Kristofer Jussmann
|
6177fc6286
|
fix(oci): use home region for audit configuration API call (#10347)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-21 16:09:29 +01:00 |
|
Sandiyo Christan
|
0fd952ae2b
|
chore(m365): use PowerShell best practices for quoting credential variables (#9997)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-21 15:17:23 +01:00 |
|
lydiavilchez
|
74622dd576
|
feat(googleworkspace): add sites, additional_services and marketplace service checks (#11281)
|
2026-05-21 15:52:15 +02:00 |
|
Daniel Barranquero
|
349611d52d
|
feat(okta): 4 new signon service checks (#11224)
|
2026-05-21 12:48:06 +02:00 |
|
Simone
|
534dedb608
|
feat(sagemaker): add sagemaker_models_registry_in_use check (#11196)
Co-authored-by: cascioli <simdon2015?gmail.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-20 13:59:18 +02:00 |
|
BMO
|
cff1704d7b
|
feat(ses): add check for DKIM signing enabled on SES identities (#10923)
Co-authored-by: Mohamed Solaiman <mohamedsolaiman@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
|
2026-05-20 13:33:03 +02:00 |
|
lydiavilchez
|
0ca444895f
|
feat(googleworkspace): add groups service checks (#11186)
|
2026-05-20 12:54:49 +02:00 |
|
Daniel Barranquero
|
6eebfcfe77
|
feat(api): add okta provider support (#11184)
|
2026-05-20 10:46:29 +02:00 |
|
Hugo Pereira Brito
|
40c1761840
|
fix(s3): only emit shadow-resource finding when bucket name matches a predictable pattern (#11220)
|
2026-05-19 15:46:05 +01:00 |
|
Pedro Martín
|
0ab0e8671d
|
fix(azure): skip system 'master' DB in sqlserver_tde_encrypted_with_cmk (#11233)
|
2026-05-19 16:34:33 +02:00 |
|
Hugo Pereira Brito
|
7a7c828fc7
|
feat(m365/entra): add entra_app_registration_client_secret_unused check (consolidates #11097 and #11212) (#11232)
Co-authored-by: shadyfox <git@twink.energy>
Co-authored-by: Oleksandr Yizchak Sanin <alexaaander.sanin@gmail.com>
|
2026-05-19 15:14:32 +01:00 |
|
s1ns3nz0
|
9dc4deccb6
|
feat(gcp): add cloudsql_instance_cmek_encryption_enabled check (#11023)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-19 15:52:16 +02:00 |
|
Pedro Martín
|
bfcbe0a9c4
|
feat(scaleway): add new provider (#11166)
|
2026-05-18 16:42:10 +02:00 |
|
Pedro Martín
|
5ca6e31f45
|
fix(vercel): exclude API token from serialization and repr (#11198)
|
2026-05-18 14:30:44 +02:00 |
|
lydiavilchez
|
9894ac7bc3
|
feat(googleworkspace): implement Chat service with 6 CIS checks (#11126)
|
2026-05-14 17:19:11 +02:00 |
|
lydiavilchez
|
bf4fd8fabd
|
fix(googleworkspace): use per-service resources for Directory (#11176)
|
2026-05-14 13:07:06 +02:00 |
|
lydiavilchez
|
5f92989492
|
fix(googleworkspace): use per-service resources for Calendar and Drive (#11161)
|
2026-05-14 12:43:29 +02:00 |
|
Hugo Pereira Brito
|
6befa78978
|
fix(cloudflare): plan-aware WAF FAIL hints for zones (#9896)
|
2026-05-14 12:27:47 +02:00 |
|
lydiavilchez
|
78af0c24fe
|
fix(googleworkspace): use per-service resources for Gmail (#11169)
|
2026-05-14 12:01:07 +02:00 |
|
June
|
1f39b01fb2
|
feat(sagemaker): add sagemaker_domain_sso_configured check (#11094)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-14 11:42:30 +02:00 |
|
Hugo Pereira Brito
|
739be07077
|
chore(aws): skip unattached IAM policies unless --scan-unused-services (#11150)
|
2026-05-14 08:10:20 +01:00 |
|
Daniel Barranquero
|
4dd5baadf6
|
feat(okta): add provider to the SDK with 1 security check (#11079)
|
2026-05-13 15:57:57 +02:00 |
|
abdou
|
7f3dcdf02f
|
fix(m365): surface AuditLog.Read.All permission errors instead of false positives (#10907)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-12 18:22:19 +01:00 |
|
Hugo Pereira Brito
|
1b99550572
|
feat(m365): add entra_service_principal_no_secrets_for_permanent_tier0_roles security check (#10788)
Co-authored-by: Hugo P.Brito <hugopbrito@Mac.home>
|
2026-05-12 10:45:32 +01:00 |
|
Hugo Pereira Brito
|
80482da1cb
|
refactor(m365): scope entra_emergency_access_exclusion to Block-grant policies (#10849)
|
2026-05-12 10:40:46 +01:00 |
|
Hugo Pereira Brito
|
1b0e12ec51
|
fix(m365): exclude disabled guest users from entra_users_mfa_capable (#11002)
|
2026-05-12 08:35:24 +01:00 |
|
Daniel Barranquero
|
759f7b84d6
|
feat(aws): add cloudtrail_bedrock_logging_enabled security check (#10858)
|
2026-05-11 17:11:49 +02:00 |
|
Hugo Pereira Brito
|
0b26c1a39c
|
feat(aws): add iam_user_access_not_stale_to_sagemaker security check (#11000)
Co-authored-by: Hugo P.Brito <hugopbrito@Mac.home>
|
2026-05-11 16:34:18 +02:00 |
|
Daniel Barranquero
|
73c0305dc4
|
feat(aws): add bedrock_prompt_encrypted_with_cmk security check (#10905)
|
2026-05-11 10:32:44 +02:00 |
|
lydiavilchez
|
962ebac8e4
|
feat(googleworkspace): add Gmail consequence-based checks for attachment safety and spoofing (#10980)
|
2026-05-07 16:50:36 +02:00 |
|
Hugo Pereira Brito
|
2c5d47a8cd
|
chore: route vulnerability references to canonical URLs (#10853)
Co-authored-by: Hugo P.Brito <hugopbrito@Mac.home>
|
2026-05-07 15:28:50 +01:00 |
|
Ivan Necheporenko
|
bcaa6ac488
|
fix(sdk): scan every Azure subscription when display names collide (#10718)
Co-authored-by: Rubén De la Torre Vico <ruben@prowler.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-07 13:59:38 +02:00 |
|
Pedro Martín
|
e585ae45bd
|
feat(aws): rename Essential Eight to ASD Essential Eight (#11054)
Co-authored-by: César Arroba <cesar@prowler.com>
|
2026-05-06 13:11:29 +02:00 |
|
rchotacode
|
19b602c381
|
fix(oci): scan identity in known valid region (#10529)
Co-authored-by: Ronan Chota <ronan.chota@saic.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-06 11:19:19 +01:00 |
|
Pepe Fagoaga
|
7c6d658154
|
fix(k8s): match RBAC rules by apiGroup, not just core (#10969)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
|
2026-05-04 19:54:03 +02:00 |
|
Pepe Fagoaga
|
21d7d08b4b
|
fix(timeline): Return a compact actor name from CloudTrail events (#10986)
|
2026-05-04 19:39:17 +02:00 |
|
Daniel Barranquero
|
921f49a0de
|
feat(aws): add bedrock_prompt_management_exists security check (#10878)
|
2026-05-04 12:38:15 +02:00 |
|
Daniel Barranquero
|
86449fb99d
|
chore(vercel): add disclaimer for checks depending on billing plan (#10663)
|
2026-05-04 08:56:50 +02:00 |
|
Andoni Alonso
|
40dd0e640b
|
fix(sdk): strip http(s):// scheme from image registry URLs (#10950)
|
2026-05-04 08:37:46 +02:00 |
|
Danny Lyubenov
|
c802dc8a36
|
feat(codebuild): use batched API calls to prevent throttling and false positives (#10639)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-04-30 17:19:21 +02:00 |
|
Pepe Fagoaga
|
36b8aa1b79
|
fix(boto3): pass config to clients (#10944)
|
2026-04-30 14:11:29 +02:00 |
|
Boon
|
228fe6d579
|
feat: add ASD Essential Eight compliance framework for AWS (#10808)
Co-authored-by: Boon <boon@security8.work>
Co-authored-by: pedrooot <pedromarting3@gmail.com>
|
2026-04-30 13:49:08 +02:00 |
|
Pedro Martín
|
578186aa40
|
feat(sdk): integrate universal compliance into CLI pipeline (#10301)
|
2026-04-30 13:49:00 +02:00 |
|
Andoni Alonso
|
4608e45c8a
|
fix(image): block parser-mismatch SSRF in registry auth (#10945)
|
2026-04-30 12:56:35 +02:00 |
|
Josema Camacho
|
9297453b8a
|
fix(sdk): add autouse mock_aws fixture and leak detector to prevent AWS test leaks (#10605)
|
2026-04-29 17:49:40 +02:00 |
|
Andoni Alonso
|
7076900fb1
|
fix(kubernetes): use cluster name as provider_uid in OCSF output (#10483)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-04-29 13:45:49 +02:00 |
|
Hugo Pereira Brito
|
380b89cfb6
|
fix(sdk): cover CNAME → dangling S3 in route53 takeover check (#10920)
|
2026-04-29 11:14:33 +01:00 |
|
Davlet Dzhakishev
|
1de01bcb78
|
fix(azure): tighten flow log workspace checks (#10645)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-04-28 16:57:04 +02:00 |
|
Daniel Barranquero
|
8b368e1343
|
feat(aws): add bedrock_guardrails_configured security check (#10844)
|
2026-04-28 14:16:19 +02:00 |
|
Hugo Pereira Brito
|
e252058af4
|
fix(m365): exclude guest users from entra_users_mfa_capable (#10785)
|
2026-04-28 08:58:16 +01:00 |
|