1.6
版本发布时间: 2018-02-21 22:55:56
prowler-cloud/prowler最新发布版本:4.3.7(2024-09-24 03:55:00)
New features:
- New forensics ready group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed
prowler -c forensics-ready - Added option
-eto exclude all extra checks (they may make prowler take longer to finish) - New check
extra78Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra79Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra710Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra711Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s - New check
extra712Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra713Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark) - New check
extra714Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra715Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra716Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark) - New check
extra717Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra718Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra719Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark) - New check
extra720Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark) - New check
extra721Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark) - New check
extra722Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)
Fixes:
- Typo in extra72 by @neonbunny
- check114 by @subramani95
Improvements:
- PR #150 Load of authentication credentials
- PR #164 check31 by @subramani95
- PR #167 OSTYPE handling to support Alpine docker containers
Documentation:
- Added section https://github.com/Alfresco/prowler#forensics-ready-checks to README
- Added all new extra checks to README
Special thanks to:
@sidewinder12s @subramani95 @neonbunny and @SubatomicHero.