Commit Graph

1392 Commits

Author SHA1 Message Date
Daniel Barranquero b08cb8ffb3 fix(csv): move OU columns to the end (#10307) 2026-03-12 08:28:52 +01:00
Raajhesh Kannaa Chidambaram 39385567fc feat(organizations): add OU metadata to outputs (#10283)
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-03-11 16:41:44 +01:00
Daniel Barranquero e28bde797f feat(openstack): object storage service with 7 new checks (#10258) 2026-03-11 12:00:43 +01:00
Michael Wentz c4d692f77b feat(guardduty): add org-wide delegated admin check across all regions (#9867)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-03-10 12:56:00 +01:00
Eran Cohen 0b461233c1 feat(iam): Add trusted IP configurable option to reduce false positives in 'opensearch' check (#8631)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-03-10 12:12:54 +01:00
Hugo Pereira Brito 9cf63a2a68 feat(m365): add custom entra_conditional_access_policy_compliant_device_hybrid_joined_device_mfa_required check (#10197)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-03-05 18:11:20 +01:00
Hugo Pereira Brito 726b5665d0 feat(m365): add entra_conditional_access_policy_approved_client_app_required_for_mobile security check (#10216)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-03-05 10:58:18 +01:00
Andoni Alonso e8d2b4a189 fix(iac): include resource line range in finding UID to prevent duplicates (#10241)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-03 17:40:36 +01:00
Andoni Alonso b61b6cba53 feat(sdk): add provider identity fields to OCSF unmapped output (#10240)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-03 16:42:08 +01:00
Pepe Fagoaga 71ee4213b3 chore(ingestions): rename flag, update docs (#10236) 2026-03-03 15:04:34 +01:00
Hugo Pereira Brito e96ea54f3b feat(m365): add entra_break_glass_users_fido2_security_key_registered security check (#10213)
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
2026-03-03 13:58:44 +01:00
Andoni Alonso dfca97633e feat(sdk): add provider_uid to OCSF unmapped output (#10231)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-03 13:35:58 +01:00
Hugo Pereira Brito 548a137046 feat(m365): add entra_authentication_method_sms_voice_disabled security check (#10212) 2026-03-03 13:08:02 +01:00
Daniel Barranquero 012fd84cb0 chore: add provider-uid flag for iac provider (#10233)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-03 13:07:15 +01:00
Pepe Fagoaga 9c2cb5efa8 fix(elbv2): Handle post-quantum (PQ) TLS policies (#10219) 2026-03-03 10:18:00 +01:00
Andoni Alonso efcbbf63c2 docs: review and fix documentation coverage for provider CLI flags (#10040) 2026-03-03 09:57:05 +01:00
Harsh Mishra 150abce4a8 fix(aws): respect AWS_ENDPOINT_URL for STS session creation (#10228)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-03-03 08:25:59 +01:00
Daniel Barranquero dcf74113fc chore: modify M365 and Github account UIDs (#10226) 2026-03-02 17:22:09 +01:00
Hugo Pereira Brito 07dea4f402 refactor(m365): rename conditional access policy checks to include policy prefix (#10217) 2026-03-02 13:41:24 +01:00
Daniel Barranquero b21ded6d46 feat(openstack): add image service with 6 checks (#10096) 2026-03-02 12:47:49 +01:00
Daniel Barranquero 8eddb48b16 feat(openstack): add blockstorage service with 7 checks (#10120)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
2026-03-02 12:08:08 +01:00
Daniel Barranquero d3ba93f0c0 feat(openstack): add networking service with 6 checks (#9970)
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
2026-03-02 11:55:37 +01:00
Adrián Peña 8ee4a9e3fc fix(sdk): scope scan_id by provider and account (#10184) 2026-02-26 19:19:29 +01:00
Adrián Peña 336cbe1844 feat(ingestions): allow multiple scan_ids and providers inside the ocsf (#10182) 2026-02-26 17:56:21 +01:00
Andoni Alonso c8ce590039 feat(m365): add entra_default_app_management_policy_enabled security check (#9898)
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
2026-02-26 16:14:29 +01:00
Andoni Alonso df09b14c75 feat(m365): add entra_all_apps_conditional_access_coverage security check (#9902)
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
2026-02-26 11:37:09 +01:00
Pedro Martín fac089ab78 feat(compliance): add SecNumCloud for AWS (#10117) 2026-02-26 09:31:19 +01:00
Hugo Pereira Brito db1db7d366 feat(m365): add entra_require_mfa_for_management_api security check (#10150)
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
2026-02-25 12:29:23 +01:00
lydiavilchez 9ee8072572 feat(googleworkspace): add Google Workspace provider with directory service and super admin check (#10022) 2026-02-25 12:17:13 +01:00
Hugo Pereira Brito 6935c4eb1b feat(m365): add entra_app_enforced_restrictions security check (#10058) 2026-02-25 11:53:35 +01:00
Pepe Fagoaga 6962622fd2 fix(aws): filter VPC endpoint services by audited account to prevent AccessDenied errors (#10152)
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jfagoagas <16007882+jfagoagas@users.noreply.github.com>
2026-02-24 18:30:31 +01:00
Adrián Peña 2a4ee830cc feat(sdk): add --export-ocsf flag for OCSF ingestion to Prowler Cloud (#10095) 2026-02-24 17:47:35 +01:00
Andoni Alonso c159181d27 feat(api): add Image provider support for container image scanning (#10128) 2026-02-24 13:06:34 +01:00
Daniel Barranquero 030d053c84 chore(openstack): support multi-region in the same provider (#10135) 2026-02-24 12:50:52 +01:00
Andoni Alonso 75d01efc0d feat(m365): add entra_conditional_access_policy_emergency_access_exclusion security check (#9903)
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
2026-02-24 11:35:31 +01:00
Hugo Pereira Brito f7895e206b fix(azure): standardize resource_id values across Azure checks (#9994) 2026-02-23 17:53:31 +01:00
Hugo Pereira Brito bb5a4371bd feat(ui): add Cloudflare provider support (#9910)
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
2026-02-23 09:33:17 +01:00
Pedro Martín 9f6121bc05 fix(ocsf): serialization errors non-serializable resource meta (#10129) 2026-02-20 14:44:03 +01:00
Andoni Alonso ea60f2d082 feat(m365): add defenderxdr_critical_asset_management_pending_approvals security check (#10085)
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
2026-02-19 18:49:41 +01:00
Andoni Alonso e8c0a37d50 feat(m365): add entra_seamless_sso_disabled security check (#10086)
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
2026-02-19 18:19:07 +01:00
Hugo Pereira Brito 48b94b2a9f feat(m365): add defenderxdr_endpoint_privileged_user_exposed_credentials security check (#10084)
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2026-02-19 17:52:16 +01:00
Hugo Pereira Brito 20b26bc7d0 feat(m365): add entra_app_registration_no_unused_privileged_permissions security check (#10080)
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
2026-02-19 17:12:50 +01:00
Hugo Pereira Brito 23e51158e0 feat(m365): add defenderidentity_health_issues_no_open security check (#10087) 2026-02-19 16:58:08 +01:00
Andoni Alonso d2f4f8c406 feat(image): add registry scan mode with OCI, Docker Hub, and ECR support (#9985) 2026-02-19 12:48:55 +01:00
Pedro Martín fec86754d8 fix(compliance): remove account_id and location for manual reqs (#10105) 2026-02-18 09:46:19 +01:00
Sandiyo Christan 2c2881b351 fix(oss): use defusedxml to prevent XXE vulnerabilities (#9999)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
2026-02-17 12:21:30 +01:00
Hugo Pereira Brito 8438a94203 chore: enhance github documentation and ui placeholder (#9830)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
2026-02-17 10:48:53 +01:00
Daniel Barranquero be516f1dfc feat(openstack): Add 7 New Compute Security Checks (#9944) 2026-02-16 11:46:48 +01:00
Copilot 90e317d39f fix(kms): detect public access for any KMS action, not just kms:* (#10071)
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jfagoagas <16007882+jfagoagas@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
2026-02-16 10:12:29 +01:00
kushpatel321 9da0b0c0b1 feat(github): add organization domain verification check (#10033)
Co-authored-by: Kush321 <kushp2018@gmail.com>
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
2026-02-13 13:41:17 +01:00