ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-01-25 02:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(lighthouse): Rename to Lighthouse AI (#8262)

Browse Source 
Co-authored-by: Chandrapal Badshah <12944530+Chan9390@users.noreply.github.com>
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
This commit is contained in:
Chandrapal Badshah
2025-07-17 19:55:32 +05:30
committed by GitHub
parent 8496a6b045
commit e89df617ef
8 changed files with 96 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/developer-guide/lighthouse.md
View File

@@ -1,6 +1,6 @@
# Extending Prowler Lighthouse
# Extending Prowler Lighthouse AI
This guide helps developers customize and extend Prowler Lighthouse by adding or modifying AI agents.
This guide helps developers customize and extend Prowler Lighthouse AI by adding or modifying AI agents.
## Understanding AI Agents
@@ -13,7 +13,7 @@ AI agents fall into two main categories:
- **Autonomous Agents**: Freely chooses from available tools to complete tasks, adapting their approach based on context. They decide which tools to use and when.
- **Workflow Agents**: Follows structured paths with predefined logic. They execute specific tool sequences and can include conditional logic.
Prowler Lighthouse is an autonomous agent - selecting the right tool(s) based on the users query.
Prowler Lighthouse AI is an autonomous agent - selecting the right tool(s) based on the users query.
???+ note
To learn more about AI agents, read [Anthropic's blog post on building effective agents](https://www.anthropic.com/engineering/building-effective-agents).
@@ -24,15 +24,15 @@ The autonomous nature of agents depends on the underlying LLM. Autonomous agents
After evaluating multiple LLM providers (OpenAI, Gemini, Claude, LLama) based on tool calling features and response accuracy, we recommend using the `gpt-4o` model.
## Prowler Lighthouse Architecture
## Prowler Lighthouse AI Architecture
Prowler Lighthouse uses a multi-agent architecture orchestrated by the [Langgraph-Supervisor](https://www.npmjs.com/package/@langchain/langgraph-supervisor) library.
Prowler Lighthouse AI uses a multi-agent architecture orchestrated by the [Langgraph-Supervisor](https://www.npmjs.com/package/@langchain/langgraph-supervisor) library.
### Architecture Components
<img src="../../tutorials/img/lighthouse-architecture.png" alt="Prowler Lighthouse architecture">
Prowler Lighthouse integrates with the NextJS application:
Prowler Lighthouse AI integrates with the NextJS application:
- The [Langgraph-Supervisor](https://www.npmjs.com/package/@langchain/langgraph-supervisor) library integrates directly with NextJS
- The system uses the authenticated user session to interact with the Prowler API server
@@ -74,7 +74,7 @@ Modifying the supervisor prompt allows you to:
The supervisor agent and all specialized agents are defined in the `route.ts` file. The supervisor agent uses [langgraph-supervisor](https://www.npmjs.com/package/@langchain/langgraph-supervisor), while other agents use the prebuilt [create-react-agent](https://langchain-ai.github.io/langgraphjs/how-tos/create-react-agent/).
To add new capabilities or all Lighthouse to interact with other APIs, create additional specialized agents:
To add new capabilities or all Lighthouse AI to interact with other APIs, create additional specialized agents:
1. First determine what the new agent would do. Create a detailed prompt defining the agent's purpose and capabilities. You can see an example from [here](https://github.com/prowler-cloud/prowler/blob/master/ui/lib/lighthouse/prompts.ts#L359-L385).
???+ note

40
docs/tutorials/prowler-app-lighthouse.md
View File

@@ -1,12 +1,12 @@
# Prowler Lighthouse
# Prowler Lighthouse AI
Prowler Lighthouse is an AI Cloud Security Analyst chatbot that helps you understand, prioritize, and remediate security findings in your cloud environments. It's designed to provide security expertise for teams without dedicated resources, acting as your 24/7 virtual cloud security analyst.
Prowler Lighthouse AI is a Cloud Security Analyst chatbot that helps you understand, prioritize, and remediate security findings in your cloud environments. It's designed to provide security expertise for teams without dedicated resources, acting as your 24/7 virtual cloud security analyst.
<img src="../img/lighthouse-intro.png" alt="Prowler Lighthouse">
## How It Works
Prowler Lighthouse uses OpenAI's language models and integrates with your Prowler security findings data.
Prowler Lighthouse AI uses OpenAI's language models and integrates with your Prowler security findings data.
Here's what's happening behind the scenes:
@@ -14,28 +14,28 @@ Here's what's happening behind the scenes:
- It uses a ["supervisor" architecture](https://langchain-ai.lang.chat/langgraphjs/tutorials/multi_agent/agent_supervisor/) that interacts with different agents for specialized tasks. For example, `findings_agent` can analyze detected security findings, while `overview_agent` provides a summary of connected cloud accounts.
- The system connects to OpenAI models to understand, fetch the right data, and respond to the user's query.
???+ note
Lighthouse is tested against `gpt-4o` and `gpt-4o-mini` OpenAI models.
Lighthouse AI is tested against `gpt-4o` and `gpt-4o-mini` OpenAI models.
- The supervisor agent is the main contact point. It is what users interact with directly from the chat interface. It coordinates with other agents to answer users' questions comprehensively.
<img src="../img/lighthouse-architecture.png" alt="Lighthouse Architecture">
<img src="../img/lighthouse-architecture.png" alt="Lighthouse AI Architecture">
???+ note
All agents can only read relevant security data. They cannot modify your data or access sensitive information like configured secrets or tenant details.
## Set up
Getting started with Prowler Lighthouse is easy:
Getting started with Prowler Lighthouse AI is easy:
1. Go to the configuration page in your Prowler dashboard.
2. Enter your OpenAI API key.
3. Select your preferred model. The recommended one for best results is `gpt-4o`.
4. (Optional) Add business context to improve response quality and prioritization.
<img src="../img/lighthouse-config.png" alt="Lighthouse Configuration">
<img src="../img/lighthouse-config.png" alt="Lighthouse AI Configuration">
### Adding Business Context
The optional business context field lets you provide additional information to help Lighthouse understand your environment and priorities, including:
The optional business context field lets you provide additional information to help Lighthouse AI understand your environment and priorities, including:
- Your organization's cloud security goals
- Information about account owners or responsible teams
@@ -46,7 +46,7 @@ Better context leads to more relevant responses and prioritization that aligns w
## Capabilities
Prowler Lighthouse is designed to be your AI security team member, with capabilities including:
Prowler Lighthouse AI is designed to be your AI security team member, with capabilities including:
### Natural Language Querying
@@ -70,7 +70,7 @@ Get tailored step-by-step instructions for fixing security issues:
### Enhanced Context and Analysis
Lighthouse can provide additional context to help you understand the findings:
Lighthouse AI can provide additional context to help you understand the findings:
- Explain security concepts related to findings in simple terms
- Provide risk assessments based on your environment and context
@@ -82,20 +82,20 @@ Lighthouse can provide additional context to help you understand the findings:
## Important Notes
Prowler Lighthouse is powerful, but there are limitations:
Prowler Lighthouse AI is powerful, but there are limitations:
- **Continuous improvement**: Please report any issues, as the feature may make mistakes or encounter errors, despite extensive testing.
- **Access limitations**: Lighthouse can only access data the logged-in user can view. If you can't see certain information, Lighthouse can't see it either.
- **NextJS session dependence**: If your Prowler application session expires or logs out, Lighthouse will error out. Refresh and log back in to continue.
- **Access limitations**: Lighthouse AI can only access data the logged-in user can view. If you can't see certain information, Lighthouse AI can't see it either.
- **NextJS session dependence**: If your Prowler application session expires or logs out, Lighthouse AI will error out. Refresh and log back in to continue.
- **Response quality**: The response quality depends on the selected OpenAI model. For best results, use gpt-4o.
### Getting Help
If you encounter issues with Prowler Lighthouse or have suggestions for improvements, please [reach out through our Slack channel](https://goto.prowler.com/slack).
If you encounter issues with Prowler Lighthouse AI or have suggestions for improvements, please [reach out through our Slack channel](https://goto.prowler.com/slack).
### What Data Is Shared to OpenAI?
The following API endpoints are accessible to Prowler Lighthouse. Data from the following API endpoints could be shared with OpenAI depending on the scope of user's query:
The following API endpoints are accessible to Prowler Lighthouse AI. Data from the following API endpoints could be shared with OpenAI depending on the scope of user's query:
#### Accessible API Endpoints
@@ -139,7 +139,7 @@ The following API endpoints are accessible to Prowler Lighthouse. Data from the
#### Excluded API Endpoints
Not all Prowler API endpoints are integrated with Lighthouse. They are intentionally excluded for the following reasons:
Not all Prowler API endpoints are integrated with Lighthouse AI. They are intentionally excluded for the following reasons:
- OpenAI/other LLM providers shouldn't have access to sensitive data (like fetching provider secrets and other sensitive config)
- Users queries don't need responses from those API endpoints (ex: tasks, tenant details, downloading zip file, etc.)
@@ -173,7 +173,7 @@ Not all Prowler API endpoints are integrated with Lighthouse. They are intention
- List all tasks - `/api/v1/tasks`
- Retrieve data from a specific task - `/api/v1/tasks/{id}`
**Lighthouse Configuration:**
**Lighthouse AI Configuration:**
- List OpenAI configuration - `/api/v1/lighthouse-config`
- Retrieve OpenAI key and configuration - `/api/v1/lighthouse-config/{id}`
@@ -187,7 +187,7 @@ Not all Prowler API endpoints are integrated with Lighthouse. They are intention
During feature development, we evaluated other LLM models.
- **Claude AI** - Claude models have [tier-based ratelimits](https://docs.anthropic.com/en/api/rate-limits#requirements-to-advance-tier). For Lighthouse to answer slightly complex questions, there are a handful of API calls to the LLM provider within few seconds. With Claude's tiering system, users must purchase $400 credits or convert their subscription to monthly invoicing after talking to their sales team. This pricing may not suit all Prowler users.
- **Claude AI** - Claude models have [tier-based ratelimits](https://docs.anthropic.com/en/api/rate-limits#requirements-to-advance-tier). For Lighthouse AI to answer slightly complex questions, there are a handful of API calls to the LLM provider within few seconds. With Claude's tiering system, users must purchase $400 credits or convert their subscription to monthly invoicing after talking to their sales team. This pricing may not suit all Prowler users.
- **Gemini Models** - Gemini lacks a solid tool calling feature like OpenAI. It calls functions recursively until exceeding limits. Gemini-2.5-Pro-Experimental is better than previous models regarding tool calling and responding, but it's still experimental.
- **Deepseek V3** - Doesn't support system prompt messages.
@@ -197,8 +197,8 @@ Context windows are limited. While demo data fits inside the context window, que
**3. Is my security data shared with OpenAI?**
Minimal data is shared to generate useful responses. Agents can access security findings and remediation details when needed. Provider secrets are protected by design and cannot be read. The Lighthouse key is only accessible to our NextJS server and is never sent to LLMs. Resource metadata (names, tags, account/project IDs, etc) may be shared with OpenAI based on your query requirements.
Minimal data is shared to generate useful responses. Agents can access security findings and remediation details when needed. Provider secrets are protected by design and cannot be read. The OpenAI key configured with Lighthouse AI is only accessible to our NextJS server and is never sent to LLMs. Resource metadata (names, tags, account/project IDs, etc) may be shared with OpenAI based on your query requirements.
**4. Can the Lighthouse change my cloud environment?**
**4. Can the Lighthouse AI change my cloud environment?**
No. The agent doesn't have the tools to make the changes, even if the configured cloud provider API keys contain permissions to modify resources.

2
ui/app/(prowler)/lighthouse/config/page.tsx
View File

@@ -21,7 +21,7 @@ export default async function ChatbotConfigPage() {
const configExists = !!response;
return (
<ContentLayout title="Configure Lighthouse" icon="lucide:settings">
<ContentLayout title="Configure Lighthouse AI" icon="lucide:settings">
<ChatbotConfig
initialValues={initialValues}
configExists={configExists}

3
ui/app/(prowler)/lighthouse/page.tsx
View File

@@ -1,4 +1,5 @@
import { getLighthouseConfig } from "@/actions/lighthouse/lighthouse";
import { LighthouseIcon } from "@/components/icons/Icons";
import { Chat } from "@/components/lighthouse";
import { ContentLayout } from "@/components/ui";
@@ -9,7 +10,7 @@ export default async function AIChatbot() {
const isActive = config?.attributes?.is_active ?? false;
return (
<ContentLayout title="Lighthouse" icon="lucide:bot">
<ContentLayout title="Lighthouse AI" icon={<LighthouseIcon />}>
<Chat hasConfig={hasConfig} isActive={isActive} />
</ContentLayout>
);

46
ui/components/icons/Icons.tsx
View File

@@ -1117,3 +1117,49 @@ export const KubernetesIcon: React.FC<IconSvgProps> = ({
</svg>
);
};
export const LighthouseIcon: React.FC<IconSvgProps> = ({
size = 24,
width,
height,
...props
}) => {
return (
<svg
xmlns="http://www.w3.org/2000/svg"
viewBox="0 0 200 200"
width={size || width}
height={size || height}
fill="none"
stroke="#8ce112"
strokeWidth="12"
strokeLinecap="round"
strokeLinejoin="round"
{...props}
>
{/* Square container with rounded corners, broken top-right edge */}
<path
d="M30 50 Q30 30 50 30 H140
M30 50 V150 Q30 170 50 170 H150 Q170 170 170 150 V100"
/>
{/* Slightly smaller center star */}
<path
d="M100 60
L114 89 L140 100
L114 111 L100 140
L86 111 L60 100
L86 89 Z"
/>
{/* Small star in top-right corner */}
<path
d="M160 35
L168 50 L182 58
L168 66 L160 80
L152 66 L138 58
L152 50 Z"
/>
</svg>
);
};

4
ui/components/lighthouse/chat.tsx
View File

@@ -135,8 +135,8 @@ export const Chat = ({ hasConfig, isActive }: ChatProps) => {
</h3>
<p className="text-muted-foreground mb-4">
{!hasConfig
? "Please configure your OpenAI API key to use Lighthouse."
: "OpenAI API key is invalid. Please update your key to use Lighthouse."}
? "Please configure your OpenAI API key to use Lighthouse AI."
: "OpenAI API key is invalid. Please update your key to use Lighthouse AI."}
</p>
<Link
href="/lighthouse/config"

4
ui/components/lighthouse/chatbot-config.tsx
View File

@@ -69,7 +69,7 @@ export const ChatbotConfig = ({
setConfigExists(true);
toast({
title: "Success",
description: `Lighthouse configuration ${
description: `Lighthouse AI configuration ${
configExists ? "updated" : "created"
} successfully`,
});
@@ -80,7 +80,7 @@ export const ChatbotConfig = ({
toast({
title: "Error",
description:
"Failed to save lighthouse configuration: " + String(error),
"Failed to save Lighthouse AI configuration: " + String(error),
variant: "destructive",
});
} finally {

33
ui/lib/menu-list.ts
View File

@@ -3,7 +3,6 @@
import {
AlertCircle,
Bookmark,
Bot,
CloudCog,
Cog,
Group,
@@ -30,6 +29,7 @@ import {
DocIcon,
GCPIcon,
KubernetesIcon,
LighthouseIcon,
M365Icon,
SupportIcon,
} from "@/components/icons/Icons";
@@ -62,13 +62,22 @@ export const getMenuList = (pathname: string): GroupProps[] => {
},
],
},
{
groupLabel: "Issues",
groupLabel: "",
menus: [
{
href: "/lighthouse",
label: "Lighthouse AI",
icon: LighthouseIcon,
},
],
},
{
groupLabel: "",
menus: [
{
href: "",
label: "Top failed issues",
label: "Top failed findings",
icon: Bookmark,
submenus: [
{
@@ -143,7 +152,7 @@ export const getMenuList = (pathname: string): GroupProps[] => {
],
},
{
groupLabel: "Settings",
groupLabel: "",
menus: [
{
href: "",
@@ -154,14 +163,14 @@ export const getMenuList = (pathname: string): GroupProps[] => {
{ href: "/manage-groups", label: "Provider Groups", icon: Group },
{ href: "/scans", label: "Scan Jobs", icon: Timer },
{ href: "/roles", label: "Roles", icon: UserCog },
{ href: "/lighthouse/config", label: "Lighthouse", icon: Cog },
{ href: "/lighthouse/config", label: "Lighthouse AI", icon: Cog },
],
defaultOpen: true,
},
],
},
{
groupLabel: "Workspace",
groupLabel: "",
menus: [
{
href: "",
@@ -175,16 +184,6 @@ export const getMenuList = (pathname: string): GroupProps[] => {
},
],
},
{
groupLabel: "Prowler Lighthouse",
menus: [
{
href: "/lighthouse",
label: "Lighthouse",
icon: Bot,
},
],
},
{
groupLabel: "",
menus: [