Security News > 2024 > February > Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure

Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure.
"Easy to use from the command line with simple, understandable output, Prowler offers standard reporting formats like CSV and JSON, enabling users to thoroughly examine findings across any cloud provider, all in a uniform format. Its seamless integrations with Security Hub and S3 facilitate easy incorporation with other SIEMs, databases, and more. The ability to write custom checks and develop custom security frameworks is crucial for our expanding community," Toni de la Fuente, the creator of Prowler, told Help Net Security.
You can run Prowler from your workstation, an EC2 instance, Fargate, or any other container, Codebuild, CloudShell, and Cloud9.
The tool was written in Python using the AWS SDK, Azure SDK, and GCP API Python Client.
The developers are expanding Prowler with additional checks for Azure and GCP and full Kubernetes support in the upcoming version 4.0, which is scheduled for release in March.
Must read: 15 open-source cybersecurity tools you'll wish you'd known earlier.
News URL
Related news
- Google Cloud introduces quantum-safe digital signatures in KMS (source)
- Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats (source)
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Orbit: Open-source Nuclei security scanning and automation platform (source)
- How CISOs can balance security and business agility in the cloud (source)
- Balancing cloud security with performance and availability (source)
- Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously” (source)
- Misconfig Mapper: Open-source tool to uncover security misconfigurations (source)