César Arroba
45d69245d1
feat(permissions): add real-time event detection integration
...
Adds an optional EventBridge API Destination integration to both the
CloudFormation and Terraform templates customers use to onboard their
AWS account.
When enabled, selected CloudTrail management events (Security Groups,
IAM, S3, CloudTrail, KMS, RDS, Lambda) are forwarded to Prowler Cloud
for real-time reasoning by Lighthouse AI.
Toggled via:
- CFN: EnableEventsIntegration parameter
- TF: enable_events_integration variable
Follows the same opt-in pattern as the existing S3 integration.
2026-05-28 19:02:39 +02:00
Pablo Fernandez Guerra (PFE)
8f745cdbe6
chore(ui): upgrade pnpm to 11 and harden supply-chain defaults ( #11225 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
2026-05-28 14:39:57 +02:00
Adrián Peña
81226cd837
perf(api): use literal scan_ids in finding-groups /latest aggregation ( #11380 )
2026-05-28 13:46:15 +02:00
Johannes Engler
a2824f7166
feat(stackit): add new provider with 4 checks ( #9237 )
...
Co-authored-by: Claude <noreply@anthropic.com >
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com >
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com >
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com >
2026-05-28 13:16:38 +02:00
Hugo Pereira Brito
edbbd86828
fix(openstack): move exception codes off the Alibaba Cloud range ( #11382 )
2026-05-28 11:52:45 +02:00
lydiavilchez
c58dad2ca4
feat(googleworkspace): add rules service checks ( #11379 )
...
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-05-28 11:17:33 +02:00
lydiavilchez
b4befe3a10
feat(googleworkspace): add security service checks ( #11356 )
...
Co-authored-by: pedrooot <pedromarting3@gmail.com >
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com >
2026-05-28 10:15:10 +02:00
Alan Buscaglia
d98933c2e7
fix(ui): improve invitation error messages ( #11376 )
2026-05-28 09:37:28 +02:00
Pedro Martín
03dfa3816d
docs: fix alerts/import-findings URLs and pricing note ( #11378 )
2026-05-27 17:26:50 +02:00
Pablo Fernandez Guerra (PFE)
ad1261ce54
ci(docs): add markdownlint foundation (prek + CI) ( #11210 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-27 16:42:01 +02:00
Juan Pablo
3252f9cf19
fix(compliance/ens): remap resilience VPC checks out of mp.com.4 ( #11372 )
...
Co-authored-by: Juan Pablo Mora <juanpablo.mora@logalty.com >
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-05-27 13:10:58 +02:00
Hugo Pereira Brito
f1cdf3df15
feat(ui): improve dark mode contrast for editorial readability ( #11073 )
2026-05-27 12:49:50 +02:00
Pedro Martín
03ddb8a708
fix(ui): show compliance data when opening compliance sidebar ( #11374 )
2026-05-27 11:18:32 +02:00
Daniel Barranquero
2678c6bc9f
feat(okta): add application service with 6 new checks ( #11358 )
2026-05-27 11:16:18 +02:00
Pedro Martín
48c071297f
fix(sdk): align compliance CSV row emission with framework JSON ( #11370 )
2026-05-27 11:06:23 +02:00
Prowler Bot
7e9a16d022
feat(aws): Update regions for AWS services ( #11349 )
...
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com >
2026-05-27 10:36:28 +02:00
Pedro Martín
84b388f649
fix(ui): honor page size select in compliance req findings ( #11365 )
...
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-05-26 15:35:33 +02:00
Rubén De la Torre Vico
671d0c746c
fix(mcp_server): preserve authorization header in HTTP mode ( #11366 )
...
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-05-26 15:25:46 +02:00
Pepe Fagoaga
0e4b117161
chore: SDK changelog v5.28.1 ( #11363 )
2026-05-26 12:15:19 +02:00
Alan Buscaglia
a70bc3c1c7
fix(ui): avoid report preflight timeouts ( #11350 )
...
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com >
2026-05-26 11:47:34 +02:00
Pedro Martín
723d161c63
fix(az-m365): asyncio.run() in Azure/M365 Celery worker event ( #11360 )
2026-05-26 11:26:39 +02:00
Aline Almeida
d560020592
fix(gcp): match enable-oslogin metadata case-insensitively ( #11341 )
...
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com >
2026-05-26 10:35:26 +02:00
Pedro Martín
00451f8239
feat(compliance): add AWS AI Security Framework for AWS ( #11353 )
2026-05-26 10:20:39 +02:00
Adrián Peña
329dfdf8e6
perf(api): reduce DB load in scan hot loop by 13x ( #11249 )
...
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-05-25 19:09:28 +02:00
Hugo Pereira Brito
4c59af93eb
fix(azure): require all SMB channel encryption algorithms to be secure (storage_smb_channel_encryption_with_secure_algorithm) ( #11327 )
...
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com >
2026-05-25 18:28:21 +02:00
Hugo Pereira Brito
6ca8e726f7
feat(azure): add storage_account_public_network_access_disabled and fix CIS storage mapping ( #11334 )
2026-05-25 18:17:41 +02:00
Pepe Fagoaga
546eb2d85a
chore: changelog v5.28.1 ( #11347 )
2026-05-25 10:18:42 +02:00
Alan Buscaglia
ec3efc94f5
chore(ui): add changelog for scan report fix ( #11338 )
2026-05-22 15:09:44 +02:00
Alan Buscaglia
6cffd0d17f
fix(ui): stream scan report downloads ( #11330 )
2026-05-22 14:05:00 +02:00
Josema Camacho
528d32601b
perf(api): speed up finding-groups endpoint for finding-level filters ( #11326 )
2026-05-22 13:59:05 +02:00
Prowler Bot
56b3044aae
chore(release): Bump versions to v5.29.0 ( #11332 )
...
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com >
2026-05-22 13:34:30 +02:00
Alejandro Bailo
3a096b1750
refactor(ui): improve resource detail and tab UX ( #11325 )
2026-05-22 12:03:03 +02:00
Daniel Barranquero
6f01041178
docs: add okta provider prowler cloud onboarding ( #11322 )
2026-05-22 10:29:59 +02:00
Pepe Fagoaga
13e2ede763
chore(changelog): prepare for v5.28.0 ( #11321 )
2026-05-22 09:33:40 +02:00
Pedro Martín
c53ddfd532
fix(ui): resource tab scroll from container ( #11320 )
2026-05-22 09:13:57 +02:00
Pepe Fagoaga
f86bd7b52e
fix(sdk): absolute ENTRYPOINT to work with uv ( #11313 )
2026-05-22 08:25:59 +02:00
Kristofer Jussmann
6177fc6286
fix(oci): use home region for audit configuration API call ( #10347 )
...
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com >
2026-05-21 16:09:29 +01:00
Sandiyo Christan
0fd952ae2b
chore(m365): use PowerShell best practices for quoting credential variables ( #9997 )
...
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com >
2026-05-21 15:17:23 +01:00
lydiavilchez
74622dd576
feat(googleworkspace): add sites, additional_services and marketplace service checks ( #11281 )
2026-05-21 15:52:15 +02:00
Pablo Fernandez Guerra (PFE)
4dfa2b9748
chore(ci): disable Renovate patch, minor and major version bumps ( #11312 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
2026-05-21 15:20:10 +02:00
renovate[bot]
435424a680
chore(config): migrate Renovate config ( #11300 )
...
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-05-21 15:16:58 +02:00
Pedro Martín
dbbefd0558
feat(compliance): add resource metadata tab inside req find ( #11187 )
2026-05-21 15:09:43 +02:00
Pablo Fernandez Guerra (PFE)
e55d1d470e
chore(ci): add Renovate baseline config ( #11181 )
...
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com >
Co-authored-by: Pepe Fagoaga <pepe@prowler.com >
2026-05-21 14:36:36 +02:00
César Arroba
ab69f3b665
ci(api): simplify SDK release pin to a single uv lock --upgrade-package ( #11287 )
2026-05-21 13:56:31 +02:00
Rubén De la Torre Vico
a28f4994a8
fix(mcp): bump fastmcp and transitives to clear osv-scanner findings ( #11284 )
2026-05-21 13:30:56 +02:00
Daniel Barranquero
349611d52d
feat(okta): 4 new signon service checks ( #11224 )
2026-05-21 12:48:06 +02:00
César Arroba
10b965e3c7
chore: set SDK changelog version for fixes ( #11282 )
2026-05-21 12:32:54 +02:00
Pepe Fagoaga
554a5024c1
chore(mcp): osv-scanner workflow ( #11274 )
2026-05-21 11:53:31 +02:00
César Arroba
7d03bc5e17
fix(api): chown src/backend and docker-entrypoint to prowler user ( #11276 )
2026-05-21 10:21:33 +02:00
dependabot[bot]
c660b35ed6
chore(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 ( #11267 )
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-21 09:33:57 +02:00