Commit Graph

388 Commits

Author SHA1 Message Date
Toni de la Fuente 9ec4db456c Added Discord link to README.md 2021-11-08 21:19:48 +01:00
Toni de la Fuente 918dd9eb07 Added Discord link to README.md 2021-11-08 20:34:16 +01:00
Toni de la Fuente 83dc0a0987 Fixes issue #906 2021-11-08 20:05:50 +01:00
Toni de la Fuente 5d5250076b Updated documentation about detect-secrets version to use issue #806 2021-11-04 19:50:33 +01:00
Toni de la Fuente 12f49a2795 Fixed typo in README.md @bevel-zgates
Fixed typo in README.md @bevel-zgates
2021-11-04 19:15:33 +01:00
Zach 2e0695112d Update README.md
fixed typo in `readme.md`
2021-11-04 12:29:36 -05:00
Toni de la Fuente 7fe2946241 New checks group FTR (AWS Foundational Technical Review) @jfagoagas
New checks group FTR (AWS Foundational Technical Review) @jfagoagas
2021-10-26 14:19:52 +02:00
Pepe Fagoaga bb068f1c7a feat(group): include new AWS FTR checks group 2021-10-26 14:06:34 +02:00
Ramon 2f4a5c7c51 updated documentation regarding a confusion with the -q option 2021-10-04 13:13:24 +02:00
Toni de la Fuente 3f63b83179 Added section with info about regions 2021-07-27 15:12:14 +02:00
Toni de la Fuente 4e9e421c84 Updated README to include reference to CloudShelld 2021-06-24 17:49:33 +02:00
Toni de la Fuente 10d062960e Updated screenshots 2021-04-08 00:35:12 +02:00
Toni de la Fuente 7f24aab715 Updated README 2021-04-08 00:22:07 +02:00
Toni de la Fuente 778910eff3 Added new logo to README.md header 2021-04-06 17:32:55 +02:00
Toni de la Fuente db1380422f Added high level architecture 2021-02-25 11:56:45 +01:00
Toni de la Fuente 0ddb045ca2 Update README.md 2020-12-18 15:27:59 +01:00
Toni de la Fuente 5e38c61286 Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
2020-12-16 20:04:21 +00:00
Toni de la Fuente 3d62aedf29 New RC6 including ENS as a new compliance type all formats 2020-12-01 10:03:59 +01:00
Michael Dickinson 30eb447919 docs: Update Organizations command to only incude active accounts 2020-11-23 21:05:27 +00:00
Toni de la Fuente 53e95ac9f3 Improved CodeBuild CFN template with scheduler and documentation 2020-11-18 15:12:44 +01:00
Toni de la Fuente 7dbed63143 Added CodeBuild deployment section 2020-11-05 21:49:05 +01:00
Toni de la Fuente ae1d7be7f2 Enable Security Hub official integration 2020-10-29 22:40:38 +01:00
Toni de la Fuente a05aba84e1 Added GovCloud usage information 2020-10-14 22:29:51 +02:00
Toni de la Fuente ad45035ad3 Updated README.md 2020-09-30 23:43:48 +02:00
Toni de la Fuente 5182403041 Improved documentation about SecurityHub integration and region filter 2020-09-23 15:30:08 +02:00
Marc Jay e3ecee83af Ensure that checks are sorted numerically when listing checks
Sort first by section, then by check within each section
Fix group IDs in documentation

Relates to #545 and #561
2020-09-01 00:21:48 +01:00
Toni de la Fuente cd0b5d29dd Added html to -M in usage 2020-08-18 11:59:53 +02:00
Toni de la Fuente acab5d11ed Update README.md with link to new org-multi-account 2020-06-08 13:23:15 +02:00
Toni de la Fuente 75cd911b0f Removed ansi2html from Pipfile, Dockerfile and README 2020-05-27 09:55:17 +02:00
Toni de la Fuente 78b26a022a Added native html report - upgrade to 21st century ;) 2020-05-25 21:24:33 +02:00
Marc Jay 802d1151c2 Write output files to a directory relative to Prowler
Write output files (CSV, JSON, etc.) to an `output` directory that is relative to prowler itself, no matter where prowler is invoked from.
Simplify Dockerfile by specifying a WORKDIR
Replace ADD command with the more recommended COPY command
Update README to cover how to run in Docker and access saved reports
Add a .dockerignore file to ignore .git and output directories

This partially addresses #570 - previously, within Docker, Prowler was attempting to write
reports to the root `/` directory in the container, which it did not have permission to do.
Instead, reports are now written to a path relative to Prowler
2020-05-08 11:46:53 +01:00
Toni de la Fuente 376cc0ff08 Usage update 2020-05-07 00:48:14 +02:00
Toni de la Fuente a37160bf41 Usage update 2020-05-07 00:46:43 +02:00
Toni de la Fuente b72501f691 Usage update 2020-05-07 00:45:45 +02:00
Toni de la Fuente 733aa439ec Usage update 2020-05-07 00:44:27 +02:00
Toni de la Fuente 977fe7408e Added whitelist option to README and recuce output for -w 2020-05-06 23:24:42 +02:00
Huang Yaming bc07c95bda Support setting entropy limit for detect-secrets from env 2020-05-06 17:53:23 +08:00
Toni de la Fuente 43fb877109 Added account id to the output filename 2020-04-22 12:28:31 +02:00
Marc Jay 71bf414faf Merge branch 'master' into improve-listing-of-checks-and-groups-545 2020-04-20 18:11:06 +01:00
Marc Jay 47a05c203a Improve listing of Checks and Groups
Change `-l` flag to print a unique list of every single check (assuming none are orphaned outside of all groups)
Allow `-g <group_id>` to be specified in combination with `-l`, to only print checks that are referenced by the specified group
When listing all checks with `-l` only, print out all groups that reference each check

Fixes: #545
2020-04-20 01:12:53 +01:00
Marc Jay 78f649bd65 Replace -J flag with junit-xml output format
Rearrange output functions so they support outputting text alongside other formats, if specified
Add a convenience function for checking if JUnit output is enabled
Move monochrome setting into loop so it better supports multiple formats
Update README
2020-04-15 23:36:40 +01:00
Marc Jay 994390351e Add the ability to generate JUnit XML reports with a -J flag
If the -J flag is passed, generate JUnit XML reports for each check, in-line with how Java tools generate JUnit reports.
Check section numbers equate to 'root packages', checks are second-level packages, each check equates to a testsuite (mirroring Java where each test class is a testsuite) and each pass/fail of a check equates to a testcase
Time the execution of each check and include this in the report
Include properties (Prowler version, check level etc.) in-line with standard JUnit files
XML escape all strings for safety

Detect if a user has GNU coreutils installed on Mac OS X, but not as their default, switching to using gdate for date commands if so, as it has more features, including getting dates in milliseconds
Add prowler-output, junit-reports and VSCode files to .gitignore
Update README to include JUnit info, address markdownlint warnings
Remove unused arguments to jq in generateJsonAsffOutput

Fixes #537
2020-04-15 02:36:16 +01:00
Toni de la Fuente 2de49c3940 Added more sample commands and updates 2020-04-14 23:55:02 +02:00
Toni de la Fuente f3664b56ec Open 2020-04-14 22:46:44 +02:00
Toni de la Fuente 4ea1864365 Allow multiple report types at once #345 2020-04-14 22:28:58 +02:00
Toni de la Fuente e6fe5addbc Added section for Security Hub integration 2020-04-14 18:52:48 +02:00
Toni de la Fuente 58d793ec2a Added section for Security Hub integration 2020-04-14 18:51:13 +02:00
Julio Delgado Jr 05247a2ccb Prowler IAM Policy Enhancements and ReadMe Updates 2020-04-13 12:39:20 -04:00
Marc Jay 4bae0ca5f5 Merge branch 'master' into aws-security-hub-output-524 2020-04-11 03:16:23 +01:00
Marc Jay 5bab65c56d - Remove securityhub output mode and replace with '-S' flag to send findings to Security Hub
- Move Security Hub related code to a dedicated include/securityhub_integration file
- Check that Security Hub is enabled in the target region before beginning checks when -S is specified
- Add error handling to the batch-import-findings call
- Add CHECK_ASFF_TYPE variables to all CIS checks to override the default
- Add support for CHECK_ASFF_RESOURCE_TYPE variables which override the default 'AwsAccount' value for the resource a finding relates to.
- Add CHECK_ASFF_RESOURCE_TYPE variables to all checks where there is a suitable value in the schema
- Remove json-asff output for info messages as they are not appropriate for possible submission to Security Hub
- Update the README to cover Security Hub integration
- Add an IAM policy JSON document that provides the necessary BatchImportFindings permission for Security Hub
- Remove trailing whitespace and periods in pass/fail messages to be consistent with the majority of messages, to prevent future tidy-up from changing the finding IDs
2020-04-11 03:04:03 +01:00