prowler | security tool to perform AWS security best practices | Security library

 by   toniblyx Shell Version: 2.6.1 License: Apache-2.0

kandi X-RAY | prowler Summary

kandi X-RAY | prowler Summary

prowler is a Shell library typically used in Security applications. prowler has no bugs, it has no vulnerabilities, it has a Permissive License and it has medium support. You can download it from GitHub.

Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks including related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2 and others. Read more about CIS Amazon Web Services Foundations Benchmark v1.2.0 - 05-23-2018.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              prowler has a medium active ecosystem.
              It has 4601 star(s) with 810 fork(s). There are 109 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 25 open issues and 395 have been closed. On average issues are closed in 28 days. There are 2 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of prowler is 2.6.1

            kandi-Quality Quality

              prowler has 0 bugs and 0 code smells.

            kandi-Security Security

              prowler has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              prowler code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              prowler is licensed under the Apache-2.0 License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              prowler releases are available to install and integrate.
              Installation instructions, examples and code snippets are available.
              It has 2313 lines of code, 11 functions and 16 files.
              It has low code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of prowler
            Get all kandi verified functions for this library.

            prowler Key Features

            No Key Features are available at this moment for prowler.

            prowler Examples and Code Snippets

            No Code Snippets are available at this moment for prowler.

            Community Discussions

            Trending Discussions on prowler

            QUESTION

            Django Defect-dojo: aws-prowler upload failed
            Asked 2020-Feb-10 at 12:49

            I've implemented django-DefectDojo and trying to upload This sample-scan file but it throws me the following error in the logs.

            Everything is perfectly installed and other files are being uploaded(whichever I require) but this file.
            Error Thrown
            Server Error (500)
            Logs

            ...

            ANSWER

            Answered 2020-Feb-10 at 12:49

            This is file parsing error, and DefectDoJo AWS Prowler Parser expects input file to be in .csv format with header row as in default prowler csv output - all capital letters.

            Example .csv file (based on your .json file) to be imported (although not tested) - data in the same order as was in .json, timestamp removed, header row added with names as expected by DoJo and matching data types:

            Accepted CSV format that matches (default) json data order, as some fields have different names in .json and .csv. Actual order does not matter for DoJo import.

            Source https://stackoverflow.com/questions/60124657

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install prowler

            Prowler has been written in bash using AWS-CLI and it works in Linux and OSX.
            Make sure the latest version of AWS-CLI is installed on your workstation (it works with either v1 or v2), and other components needed, with Python pip already installed: pip install awscli NOTE: detect-secrets Yelp version is no longer supported the one from IBM is mantained now. Use the one mentioned below or the specific Yelp version 1.0.3 to make sure it works as expected (pip install detect-secrets==1.0.3): pip install "git+https://github.com/ibm/detect-secrets.git@master#egg=detect-secrets" AWS-CLI can be also installed it using "brew", "apt", "yum" or manually from https://aws.amazon.com/cli/, but detect-secrets has to be installed using pip or pip3. You will need to install jq to get the most from Prowler.
            Make sure jq is installed: examples below with "apt" for Debian alike and "yum" for RedHat alike distros (like Amazon Linux): sudo apt install jq sudo yum install jq
            Previous steps, from your workstation: git clone https://github.com/toniblyx/prowler cd prowler
            Since Prowler users AWS CLI under the hood, you can follow any authentication method as described here. Make sure you have properly configured your AWS-CLI with a valid Access Key and Region or declare AWS variables properly (or intance profile): aws configure or export AWS_ACCESS_KEY_ID="ASXXXXXXX" export AWS_SECRET_ACCESS_KEY="XXXXXXXXX" export AWS_SESSION_TOKEN="XXXXXXXXX"
            Those credentials must be associated to a user or role with proper permissions to do all checks. To make sure, add the AWS managed policies, SecurityAudit and ViewOnlyAccess, to the user or role being used. Policy ARNs are: arn:aws:iam::aws:policy/SecurityAudit arn:aws:iam::aws:policy/job-function/ViewOnlyAccess Additional permissions needed: to make sure Prowler can scan all services included in the group Extras, make sure you attach also the custom policy prowler-additions-policy.json to the role you are using. If you want Prowler to send findings to AWS Security Hub, make sure you also attach the custom policy prowler-security-hub.json.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries

            Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link