1.6
版本发布时间: 2018-02-21 22:55:56
prowler-cloud/prowler最新发布版本:4.3.7(2024-09-24 03:55:00)
New features:
- New forensics ready group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed
prowler -c forensics-ready
- Added option
-e
to exclude all extra checks (they may make prowler take longer to finish) - New check
extra78
Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra79
Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra710
Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra711
Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra712
Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra713
Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra714
Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra715
Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra716
Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark) - New check
extra717
Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra718
Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra719
Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark) - New check
extra720
Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark) - New check
extra721
Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra722
Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)
Fixes:
- Typo in extra72 by @neonbunny
- check114 by @subramani95
Improvements:
- PR #150 Load of authentication credentials
- PR #164 check31 by @subramani95
- PR #167 OSTYPE handling to support Alpine docker containers
Documentation:
- Added section https://github.com/Alfresco/prowler#forensics-ready-checks to README
- Added all new extra checks to README
Special thanks to:
@sidewinder12s @subramani95 @neonbunny and @SubatomicHero.