prowler | security tool to perform AWS security best practices | Security library

by toniblyx Shell Version: 2.6.1 License: Apache-2.0

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | prowler Summary

prowler is a Shell library typically used in Security applications. prowler has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others. Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018.

Support

Quality

Security

License

Reuse

Support

prowler has a medium active ecosystem.

It has 4601 star(s) with 810 fork(s). There are 109 watchers for this library.

It had no major release in the last 12 months.

There are 25 open issues and 395 have been closed. On average issues are closed in 28 days. There are 2 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of prowler is 2.6.1

Quality

prowler has 0 bugs and 0 code smells.

Security

prowler has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

prowler code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

prowler is licensed under the Apache-2.0 License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

prowler releases are available to install and integrate.

Installation instructions, examples and code snippets are available.

It has 2313 lines of code, 11 functions and 16 files.

It has low code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of prowler

Get all kandi verified functions for this library.

prowler Key Features

No Key Features are available at this moment for prowler.

prowler Examples and Code Snippets

No Code Snippets are available at this moment for prowler.

Community Discussions

Trending Discussions on prowler

Django Defect-dojo: aws-prowler upload failed

QUESTION

Django Defect-dojo: aws-prowler upload failed

Asked 2020-Feb-10 at 12:49

I've implemented django-DefectDojo and trying to upload This sample-scan file but it throws me the following error in the logs.

Everything is perfectly installed and other files are being uploaded(whichever I require) but this file.
Error Thrown
Server Error (500)
Logs

...

ANSWER

Answered 2020-Feb-10 at 12:49

This is file parsing error, and DefectDoJo AWS Prowler Parser expects input file to be in .csv format with header row as in default prowler csv output - all capital letters.

Example .csv file (based on your .json file) to be imported (although not tested) - data in the same order as was in .json, timestamp removed, header row added with names as expected by DoJo and matching data types:

Accepted CSV format that matches (default) json data order, as some fields have different names in .json and .csv. Actual order does not matter for DoJo import.

Source https://stackoverflow.com/questions/60124657

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install prowler

Prowler has been written in bash using AWS-CLI and it works in Linux and OSX.
Make sure the latest version of AWS-CLI is installed on your workstation (it works with either v1 or v2), and other components needed, with Python pip already installed: pip install awscli NOTE: detect-secrets Yelp version is no longer supported the one from IBM is mantained now. Use the one mentioned below or the specific Yelp version 1.0.3 to make sure it works as expected (pip install detect-secrets==1.0.3): pip install "git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets" AWS-CLI can be also installed it using "brew", "apt", "yum" or manually from https://aws.amazon.com/cli/, but detect-secrets has to be installed using pip or pip3. You will need to install jq to get the most from Prowler.
Make sure jq is installed: examples below with "apt" for Debian alike and "yum" for RedHat alike distros (like Amazon Linux): sudo apt install jq sudo yum install jq
Previous steps, from your workstation: git clone https://github.com/toniblyx/prowler cd prowler
Since Prowler users AWS CLI under the hood, you can follow any authentication method as described here. Make sure you have properly configured your AWS-CLI with a valid Access Key and Region or declare AWS variables properly (or intance profile): aws configure or export AWS_ACCESS_KEY_ID="ASXXXXXXX" export AWS_SECRET_ACCESS_KEY="XXXXXXXXX" export AWS_SESSION_TOKEN="XXXXXXXXX"
Those credentials must be associated to a user or role with proper permissions to do all checks. To make sure, add the AWS managed policies, SecurityAudit and ViewOnlyAccess, to the user or role being used. Policy ARNs are: arn:aws:iam::aws:policy/SecurityAudit arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Additional permissions needed: to make sure Prowler can scan all services included in the group Extras, make sure you attach also the custom policy prowler-additions-policy.json to the role you are using. If you want Prowler to send findings to AWS Security Hub, make sure you also attach the custom policy prowler-security-hub.json.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: