Commit Graph

1583 Commits

Author SHA1 Message Date
varunmamillapalli 8a1d7bcd6b feat(linode): add provider with administration compute and networking services (#11633)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-22 11:19:20 +02:00
s1ns3nz0 ccc1f161d2 feat(gcp): add cloudfunction_function_not_publicly_accessible check (#11022)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-22 10:26:03 +02:00
s1ns3nz0 bbf54011ea feat(azure): add postgresql_flexible_server_high_availability_enabled check (#11046)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-19 11:59:37 +02:00
s1ns3nz0 d27ec7d62e feat(azure): add postgresql_flexible_server_geo_redundant_backup_enabled check (#11045)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-19 10:21:38 +02:00
s1ns3nz0 d961d7efe4 feat(azure): add mysql_flexible_server_high_availability_enabled check (#11042)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-19 09:00:46 +02:00
s1ns3nz0 7dd08bc6bf feat(azure): add mysql_flexible_server_geo_redundant_backup_enabled check (#11041)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-18 12:41:04 +02:00
s1ns3nz0 82d37c4978 feat(azure): add aks_cluster_defender_enabled check (#11028)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-18 10:22:51 +01:00
Pedro Martín aee3b392a7 fix(compliance): multi-section undercount & leaked provider tab (#11567) 2026-06-18 10:30:27 +02:00
s1ns3nz0 ddbf3405a0 feat(azure): add defender_ensure_defender_cspm_is_on check (#11037)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-18 10:05:02 +02:00
s1ns3nz0 3c68a121e5 feat(azure): add databricks_workspace_no_public_ip_enabled check (#11036)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-18 09:06:25 +02:00
s1ns3nz0 5ec4a1cbba feat(gcp): add cloudfunction_function_inside_vpc check (#11021)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-17 17:35:32 +02:00
Zeus Almightee e8ffe59ce2 feat(m365/entra): add entra_conditional_access_policy_no_deleted_object_references check (#11236)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-17 16:16:49 +02:00
StylusFrost e2ce41a492 feat(sdk): add Provider.get_class dynamic provider resolver (#11398) 2026-06-17 15:55:21 +02:00
s1ns3nz0 73059ffc7e feat(azure): add databricks_workspace_public_network_access_disabled check (#11035)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrito@Hugos-MacBook-Pro.local>
2026-06-17 14:12:18 +02:00
PrettyFox0 8d4ec561c2 feat(m365): add check for directory sync object takeover protection (#11098)
Co-authored-by: shadyfox <git@twink.energy>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: omobolaji adeyan <omobolaji.adeyan@gmail.com>
2026-06-17 12:15:14 +02:00
s1ns3nz0 ca97d7d983 feat(azure): add cosmosdb_account_public_network_access_disabled check (#11034)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-17 11:05:09 +02:00
s1ns3nz0 8bc42a5ded feat(azure): add cosmosdb_account_minimum_tls_version check (#11033)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-16 16:42:51 +02:00
lydiavilchez e690e5e86b fix(cli): prevent unrelated built-in provider failures from aborting the CLI (#11618) 2026-06-16 14:25:07 +02:00
Rubén De la Torre Vico 0cf48a2c35 fix(gcp): surface organization-scan failures instead of silently scanning the home project (#11280)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-16 14:03:13 +02:00
s1ns3nz0 6b4fb934f8 feat(azure): add aks_cluster_auto_upgrade_enabled check (#11027)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-16 13:56:40 +02:00
renovate[bot] d1ed1eddef chore(sdk): update dependency black to v26 [security] (#11290)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-16 12:42:32 +02:00
Aline Almeida cb4b889b20 fix(gcp): credit audit-filtered aggregated sinks in metric-filter checks (#11575)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-16 10:11:16 +02:00
Pepe Fagoaga ca7ce5a8c3 feat(jira): request timeout (#11602) 2026-06-16 09:36:22 +02:00
Pepe Fagoaga 810d8d7686 chore(codepipeline): verify if repo is public with TLS (#11603) 2026-06-16 09:35:11 +02:00
s1ns3nz0 b5bb85c956 feat(azure): add cosmosdb_account_backup_policy_continuous check (#11032)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-15 19:20:38 +02:00
Branch Vincent dccd674cf9 chore(sdk): support Python 3.13 (#9293)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-06-15 10:59:51 +02:00
s1ns3nz0 9022a3a138 feat(azure): add cosmosdb_account_automatic_failover_enabled check (#11031)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-12 13:18:08 +02:00
s1ns3nz0 79e066d3f5 feat(gcp): add cloudsql_instance_high_availability_enabled check (#11024)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
Co-authored-by: lydiavilchez <114735608+lydiavilchez@users.noreply.github.com>
2026-06-12 11:51:13 +02:00
Hugo Pereira Brito 56831a7392 feat(oci): add storage admin delete exclusion check (#11523) 2026-06-12 11:10:46 +02:00
Oleksandr_Sanin bba594a1db feat(aws/sagemaker): add sagemaker_clarify_exists check (#11211)
Signed-off-by: Oleksandr Sanin <alexaaander.sanin@gmail.com>
Signed-off-by: Oleksandr Yizchak Sanin <alexaaander.sanin@gmail.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-11 17:40:41 +02:00
Zeus Almightee ce27053c2d feat(aws): add securityhub + config org-wide delegated admin checks (#11259)
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-11 16:53:28 +02:00
Daniel Barranquero 989c3b174e fix(bedrock): per-finding severity for long-term API key check (#11526) 2026-06-11 08:31:08 +02:00
sahil-sols e085e14247 fix(aws): order-independent CloudWatch metric filter pattern checks (#11345)
Co-authored-by: Sahil Pugalia <sahil-sols@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
2026-06-10 18:49:06 +02:00
Johannes Engler 368d3a2661 feat(stackit): add objectstorage checks (#11397)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
2026-06-10 18:43:24 +02:00
Aryan Bhaskar ec0bb53839 feat(bedrock): add bedrock_agent_role_least_privilege check (#11335)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-10 12:40:54 +02:00
Pedro Martín 61cd4aea3f feat(compliance): add Okta IDaaS STIG V1R2 framework (#11428)
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-10 11:22:42 +02:00
StylusFrost 01b49f0743 feat(dashboard): render dynamic-provider compliance frameworks (#11503)
Co-authored-by: pedrooot <pedromarting3@gmail.com>
2026-06-10 11:16:39 +02:00
Hugo Pereira Brito 9a50dffaa0 feat(gcp): split kms_key_rotation_enabled into enabled and max-90-days checks (#11516) 2026-06-09 16:52:49 +02:00
Jasmine e710ebff1c feat(m365): add exchange_mailbox_primary_smtp_custom_domain check (#11215)
Co-authored-by: Jasmine Sullivan <20147180@tafe.wa.edu.au>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-09 16:24:25 +02:00
Hugo Pereira Brito b3caee88e4 fix(m365): skip future hires in MFA capable check (#11511) 2026-06-09 15:42:06 +02:00
Hugo Pereira Brito d9f90e50b8 fix(m365): paginate admincenter group enumeration (#11510) 2026-06-09 15:23:35 +02:00
StylusFrost 6c559fbb8d feat(sdk): discover external universal compliance frameworks via entry points (#11490) 2026-06-09 13:45:34 +02:00
Ashishraymajhi 7e60e8f8da feat(m365): add entra_service_prinicipal_privileged_role_no_owners_check (#11189)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-09 11:29:03 +02:00
Hugo Pereira Brito 62955dd16b feat(okta): add authenticator STIG checks (#11465)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-09 10:17:23 +02:00
StylusFrost e3013d9918 feat(sdk): Dynamic provider loading and compliance framework (#10700)
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
2026-06-08 17:47:22 +02:00
Hugo Pereira Brito 0ea2f6d67e feat(okta): add API token STIG checks (#11464)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-08 17:11:54 +02:00
Hugo Pereira Brito 7692a1d76a feat(okta): add network zone STIG check (#11463)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-06-08 16:51:58 +02:00
Aline Almeida 1c9afc714e fix(gcp): honour org-aggregated sinks in metric-filter checks (#11488)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-08 16:46:48 +02:00
Daniel Barranquero 466f1a3d73 feat(okta): add user, systemlog, and idp services with DISA STIG checks (#11496)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
2026-06-08 14:59:50 +02:00
potato-20 6f172a5c19 feat(elbv2): add elbv2_alb_drop_invalid_header_fields_enabled check (FSBP ELB.4) (#11471)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
2026-06-05 14:26:07 +02:00