Hugo Pereira Brito
|
c4ba061f30
|
chore(outputs): adapt to new metadata specification (#8651)
|
2025-09-10 17:21:19 +02:00 |
|
Pedro Martín
|
64c43a288d
|
feat(jira): add force accept language for requests (#8674)
|
2025-09-09 13:17:25 +05:45 |
|
Daniel Barranquero
|
74bf0e6b47
|
fix(aws): nonetype errors in opensearch, firehose and cognito (#8670)
|
2025-09-09 13:12:57 +05:45 |
|
Andoni Alonso
|
82cf216a74
|
feat(mongodbatlas): add MongoDB Atlas provider PoC (#8312)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2025-09-09 09:18:37 +02:00 |
|
Daniel Barranquero
|
7916425ed4
|
fix(memorydb): handle clusters with no security groups (#8666)
|
2025-09-08 15:05:13 -04:00 |
|
Samuele Pasini
|
1884874ab6
|
fix: typo ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_* CheckID (#8294)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2025-09-05 13:16:12 +02:00 |
|
Pedro Martín
|
0b7055e983
|
feat(jira): add send_finding method with specific finding fields (#8648)
|
2025-09-05 12:25:53 +02:00 |
|
Pedro Martín
|
1a2bf461f0
|
feat(jira): support labels in jira tickets (#8603)
|
2025-09-05 09:53:24 +02:00 |
|
Samuele Pasini
|
1b49c0b27f
|
feat: add --excluded-checks-file flag (#8301)
Co-authored-by: pedrooot <pedromarting3@gmail.com>
|
2025-09-05 09:33:21 +02:00 |
|
Pedro Martín
|
79450d6977
|
fix(securityhub): resolve TypeError from Python3.9 (#8619)
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2025-09-03 17:52:09 +02:00 |
|
Pedro Martín
|
1fc12952ba
|
feat(jira): add color for manual status (#8642)
|
2025-09-03 16:53:31 +02:00 |
|
Hugo Pereira Brito
|
a3b0bb6d4b
|
refactor(models): rename AdditionalUrls to AdditionalURLs (#8639)
|
2025-09-03 19:34:06 +05:45 |
|
Pedro Martín
|
cdf0292bbc
|
feat(jira): add get_metadata (#8630)
|
2025-09-03 10:59:07 +02:00 |
|
Hugo Pereira Brito
|
c9ed7773d2
|
feat(models): add AdditionalUrls field to check metadata (#8590)
|
2025-09-02 21:27:21 +05:45 |
|
Pedro Martín
|
06ded98d05
|
feat(jira): add data to table and error handling (#8601)
|
2025-09-02 11:48:52 +02:00 |
|
Sergio Garcia
|
f484b83f15
|
feat(azure): Add APIM threat detection for LLM jacking attacks (#8571)
Co-authored-by: Rubén De la Torre Vico <ruben@prowler.com>
|
2025-08-28 11:42:07 +02:00 |
|
Tom
|
24364bd73e
|
feat(gcp): Add support for skipping APIs check (#8575)
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
|
2025-08-27 14:44:34 +02:00 |
|
Daniel Barranquero
|
3b42eb3818
|
fix(s3): resource metadata error in s3_bucket_shadow_resource_vulnerability (#8572)
|
2025-08-26 13:30:49 +02:00 |
|
Sergio Garcia
|
ea6d04ed3a
|
chore(securityhub): add static credentials and role assumption support (#8539)
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
|
2025-08-22 11:58:35 +02:00 |
|
Sergio Garcia
|
c3a2d79234
|
chore(iac): change engine to trivy (#8466)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
|
2025-08-22 10:17:51 +02:00 |
|
Hugo Pereira Brito
|
ad3d4536fb
|
fix(m365): only evaluate enabled users in entra_users_mfa_capable (#8544)
|
2025-08-20 16:45:00 +02:00 |
|
Hugo Pereira Brito
|
89e657561c
|
feat(github): add User Email and APP name/installations information (#8501)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-20 12:26:38 +02:00 |
|
Hugo Pereira Brito
|
55099abc86
|
fix(organization): list all accessible organizations (#8535)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-20 12:13:01 +02:00 |
|
Sergio Garcia
|
30518f2e0e
|
feat(aws): new check eks_cluster_deletion_protection_enabled (#8536)
|
2025-08-19 10:25:24 +02:00 |
|
Sergio Garcia
|
bb07cf9147
|
fix(aws): exact match in resource-arn filtering (#8533)
|
2025-08-18 12:11:13 +02:00 |
|
Andoni Alonso
|
2f5fce41dc
|
feat(iam): remove standalone iam:PassRole from privesc detection and add missing patterns (#8530)
|
2025-08-18 11:35:14 +02:00 |
|
Sergio Garcia
|
fd833eecf0
|
fix(github): solve Github APP auth method (#8529)
|
2025-08-18 08:35:19 +02:00 |
|
Andoni Alonso
|
39e4d20b24
|
feat(iam): add Bedrock AgentCore privilege escalation combo (#8526)
|
2025-08-15 13:25:15 +02:00 |
|
Sergio Garcia
|
dfdd45e4d0
|
fix(github): list all accessible repositories (#8522)
|
2025-08-14 10:38:38 +02:00 |
|
Hugo Pereira Brito
|
f5b1532647
|
fix(kafka): false positives in kafka_cluster_is_public check (#8514)
|
2025-08-13 09:05:09 +02:00 |
|
Hugo Pereira Brito
|
b0c386fc60
|
fix(app): fix false positives in app_http_logs_enabled (#8507)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-08-12 14:47:17 +02:00 |
|
Hugo Pereira Brito
|
72b06261df
|
fix(storage): fall positives in storage_geo_redundant_enabled (#8504)
|
2025-08-12 12:30:43 +02:00 |
|
Daniel Barranquero
|
10e38ca407
|
fix: missing resource_name in GCP and Azure Defender checks (#8352)
|
2025-08-11 16:16:08 +02:00 |
|
Rubén De la Torre Vico
|
5842f2df37
|
feat(azure/vm): add new check vm_jit_access_enabled (#8202)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-11 13:12:36 +02:00 |
|
Rubén De la Torre Vico
|
d238050065
|
feat(azure/vm): add new check vm_sufficient_daily_backup_retention_period (#8200)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-11 11:44:45 +02:00 |
|
Hugo Pereira Brito
|
85af4ff77c
|
feat(m365): add certificate auth method to cli (#8404)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-08-11 09:47:56 +02:00 |
|
Daniel Barranquero
|
dcee114ef3
|
fix: validation errors in azure and m365 (#8368)
|
2025-08-11 09:42:30 +02:00 |
|
Pepe Fagoaga
|
260fada3eb
|
fix(s3): Use HeadBucket instead of GetBucketLocation (#8456)
|
2025-08-06 19:20:52 +05:45 |
|
Daniel Barranquero
|
196c17d44d
|
feat(gcp): add retry to avoid quota limit errors (#8412)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-08-06 16:59:41 +07:00 |
|
Andoni Alonso
|
fc69e195e4
|
fix(github): handle GithubAppIdentityInfo in output generation (#8423)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-08-06 16:55:44 +07:00 |
|
Adrián Jesús Peña Rodríguez
|
581afd38e6
|
fix: add default values for S3 class (#8417)
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-01 13:50:51 +02:00 |
|
Paul Negedu
|
2170fbb1ab
|
feat(aws): add s3_bucket_shadow_resource_vulnerability check (#8398)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-01 18:26:03 +08:00 |
|
Hugo Pereira Brito
|
a3bff9705c
|
fix(tests): github and iac providers arguments_test naming and structure (#8408)
|
2025-07-30 17:16:34 +02:00 |
|
Sergio Garcia
|
7ec514d9dd
|
feat(aws): new check bedrock_api_key_no_long_term_credentials (#8396)
|
2025-07-30 17:04:16 +08:00 |
|
Hugo Pereira Brito
|
b63f70ac82
|
fix(m365): enhance execution to avoid multiple error calls (#8353)
|
2025-07-30 14:54:27 +08:00 |
|
Sergio Garcia
|
1bdcf2c7f1
|
refactor(iac): revert importingcheckov as python library (#8385)
|
2025-07-29 15:55:28 +08:00 |
|
Andoni Alonso
|
8dc4bd0be8
|
feat(github): add repository and organization scoping support (#8329)
|
2025-07-28 21:43:41 +08:00 |
|
Aviad Levy
|
a85b89ffb5
|
fix(ec2): add check that protocol is matched in security group checks (#8374)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-07-28 19:53:08 +08:00 |
|
Kay Agahd
|
d4e66c4a6f
|
chore(sqs): clean up code (#8366)
|
2025-07-25 20:10:34 +08:00 |
|
Rubén De la Torre Vico
|
1cfe610d47
|
feat(azure/vm): add new check vm_scaleset_not_empty (#8192)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-07-25 18:42:03 +08:00 |
|