Daniel Barranquero
|
989c3b174e
|
fix(bedrock): per-finding severity for long-term API key check (#11526)
|
2026-06-11 08:31:08 +02:00 |
|
sahil-sols
|
e085e14247
|
fix(aws): order-independent CloudWatch metric filter pattern checks (#11345)
Co-authored-by: Sahil Pugalia <sahil-sols@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Lydia Vilchez <lydiavilchezlopez@gmail.com>
|
2026-06-10 18:49:06 +02:00 |
|
Johannes Engler
|
368d3a2661
|
feat(stackit): add objectstorage checks (#11397)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-06-10 18:43:24 +02:00 |
|
Aryan Bhaskar
|
ec0bb53839
|
feat(bedrock): add bedrock_agent_role_least_privilege check (#11335)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-10 12:40:54 +02:00 |
|
Pedro Martín
|
61cd4aea3f
|
feat(compliance): add Okta IDaaS STIG V1R2 framework (#11428)
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-10 11:22:42 +02:00 |
|
StylusFrost
|
01b49f0743
|
feat(dashboard): render dynamic-provider compliance frameworks (#11503)
Co-authored-by: pedrooot <pedromarting3@gmail.com>
|
2026-06-10 11:16:39 +02:00 |
|
Hugo Pereira Brito
|
9a50dffaa0
|
feat(gcp): split kms_key_rotation_enabled into enabled and max-90-days checks (#11516)
|
2026-06-09 16:52:49 +02:00 |
|
Jasmine
|
e710ebff1c
|
feat(m365): add exchange_mailbox_primary_smtp_custom_domain check (#11215)
Co-authored-by: Jasmine Sullivan <20147180@tafe.wa.edu.au>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-09 16:24:25 +02:00 |
|
Hugo Pereira Brito
|
b3caee88e4
|
fix(m365): skip future hires in MFA capable check (#11511)
|
2026-06-09 15:42:06 +02:00 |
|
Hugo Pereira Brito
|
d9f90e50b8
|
fix(m365): paginate admincenter group enumeration (#11510)
|
2026-06-09 15:23:35 +02:00 |
|
StylusFrost
|
6c559fbb8d
|
feat(sdk): discover external universal compliance frameworks via entry points (#11490)
|
2026-06-09 13:45:34 +02:00 |
|
Ashishraymajhi
|
7e60e8f8da
|
feat(m365): add entra_service_prinicipal_privileged_role_no_owners_check (#11189)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-09 11:29:03 +02:00 |
|
Hugo Pereira Brito
|
62955dd16b
|
feat(okta): add authenticator STIG checks (#11465)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-09 10:17:23 +02:00 |
|
StylusFrost
|
e3013d9918
|
feat(sdk): Dynamic provider loading and compliance framework (#10700)
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
|
2026-06-08 17:47:22 +02:00 |
|
Hugo Pereira Brito
|
0ea2f6d67e
|
feat(okta): add API token STIG checks (#11464)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-08 17:11:54 +02:00 |
|
Hugo Pereira Brito
|
7692a1d76a
|
feat(okta): add network zone STIG check (#11463)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-06-08 16:51:58 +02:00 |
|
Aline Almeida
|
1c9afc714e
|
fix(gcp): honour org-aggregated sinks in metric-filter checks (#11488)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-06-08 16:46:48 +02:00 |
|
Daniel Barranquero
|
466f1a3d73
|
feat(okta): add user, systemlog, and idp services with DISA STIG checks (#11496)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-06-08 14:59:50 +02:00 |
|
potato-20
|
6f172a5c19
|
feat(elbv2): add elbv2_alb_drop_invalid_header_fields_enabled check (FSBP ELB.4) (#11471)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-06-05 14:26:07 +02:00 |
|
Pedro Martín
|
d4bbc8b5ad
|
fix(jira): avoid 400 INVALID_INPUT on findings with empty field (#11474)
|
2026-06-05 13:26:28 +02:00 |
|
Aline Almeida
|
a5bc226f11
|
fix(gcp): pass iam_service_account_unused for disabled service accounts (#11467)
|
2026-06-05 12:07:30 +02:00 |
|
Oleksandr_Sanin
|
bcd282d3d0
|
fix(gcp): honour org-level aggregated sinks in logging_sink_created check (#11355)
Signed-off-by: Oleksandr Sanin <alexaaander.sanin@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-06-04 12:07:01 +02:00 |
|
Pedro Martín
|
f7f8747512
|
feat(compliance): add DORA framework for AWS (#11131)
|
2026-06-03 11:43:55 +02:00 |
|
RishiWig3
|
d573af911d
|
feat(aws): add sagemaker_models_monitor_enabled check (#11278)
Co-authored-by: RishiWig3 <rishi.wig@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-06-02 16:10:13 +01:00 |
|
Pedro Martín
|
a652e28b4a
|
fix(api): clean up scan tmp output failure to avoid disk fill (#11421)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2026-06-02 11:37:05 +02:00 |
|
Br1an
|
e3c4368d32
|
fix(azure): pass authority to credentials for sovereign clouds (#10284)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-05-29 15:17:41 +02:00 |
|
Johannes Engler
|
a2824f7166
|
feat(stackit): add new provider with 4 checks (#9237)
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-05-28 13:16:38 +02:00 |
|
lydiavilchez
|
c58dad2ca4
|
feat(googleworkspace): add rules service checks (#11379)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-28 11:17:33 +02:00 |
|
lydiavilchez
|
b4befe3a10
|
feat(googleworkspace): add security service checks (#11356)
Co-authored-by: pedrooot <pedromarting3@gmail.com>
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-28 10:15:10 +02:00 |
|
Daniel Barranquero
|
2678c6bc9f
|
feat(okta): add application service with 6 new checks (#11358)
|
2026-05-27 11:16:18 +02:00 |
|
Pedro Martín
|
48c071297f
|
fix(sdk): align compliance CSV row emission with framework JSON (#11370)
|
2026-05-27 11:06:23 +02:00 |
|
Pedro Martín
|
723d161c63
|
fix(az-m365): asyncio.run() in Azure/M365 Celery worker event (#11360)
|
2026-05-26 11:26:39 +02:00 |
|
Aline Almeida
|
d560020592
|
fix(gcp): match enable-oslogin metadata case-insensitively (#11341)
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2026-05-26 10:35:26 +02:00 |
|
Hugo Pereira Brito
|
4c59af93eb
|
fix(azure): require all SMB channel encryption algorithms to be secure (storage_smb_channel_encryption_with_secure_algorithm) (#11327)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-25 18:28:21 +02:00 |
|
Hugo Pereira Brito
|
6ca8e726f7
|
feat(azure): add storage_account_public_network_access_disabled and fix CIS storage mapping (#11334)
|
2026-05-25 18:17:41 +02:00 |
|
Kristofer Jussmann
|
6177fc6286
|
fix(oci): use home region for audit configuration API call (#10347)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-21 16:09:29 +01:00 |
|
Sandiyo Christan
|
0fd952ae2b
|
chore(m365): use PowerShell best practices for quoting credential variables (#9997)
Co-authored-by: Hugo P.Brito <hugopbrit@gmail.com>
|
2026-05-21 15:17:23 +01:00 |
|
lydiavilchez
|
74622dd576
|
feat(googleworkspace): add sites, additional_services and marketplace service checks (#11281)
|
2026-05-21 15:52:15 +02:00 |
|
Daniel Barranquero
|
349611d52d
|
feat(okta): 4 new signon service checks (#11224)
|
2026-05-21 12:48:06 +02:00 |
|
Simone
|
534dedb608
|
feat(sagemaker): add sagemaker_models_registry_in_use check (#11196)
Co-authored-by: cascioli <simdon2015?gmail.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-20 13:59:18 +02:00 |
|
BMO
|
cff1704d7b
|
feat(ses): add check for DKIM signing enabled on SES identities (#10923)
Co-authored-by: Mohamed Solaiman <mohamedsolaiman@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
|
2026-05-20 13:33:03 +02:00 |
|
lydiavilchez
|
0ca444895f
|
feat(googleworkspace): add groups service checks (#11186)
|
2026-05-20 12:54:49 +02:00 |
|
Daniel Barranquero
|
6eebfcfe77
|
feat(api): add okta provider support (#11184)
|
2026-05-20 10:46:29 +02:00 |
|
Hugo Pereira Brito
|
40c1761840
|
fix(s3): only emit shadow-resource finding when bucket name matches a predictable pattern (#11220)
|
2026-05-19 15:46:05 +01:00 |
|
Pedro Martín
|
0ab0e8671d
|
fix(azure): skip system 'master' DB in sqlserver_tde_encrypted_with_cmk (#11233)
|
2026-05-19 16:34:33 +02:00 |
|
Hugo Pereira Brito
|
7a7c828fc7
|
feat(m365/entra): add entra_app_registration_client_secret_unused check (consolidates #11097 and #11212) (#11232)
Co-authored-by: shadyfox <git@twink.energy>
Co-authored-by: Oleksandr Yizchak Sanin <alexaaander.sanin@gmail.com>
|
2026-05-19 15:14:32 +01:00 |
|
s1ns3nz0
|
9dc4deccb6
|
feat(gcp): add cloudsql_instance_cmek_encryption_enabled check (#11023)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2026-05-19 15:52:16 +02:00 |
|
Pedro Martín
|
bfcbe0a9c4
|
feat(scaleway): add new provider (#11166)
|
2026-05-18 16:42:10 +02:00 |
|
Pedro Martín
|
5ca6e31f45
|
fix(vercel): exclude API token from serialization and repr (#11198)
|
2026-05-18 14:30:44 +02:00 |
|
lydiavilchez
|
9894ac7bc3
|
feat(googleworkspace): implement Chat service with 6 CIS checks (#11126)
|
2026-05-14 17:19:11 +02:00 |
|