ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-04-14 16:50:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,018 Commits 418 Branches 181 Tags
ca03d9c0a97ea1f0cbda65d04bd944faec2e9cc8
Commit Graph

1423 Commits

Author SHA1 Message Date
Kay Agahd
8985280621 fix(azure): create distinct report per key/secret in keyvault checks (#10332) 
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
 2026-04-07 09:36:48 +01:00
kaiisfree
c99ed991b7 fix: show all checks including threat-detection in --list-checks (#10578) 
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: kaiisfree <kai@users.noreply.github.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
 2026-04-06 16:55:15 +01:00
Adrián Peña
ab8e83da3f fix(api,ui): dynamically fetch Jira issue types instead of hardcoding "Task" (#10534) 
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
 2026-04-01 14:37:49 +02:00
Alejandro Bailo
4f86667433 feat(sdk): add Vercel provider with 30 security checks (#10189) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
 2026-03-31 16:21:22 +02:00
Andoni Alonso
4bb1e5cff7 fix(sdk): redact sensitive CLI flags in HTML output (#10518) 2026-03-31 15:01:09 +02:00
Hugo Pereira Brito
ab00c2dce1 feat(m365): add entra_conditional_access_policy_block_elevated_insider_risk security check (#10234) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-30 17:27:00 +02:00
Erich Blume
de5bb94ff6 fix(image): pass registry arguments through init_global_provider (#10470) 
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
 2026-03-30 15:19:01 +02:00
Hugo Pereira Brito
3b875484b0 feat(m365): add device registration MFA and harden Intune enrollment CA check (#10222) 
Co-authored-by: Hugo Brito <hugopbrito@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-30 13:36:05 +02:00
Hugo Pereira Brito
7148086410 feat(m365): add entra_conditional_access_policy_block_o365_elevated_insider_risk security check (#10232) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-30 11:49:29 +02:00
Hugo Pereira Brito
269d9dfe41 feat(cli): add --resource-group flag to filter checks by resource group (#10479) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-27 11:55:28 +01:00
Raajhesh Kannaa Chidambaram
041f95b3df feat(ec2): add check for SG ingress from public IPs to any port (#10335) 
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 17:21:16 +01:00
Hugo Pereira Brito
c651f60e3a feat(m365): add entra_conditional_access_policy_mdm_compliant_device_required check (#10220) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 11:36:30 +01:00
Sandiyo Christan
834d1bca49 feat(awslambda): enrich Function model with inventory fields and add 3 security checks (#10381) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 10:33:39 +01:00
Pepe Fagoaga
571141f57c fix(aws): set partition's region for global services (#10458) 2026-03-25 15:47:51 +01:00
Raajhesh Kannaa Chidambaram
6100932c60 feat(glue): add check for plaintext secrets in ETL job arguments (#10368) 
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-25 12:25:36 +01:00
McRolly NWANGWU
833f3779ef feat(cloudfront): detect Standard Logging v2 via CloudWatch Log Delivery (#10090) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-25 10:09:21 +00:00
Daniel Barranquero
c752811666 fix(oci): false positive for kms key rotation check (#10450) 2026-03-25 11:09:02 +01:00
Daniel Barranquero
4d1f7626f9 fix(oci): false positive for password policies (#10453) 2026-03-25 10:52:31 +01:00
Hugo Pereira Brito
435624fcd4 fix(sdk): support renamed OCI IdP mapping events (#10416) 2026-03-24 13:18:16 +00:00
Felix Dreissig
9e67f31913 feat(gcp): Add checks for GCP Gemini (Generative Language) API (#10280) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-24 14:11:27 +01:00
Hugo Pereira Brito
114e86c0dc fix(sdk): ignore disabled users in Entra MFA check (#10426) 2026-03-23 15:21:31 +00:00
Hugo Pereira Brito
7df73a9d4f fix(sdk): use case-insensitive comparison for Azure MySQL flexible server checks (#10396) 2026-03-23 09:59:14 +00:00
Hugo Pereira Brito
1eda94140d fix(sdk): use case-insensitive comparison for Azure VM backup checks (#10395) 2026-03-23 09:45:08 +00:00
Andoni Alonso
e8aaf5266a chore(sdk): bump pygithub from 2.5.0 to 2.8.0 (#10353) 2026-03-18 09:58:40 +01:00
Andoni Alonso
65e745d779 fix(sdk): skip strict CheckMetadata validators for external tool providers (#10363) 2026-03-18 09:11:39 +01:00
Pawan Gambhir
df680ef277 fix(route53): resolve false positive in dangling IP check (#9952) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-17 12:02:48 +01:00
Andoni Alonso
451071d694 feat(image): add image provider to UI (#10167) 
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
 2026-03-17 10:53:37 +01:00
shria :))
1cf6eaa0b7 feat(github): add organization_repository_deletion_limited check (#10185) 
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
 2026-03-16 16:22:36 +01:00
Daniel Barranquero
361f8548bf feat(azure): add 'entra_conditional_access_policy_require_mfa_for_admin_portals' check and update compliance (#10330) 2026-03-16 12:14:58 +01:00
Hugo Pereira Brito
c9284f8003 chore(models): add pydantic validators for CheckMetadata (#8583) 
Co-authored-by: Rubén De la Torre Vico <ruben@prowler.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
 2026-03-16 10:36:08 +01:00
Hugo Pereira Brito
534ad3d04f feat(m365): add entra_device_code_flow_blocked security check (#10218) 2026-03-13 11:31:47 +01:00
Daniel Barranquero
b08cb8ffb3 fix(csv): move OU columns to the end (#10307) 2026-03-12 08:28:52 +01:00
Raajhesh Kannaa Chidambaram
39385567fc feat(organizations): add OU metadata to outputs (#10283) 
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-11 16:41:44 +01:00
Daniel Barranquero
e28bde797f feat(openstack): object storage service with 7 new checks (#10258) 2026-03-11 12:00:43 +01:00
Michael Wentz
c4d692f77b feat(guardduty): add org-wide delegated admin check across all regions (#9867) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-10 12:56:00 +01:00
Eran Cohen
0b461233c1 feat(iam): Add trusted IP configurable option to reduce false positives in 'opensearch' check (#8631) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-10 12:12:54 +01:00
Hugo Pereira Brito
9cf63a2a68 feat(m365): add custom entra_conditional_access_policy_compliant_device_hybrid_joined_device_mfa_required check (#10197) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-05 18:11:20 +01:00
Hugo Pereira Brito
726b5665d0 feat(m365): add entra_conditional_access_policy_approved_client_app_required_for_mobile security check (#10216) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-05 10:58:18 +01:00
Andoni Alonso
e8d2b4a189 fix(iac): include resource line range in finding UID to prevent duplicates (#10241) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-03 17:40:36 +01:00
Andoni Alonso
b61b6cba53 feat(sdk): add provider identity fields to OCSF unmapped output (#10240) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-03 16:42:08 +01:00
Pepe Fagoaga
71ee4213b3 chore(ingestions): rename flag, update docs (#10236) 2026-03-03 15:04:34 +01:00
Hugo Pereira Brito
e96ea54f3b feat(m365): add entra_break_glass_users_fido2_security_key_registered security check (#10213) 
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
 2026-03-03 13:58:44 +01:00
Andoni Alonso
dfca97633e feat(sdk): add provider_uid to OCSF unmapped output (#10231) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-03 13:35:58 +01:00
Hugo Pereira Brito
548a137046 feat(m365): add entra_authentication_method_sms_voice_disabled security check (#10212) 2026-03-03 13:08:02 +01:00
Daniel Barranquero
012fd84cb0 chore: add provider-uid flag for iac provider (#10233) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-03 13:07:15 +01:00
Pepe Fagoaga
9c2cb5efa8 fix(elbv2): Handle post-quantum (PQ) TLS policies (#10219) 2026-03-03 10:18:00 +01:00
Andoni Alonso
efcbbf63c2 docs: review and fix documentation coverage for provider CLI flags (#10040) 2026-03-03 09:57:05 +01:00
Harsh Mishra
150abce4a8 fix(aws): respect AWS_ENDPOINT_URL for STS session creation (#10228) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-03 08:25:59 +01:00
Daniel Barranquero
dcf74113fc chore: modify M365 and Github account UIDs (#10226) 2026-03-02 17:22:09 +01:00
Hugo Pereira Brito
07dea4f402 refactor(m365): rename conditional access policy checks to include policy prefix (#10217) 2026-03-02 13:41:24 +01:00