Commit Graph

8696 Commits

Author SHA1 Message Date
Josema Camacho 5793cd7e38 feat(api): make Attack Paths sink selectable between Neo4j and Neptune (#11524) 2026-06-26 10:22:29 +02:00
Siddhant Jadhav 9b8b77cec0 feat(stepfunctions): add check for state machine encryption at rest (#11538)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-25 17:14:50 +02:00
Pablo Fernandez Guerra (PFE) 5b9824c379 feat(ui): filter by provider group across main views (#11659)
Co-authored-by: Pablo F.G <pablo.fernandez@prowler.com>
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-25 15:32:00 +02:00
Josema Camacho 2b7db88694 fix(api): handle deleted scans during progress saves (#11696) 2026-06-25 14:12:12 +02:00
Pepe Fagoaga fbddeea254 chore: change trial expired banner when launching scans (#11689) 2026-06-25 12:12:50 +02:00
Pepe Fagoaga 7785829969 chore: changelog v5.31.1 (#11691) 2026-06-25 08:28:34 +02:00
Utkarsh Batham d62abeb407 feat(m365): add entra_conditional_access_policy_no_exclusion_gaps check (#11577)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Ariel Eli <207917221+arieleli01212@users.noreply.github.com>
2026-06-24 17:03:15 +02:00
Josema Camacho 4e00cfd1b6 fix(api): avoid mutating API key manager during auth (#11686) 2026-06-24 16:50:55 +02:00
Davidm4r 917e5d07ff test(api): speed up API test suite (#11681) 2026-06-24 15:15:29 +02:00
Alejandro Bailo 76286f1186 fix(ui): improve scan scheduling flows (#11684) 2026-06-24 13:35:53 +02:00
Yixuan Xu 93dd696a4f feat(m365): add Azure DevOps Conditional Access check (#11182)
Co-authored-by: Atlas-BountyHunter <atlas-bounty@hermes-agent.local>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-24 13:33:51 +02:00
Daniel Barranquero 36be63af07 fix(alibabacloud): implement ram_password_policy_number and fix cs weekly check loading (#11683) 2026-06-24 12:37:45 +02:00
Adrián Peña dc228e8b36 docs(api): move SAML changelog entry to v5.31.0 (#11677) 2026-06-23 17:18:20 +02:00
Rubén De la Torre Vico 058a1dc8fe chore: unify ruff tooling and route code quality through the Makefile (#11675) 2026-06-23 17:15:05 +02:00
Daniel Barranquero de7da3e960 docs: update provider stats and add Linode to introduction (#11676) 2026-06-23 17:00:35 +02:00
Prowler Bot 3b0124d3fd chore(release): Bump versions to v5.32.0 (#11673)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
2026-06-23 16:53:29 +02:00
Josema Camacho fb995a79bf chore: modify changelogs for 5.31.0 release (#11671) 2026-06-23 14:09:52 +02:00
s1ns3nz0 9d8c060c49 feat(azure): add recovery_vault_backup_policy_retention_adequate check (#11047)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-23 13:56:52 +02:00
Alejandro Bailo 0cabceb09c feat(ui): source scheduled scans tab from /schedules endpoint (#11670)
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-23 13:44:37 +02:00
s1ns3nz0 3ee24fba51 feat(azure): add entra_user_with_recent_sign_in check (#11040)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-23 13:13:02 +02:00
s1ns3nz0 48acb3bd2e feat(gcp): add secretmanager_secret_rotation_enabled check (#11026)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-23 11:30:15 +02:00
Alejandro Bailo c6c07957a6 fix(ui): use shared scan launch action errors (#11664) 2026-06-23 09:52:20 +02:00
Pedro Martín 0610866b73 feat(config): add SDK config's validator (#11518)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-06-23 09:40:32 +02:00
Hugo Pereira Brito 2afa18d3da fix(changelog): move recovery vault entry to 5.31 (#11666) 2026-06-22 20:37:07 +01:00
s1ns3nz0 a0fdc96649 feat(azure): add recovery_vault_has_protected_items check (#11048)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 19:59:25 +01:00
Nikhil Kumar b6caaa4268 feat(kubernetes): checks for memory limits, memory requests, and image tag (#11373)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 19:39:39 +01:00
Pedro Martín 04e6e330a7 feat(aws): add rolesanywhere service and pqc trust anchor check (#11319)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 18:39:16 +01:00
s1ns3nz0 29329f6203 feat(azure): add entra_authentication_methods_policy_strong_auth_enforced check (#11039)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 18:18:22 +02:00
Pedro Martín bdd44a0dce feat(aws): add acmpca service and pqc key algorithm check (#11318)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 17:13:17 +01:00
Pedro Martín 10d9fc35e6 feat(aws): add cloudfront_distributions_pqc_tls_enabled check (#11317)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 16:44:51 +01:00
s1ns3nz0 6826422a6a feat(azure): add entra_app_registration_credential_not_expired check (#11038)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 17:30:18 +02:00
Pedro Martín ca48fd0719 feat(aws): add apigateway_domain_name_pqc_tls_enabled check (#11316)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 16:12:01 +01:00
s1ns3nz0 b9298b4023 feat(azure): add network_vnet_ddos_protection_enabled check (#11044)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 16:34:52 +02:00
Josema Camacho 2375f1d962 fix(api): uvicorn worker keepalive (#11663)
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
2026-06-22 16:30:33 +02:00
Alejandro Bailo 5ee8b9680d feat(ui): add organization bulk scan scheduling (#11643) 2026-06-22 16:21:35 +02:00
Pedro Martín 45cfe4e411 feat(aws): add transfer_server_pqc_ssh_kex_enabled check (#11315)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 14:30:15 +01:00
abdou 30d737c7d7 fix(api): bound Celery worker concurrency to a configurable default (#11075)
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
2026-06-22 14:05:11 +02:00
s1ns3nz0 869f0726f5 feat(azure): add network_subnet_nsg_associated check (#11043)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 14:03:54 +02:00
s1ns3nz0 6dda1ae485 feat(azure): add aks_cluster_local_accounts_disabled check (#11030)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 13:38:17 +02:00
s1ns3nz0 13f51de5c1 feat(azure): add aks_cluster_azure_monitor_enabled check (#11029)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-22 13:17:23 +02:00
s1ns3nz0 5d5f0676e0 feat(gcp): add secretmanager_secret_not_publicly_accessible check (#11025)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-22 12:55:42 +02:00
varunmamillapalli 8a1d7bcd6b feat(linode): add provider with administration compute and networking services (#11633)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 11:19:20 +02:00
s1ns3nz0 ccc1f161d2 feat(gcp): add cloudfunction_function_not_publicly_accessible check (#11022)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-22 10:26:03 +02:00
Pepe Fagoaga a7917f779a chore(sdk): changelog for v5.30.3 (#11651) 2026-06-19 15:21:38 +02:00
Pepe Fagoaga 7f96d895bb fix: API changelog from advisory merge (#11649) 2026-06-19 13:48:47 +02:00
Adrián Peña bf3b5c2ba7 Merge commit from fork
* fix(saml): cross-tenant account takeover via SAML domain claiming

* chore(changelog): add PR #

* fix(api): bind SAML tokens to validated domain

- Reject SAML assertions with mismatched email domains
- Issue SAML tokens from the validated ACS tenant
- Add regression coverage for cross-tenant SAML token issuance

* fix(api): resolve SAML tenant inside RLS context

- Load the SAML tenant relation before leaving the RLS transaction
- Avoid lazy tenant lookups during the SAML ACS finish flow

---------

Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-06-19 13:38:51 +02:00
Hugo Pereira Brito 218f64595a fix(metadata): tag IAM policy privilege escalation check (#11648) 2026-06-19 13:09:35 +02:00
Josema Camacho 6d8d553610 fix(api): set gunicorn keep-alive above the load balancer idle timeout to stop 502s (#11647) 2026-06-19 12:49:49 +02:00
Pedro Martín e10cf34ad6 feat(compliance): DORA compliance framework for Alibaba Cloud (#11646) 2026-06-19 12:17:33 +02:00
s1ns3nz0 bbf54011ea feat(azure): add postgresql_flexible_server_high_availability_enabled check (#11046)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-19 11:59:37 +02:00