My older post about Prowler can be found here. This post is about an update made to the AWS CIS Benchmark Tool – Prowler 1.3!
What is Prowler?
Prowler is a tool for AWS security assessment, auditing and hardening. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark. It covers hardening and security best practices for all AWS regions related to identity and access management, logging, monitoring and networking. With Prowler you can get a colourish or monochrome report, get a CSV format report for diff, run specific checks without having to run the entire report and check multiple AWS accounts in parallel.
Prowler 1.3 changelog:
This release has bug fixes and new features. The earlier version had 52 checks. But now, we have 3 additional checks! These checks are NOT a part of the CIS benchmark for AWS. However, these additional checks improve the information gathered from each account and are helpful to get to know each AWS account set up and discover problems with them. In detail:
- Fixes regarding SNS checks and some other small fixes.
- Added CIS profile definitions (profile1 and profile2 as stated in their documentation).
- Added extra checks (extra71, extra72 and extra73 to check admins w/o MFA, Search Publicly shared EBS Snapshots and S3 buckets open to the internet).
- Ensure users with AdministratorAccess policy have MFA tokens enabled (Not Scored) (Not part of CIS benchmark)
- Ensure there are no EBS Snapshots set as Public (Not Scored) (Not part of CIS benchmark)
- Ensure there are no S3 buckets open to the Everyone or Any AWS user (Not Scored) (Not part of CIS benchmark)
- Improved documentation.
Download Prowler 1.3:
Prowler 1.3 (prowler-1.3.tar.gz/prowler-1.3.zip) can be downloaded here.