Prowler 4.1.0 - Aces High
There goes the siren that warns of the air raid
There comes the sound of the guns sending flak
Out for the scramble we've got to get airborne
Got to get up for the coming attack
Here we have Prowler 4.1.0 Aces High 🚀 ready to help you improve your Cloud security with this Iron Maiden song.
New features to highlight in this version
🖊️ GCP flags to list, exclude/include Project IDs
- Now the
--project-ids
flag allows you to use*
, as a prefix or suffix, to include the project ids you want to scan. - The
--list-project-ids
allows you to copy and paste values and know the accessible projects to be scanned with the provided crendentials. - The
--excluded-project-ids
flag allows you to exclude the projects to be scanned and it also accepts*
.
🔨 13 new fixers (remediations) for AWS
- We have included 13 new fixers for services like Access Analyzer, CloudTrail, GuardDuty, KMS, Security Hub and IAM. You can get all the available fixers with
prowler aws --list-fixers
then go per check to remediate the failed findings byprowler aws --check guardduty_is_enabled --fixer
. - Some of those fixers are configurable using the
fixer_config.yaml
file present in theprowler/config
folder. You can read more about the fixer and how to configure it here
📘 New fields for the OCSF Detection Finding
- We have included the
check_id
,compliance
and all the Prowler check's metadata within the OCSF Detection Finding that Prowler generates in the.ocsf.json
output file. You can read more about this finding format here.
🔧 Other issues and bug fixes solved for all the cloud providers
Features
- feat(gcp): improve Google Projects scan customization by @sergargar in #3741
Fixes
- fix(actions): Don't need expressions within
if
by @jfagoagas in #3733 - fix(aws_lambda): Update obsolete lambda runtimes by @pedrooot in #3735
- fix(ulimit): import library only in windows by @sergargar in #3738
- fix(download): remove dataframe index from download in dashboard by @pedrooot in #3739
- fix(json-ocsf): add check_id field in json-ocsf output by @pedrooot in #3740
- fix(json-ocsf): Add missing fields for JSON-OCSF by @pedrooot in #3745
- fix(ocsf): Include check_id as metadata.event_code by @jfagoagas in #3748
- fix(json-ocsf): Remove risk field from unmapped by @pedrooot in #3759
- fix(wafv2): Handle WAFNonexistentItemException by @pedrooot in #3761
- fix(compliance): Add muted info to compliance outputs by @pedrooot in #3751
- fix(mutelist): if all fails are muted do exit 0 by @jfagoagas in #3754
- fix(ocsf): Add compliance by @jfagoagas in #3753
- fix(security-hub): MUTED -> WARNING by @jfagoagas in #3768
- fix(slack): Use global provider object by @jfagoagas in #3770
- fix(trufflehog): fix GitHub action of TruffleHog by @sergargar in #3775
- fix(table-overview): Multiple changes on dashboard table from overview by @pedrooot in #3773
- fix(utils): import libraries when needed by @sergargar in #3805
- fix(network_azure): handle capitalized protocols in security group rules by @pedrooot in #3808
- fix(execute_check): Handle ModuleNotFoundError by @jfagoagas in #3812
- fix(overview-table): change font in overview table by @pedrooot in #3815
- fix(dashboard): fix error in windows for csvreader by @pedrooot in #3806
- fix(ocsf): Add resource details to data by @jfagoagas in #3819
Chores
- chore(version): update Prowler version by @sergargar in #3730
- chore(regions_update): Changes in regions for AWS services. by @n4ch04 in #3746
- chore(dashboard): Use Prowler CLI parser by @jfagoagas in #3722
- chore(regions_update): Changes in regions for AWS services. by @n4ch04 in #3755
- chore(regions_update): Changes in regions for AWS services. by @n4ch04 in #3765
- chore(fixer): improve fixer logic and include more by @sergargar in #3750
- chore(rds): improve rds public instance check by @sergargar in #3797
- chore(ec2): improve handling of ENIs by @sergargar in #3798
- chore(aws): Add CloudTrail Threat Detection tests by @pedrooot in #3804
- chore(fixer): add more fixers by @sergargar in #3772
- chore(vpc): improve public subnet logic by @sergargar in #3814
- chore(codeowners): Add prowler-dev team by @jfagoagas in #3763
Dependencies
- chore(deps): bump idna from 3.6 to 3.7 by @dependabot in #3758
- chore(dependabot): increase PRs limit by @sergargar in #3789
- chore(deps): bump boto3 from 1.34.80 to 1.34.84 by @dependabot in #3793
- chore(deps-dev): bump mkdocs-material from 9.5.17 to 9.5.18 by @dependabot in #3794
- chore(deps): bump azure-identity from 1.15.0 to 1.16.0 by @dependabot in #3795
- chore(deps): bump pandas from 2.2.1 to 2.2.2 by @dependabot in #3791
- chore(deps-dev): bump black from 24.3.0 to 24.4.0 by @dependabot in #3777
- chore(deps): bump trufflesecurity/trufflehog from 3.72.0 to 3.73.0 by @dependabot in #3786
- chore(deps): bump boto3 from 1.34.77 to 1.34.80 by @dependabot in #3780
- chore(deps): bump botocore from 1.34.80 to 1.34.84 by @dependabot in #3779
- chore(deps): bump dash-bootstrap-components from 1.5.0 to 1.6.0 by @dependabot in #3778
chore(deps): bump aiohttp from 3.9.3 to 3.9.4 by @dependabot in #3818
Documentation
- docs(dashboard): Indicate how to change port by @jfagoagas in #3729
- docs(dashboard): format list by @jfagoagas in #3732
- docs: readme points to docs.prowler.com to learn everything by @jfagoagas in #3707
- chore(docs): Support toggle light/dark mode by @puchy22 in #3744
- docs(outputs): update docs for v4 outputs by @pedrooot in #3734
- docs(threat-detection): Add threat-detection docs by @pedrooot in #3757
- docs(compliance): Change images for compliance by @pedrooot in #3760
- docs(devel-guide): Adding some improves and clarifications to developer guide by @puchy22 in #3749
- docs(devel-guide): Add provider section and remove audit_info section by @puchy22 in #3756
- docs(unit-testing): Update the unit testing section by @puchy22 in #3764
- docs(developer guide): fix broken link by @mlmerchant in #3799
- docs(ocsf): Add missing fields to the example by @jfagoagas in #3816
New Contributors
- @mlmerchant made their first contribution in #3799
Full Changelog: 4.0.1...4.1.0