that Prowler saw it.

🔧 SDK

📁 OCSF format includes metadata for each resource

We have included a new field under resource which includes a JSON object with all the resource metadata. The following is an example of an AWS finding: 

"metadata": {
	"name": "api",
	"arn": "arn:aws:ecs:eu-west-1:111122223333:task-definition/api:1",
	"revision": "1",
	"region": "eu-west-1",
	"container_definitions": [
	    {
	        "name": "api",
	        "privileged": false,
	        "readonly_rootfilesystem": false,
	        "user": "",
	        "environment": [
	            {
	                "name": "environment",
	                "value": "prod"
	            },
	        ],
	        "log_driver": "awslogs",
	        "log_option": ""
}

Try it out with prowler --output-format json-ocsf

📖 2 new Compliance Frameworks!

  • CIS 1.10 Kubernetes
  • CIS 3.0 Azure

㊙️ Scan Secrets

Now all checks using detect-secrets can be configured with the list of plugins to be used via the Prowler config file.

Full Changelog: 5.1.5...5.2.0

Check out latest releases or
releases around prowler-cloud/prowler 5.2.0

Don't miss a new prowler release

NewReleases is sending notifications on new releases.

Get notifications