ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-04-06 02:58:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,968 Commits 421 Branches 180 Tags
e3046f8644cf2350b86a438f26accf5a09c1d642
Commit Graph

7968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
stepsecurity-app[bot]
e3046f8644 feat(security): security best practices from StepSecurity 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2026-03-26 18:31:14 +00:00
Raajhesh Kannaa Chidambaram
041f95b3df feat(ec2): add check for SG ingress from public IPs to any port (#10335) 
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 17:21:16 +01:00
stepsecurity-app[bot]
716c130140 feat(security): security best practices from StepSecurity (#10480) 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-26 13:58:19 +01:00
Hugo Pereira Brito
c651f60e3a feat(m365): add entra_conditional_access_policy_mdm_compliant_device_required check (#10220) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 11:36:30 +01:00
Adrián Peña
dd00d71a07 fix(api): fix finding groups muted filter, counters and reaggregation (#10477) 2026-03-26 10:35:21 +01:00
Sandiyo Christan
834d1bca49 feat(awslambda): enrich Function model with inventory fields and add 3 security checks (#10381) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-26 10:33:39 +01:00
Davidm4r
2cf45c72b6 fix(api): remove MANAGE_ACCOUNT permission requirement for listing or create a tenant (#10468) 2026-03-26 09:41:16 +01:00
Pepe Fagoaga
213e18724d fix: Prowler's changelog (#10475) 2026-03-25 16:07:45 +01:00
Pepe Fagoaga
571141f57c fix(aws): set partition's region for global services (#10458) 2026-03-25 15:47:51 +01:00
Adrián Peña
45f0909c3e chore(api): pin all unpinned dependencies to exact versions (#10469) 2026-03-25 13:27:04 +01:00
Alan Buscaglia
b01fcc6cb2 fix(ui): refine filter clear and undo behavior in Findings page (#10446) 2026-03-25 13:20:10 +01:00
Adrián Peña
2ddd5b3091 chore: bump minimum Python to 3.10 and pin SDK dependencies (#10464) 2026-03-25 12:32:28 +01:00
Raajhesh Kannaa Chidambaram
6100932c60 feat(glue): add check for plaintext secrets in ETL job arguments (#10368) 
Co-authored-by: Raajhesh Kannaa Chidambaram <495042+raajheshkannaa@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-25 12:25:36 +01:00
lydiavilchez
1c2b146e6e fix(docs): replace Google Workspace customer ID image with English version (#10467) 2026-03-25 11:49:30 +01:00
McRolly NWANGWU
833f3779ef feat(cloudfront): detect Standard Logging v2 via CloudWatch Log Delivery (#10090) 
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
 2026-03-25 10:09:21 +00:00
Daniel Barranquero
c752811666 fix(oci): false positive for kms key rotation check (#10450) 2026-03-25 11:09:02 +01:00
Daniel Barranquero
4d1f7626f9 fix(oci): false positive for password policies (#10453) 2026-03-25 10:52:31 +01:00
Davidm4r
9bf2a13177 fix: resolve 403 error for admin users listing tenants (#10460) 2026-03-25 10:13:54 +01:00
Josema Camacho
d15e67e2e5 fix(api): filter neo4j.io defunct connection logs in Sentry before_send (#10452) 2026-03-25 09:55:12 +01:00
Pepe Fagoaga
20cf5562b8 chore: update org members (#10461) 2026-03-25 09:36:10 +01:00
Pepe Fagoaga
36279f694c chore(gha): ignore zizmor rules and fix version comment (#10459) 2026-03-25 09:09:36 +01:00
César Arroba
c991a1d0e8 chore: fix UI bump version (#10451) 2026-03-24 17:39:49 +01:00
Adrián Peña
aa3641718b fix(api): populate compliance data in check_metadata for findings (#10449) 2026-03-24 17:19:53 +01:00
Adrián Peña
bb80797392 fix(api): support finding-group aggregated filters (#10428) 2026-03-24 16:39:26 +01:00
Hugo Pereira Brito
435624fcd4 fix(sdk): support renamed OCI IdP mapping events (#10416) 2026-03-24 13:18:16 +00:00
Felix Dreissig
9e67f31913 feat(gcp): Add checks for GCP Gemini (Generative Language) API (#10280) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-03-24 14:11:27 +01:00
Prowler Bot
0984cfd75b chore(api): Bump version to v1.24.0 (#10440) 
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
 2026-03-24 14:05:48 +01:00
Prowler Bot
c1044ef491 chore(release): Bump version to v5.23.0 (#10439) 
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
 2026-03-24 14:05:05 +01:00
Prowler Bot
19c4c9251c docs: Update version to v5.22.0 (#10441) 
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
 2026-03-24 14:03:47 +01:00
Josema Camacho
55ed7a0663 docs(CHANGELOG): cutting for 5.22.0 (#10437) 2026-03-24 12:15:44 +01:00
Alan Buscaglia
0599040d4e feat(ui): add batch apply pattern to Findings filters (#10388) 2026-03-24 11:09:11 +01:00
lydiavilchez
737d20d2c1 docs(googleworkspace): add Cloud/App documentation (#10421) 
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
 2026-03-24 09:48:01 +01:00
Josema Camacho
844efbd046 perf(api): deduplicate nodes before ProwlerFinding lookup in Attack Paths queries (#10424) 2026-03-23 17:16:15 +01:00
Josema Camacho
d60b4f0f52 fix(api): Update Flask and Werkzeug to address vulnerabilities (#10430) 2026-03-23 16:59:03 +01:00
Hugo Pereira Brito
49ba25ba07 feat(ui): add custom attack paths queries (#10397) 2026-03-23 15:36:37 +00:00
Daniel Barranquero
41629137ef docs: remove cookbook from k8s section (#10427) 2026-03-23 16:22:54 +01:00
Hugo Pereira Brito
114e86c0dc fix(sdk): ignore disabled users in Entra MFA check (#10426) 2026-03-23 15:21:31 +00:00
Prowler Bot
1015f1379f feat(aws): Update regions for AWS services (#10413) 
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
 2026-03-23 15:28:51 +01:00
Prowler Bot
c62ac6c71b feat(aws): Update regions for AWS services (#10076) 
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
 2026-03-23 15:26:29 +01:00
Daniel Barranquero
14356e3187 docs: add cookbooks section (#10410) 
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
 2026-03-23 13:51:07 +01:00
Adrián Peña
591f5a8603 fix(api): align finding-group latest aggregation (#10419) 2026-03-23 12:43:45 +01:00
mintlify[bot]
93b8a7c74c docs(attack-paths): Lighthouse AI support and supported queries to Attack Paths (#10409) 
Co-authored-by: mintlify[bot] <109931778+mintlify[bot]@users.noreply.github.com>
Co-authored-by: Josema Camacho <josema@prowler.com>
 2026-03-23 11:12:26 +01:00
Hugo Pereira Brito
7df73a9d4f fix(sdk): use case-insensitive comparison for Azure MySQL flexible server checks (#10396) 2026-03-23 09:59:14 +00:00
Hugo Pereira Brito
1eda94140d fix(sdk): use case-insensitive comparison for Azure VM backup checks (#10395) 2026-03-23 09:45:08 +00:00
Adrián Peña
ad6368a446 chore: add defusedxml as api dependency (#10401) 2026-03-19 18:26:55 +01:00
Adrián Peña
3361393b7d chore: update changelog (#10400) 2026-03-19 17:55:18 +01:00
Sandiyo Christan
0b7a21a70c fix(api): [security] use defusedxml to prevent XML bomb DoS in SAML metadata parsing (#10165) 
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Adrián Peña <adrianjpr@gmail.com>
 2026-03-19 17:44:52 +01:00
Josema Camacho
872e6e239c perf(api): replace JOINs with pre-check in threat score aggregation query (#10394) 2026-03-19 17:30:06 +01:00
Adrián Peña
2fe92cfce3 feat(api): add check title search for finding groups (#10377) 2026-03-19 16:48:26 +01:00
César Arroba
cece2cb87e chore: pin Prowler version to lastest master commit on push (#10384) 2026-03-19 14:32:38 +01:00