feat(docs): Add poetry command to install doc dependencies (#3664 )

fix(docs): solve docs dependencies (#3661 )
fix: typo (#3663 )
2026-03-24 04:28:02 +00:00 · 2024-04-04 12:42:01 +02:00 · 2024-04-04 12:22:10 +02:00 · 2024-04-04 12:21:23 +02:00 · 2024-04-04 11:36:35 +02:00 · 2024-04-03 17:49:22 +02:00
1041 changed files with 45617 additions and 5298 deletions
--- a/.github/ISSUE_TEMPLATE/feature-request.yml
+++ b/.github/ISSUE_TEMPLATE/feature-request.yml
@@ -1,6 +1,6 @@
 name:  💡 Feature Request
 description: Suggest an idea for this project
-labels: ["enhancement", "status/needs-triage"]
+labels: ["feature-request", "status/needs-triage"]


 body:
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -13,3 +13,8 @@ updates:
    labels:
      - "dependencies"
      - "pip"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    target-branch: master
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -0,0 +1,27 @@
+documentation:
+  - changed-files:
+      - any-glob-to-any-file: "docs/**"
+
+provider/aws:
+  - changed-files:
+      - any-glob-to-any-file: "prowler/providers/aws/**"
+      - any-glob-to-any-file: "tests/providers/aws/**"
+
+provider/azure:
+  - changed-files:
+      - any-glob-to-any-file: "prowler/providers/azure/**"
+      - any-glob-to-any-file: "tests/providers/azure/**"
+
+provider/gcp:
+  - changed-files:
+      - any-glob-to-any-file: "prowler/providers/gcp/**"
+      - any-glob-to-any-file: "tests/providers/gcp/**"
+
+provider/kubernetes:
+  - changed-files:
+      - any-glob-to-any-file: "prowler/providers/kubernetes/**"
+      - any-glob-to-any-file: "tests/providers/kubernetes/**"
+
+github_actions:
+  - changed-files:
+      - any-glob-to-any-file: ".github/workflows/*"
--- a/.github/workflows/build-documentation-on-pr.yml
+++ b/.github/workflows/build-documentation-on-pr.yml
@@ -0,0 +1,24 @@
+name: Pull Request Documentation Link
+
+on:
+  pull_request:
+    branches:
+      - 'master'
+      - 'prowler-4.0-dev'
+    paths:
+      - 'docs/**'
+
+env:
+  PR_NUMBER: ${{ github.event.pull_request.number }}
+
+jobs:
+  documentation-link:
+    name: Documentation Link
+    runs-on: ubuntu-latest
+    steps:
+      - name: Leave PR comment with the SaaS Documentation URI
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          issue-number: ${{ env.PR_NUMBER }}
+          body: |
+            You can check the documentation for this PR here -> [SaaS Documentation](https://prowler-prowler-docs--${{ env.PR_NUMBER }}.com.readthedocs.build/projects/prowler-open-source/en/${{ env.PR_NUMBER }}/)
--- a/.github/workflows/build-lint-push-containers.yml
+++ b/.github/workflows/build-lint-push-containers.yml
@@ -3,6 +3,8 @@ name: build-lint-push-containers
 on:
  push:
    branches:
+      # TODO: update it for v3 and v4
+      # - "v3"
      - "master"
    paths-ignore:
      - ".github/**"
@@ -13,15 +15,27 @@ on:
    types: [published]

 env:
+  # AWS Configuration
  AWS_REGION_STG: eu-west-1
  AWS_REGION_PLATFORM: eu-west-1
  AWS_REGION: us-east-1
+
+  # Container's configuration
  IMAGE_NAME: prowler
+  DOCKERFILE_PATH: ./Dockerfile
+
+  # Tags
  LATEST_TAG: latest
  STABLE_TAG: stable
-  TEMPORARY_TAG: temporary
-  DOCKERFILE_PATH: ./Dockerfile
-  PYTHON_VERSION: 3.9
+  # The RELEASE_TAG is set during runtime in releases
+  RELEASE_TAG: ""
+  # The PROWLER_VERSION and PROWLER_VERSION_MAJOR are set during runtime in releases
+  PROWLER_VERSION: ""
+  PROWLER_VERSION_MAJOR: ""
+  # TEMPORARY_TAG: temporary
+
+  # Python configuration
+  PYTHON_VERSION: 3.11

 jobs:
  # Build Prowler OSS container
@@ -30,35 +44,66 @@ jobs:
    runs-on: ubuntu-latest
    env:
      POETRY_VIRTUALENVS_CREATE: "false"
+
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

-      - name: Setup python (release)
-        if: github.event_name == 'release'
-        uses: actions/setup-python@v2
+      - name: Setup Python
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}

-      - name: Install dependencies (release)
-        if: github.event_name == 'release'
+      - name: Install Poetry
        run: |
          pipx install poetry
          pipx inject poetry poetry-bumpversion

+      - name: Get Prowler version
+        run: |
+          PROWLER_VERSION="$(poetry version -s 2>/dev/null)"
+
+          # Store prowler version major just for the release
+          PROWLER_VERSION_MAJOR="${PROWLER_VERSION%%.*}"
+          echo "PROWLER_VERSION_MAJOR=${PROWLER_VERSION_MAJOR}" >> "${GITHUB_ENV}"
+
+          case ${PROWLER_VERSION_MAJOR} in
+          3)
+              # TODO: update it for v3 and v4
+              # echo "LATEST=v3-latest" >> "${GITHUB_ENV}"
+              # echo "STABLE_TAG=v3-stable" >> "${GITHUB_ENV}"
+              echo "LATEST=latest" >> "${GITHUB_ENV}"
+              echo "STABLE_TAG=stable" >> "${GITHUB_ENV}"
+              ;;
+
+          # TODO: uncomment for v3 and v4
+          # 4)
+          #     echo "LATEST=latest" >> "${GITHUB_ENV}"
+          #     echo "STABLE_TAG=stable" >> "${GITHUB_ENV}"
+          #     ;;
+
+          *)
+              # Fallback if any other version is present
+              echo "Releasing another Prowler major version, aborting..."
+              exit 1
+              ;;
+          esac
+
      - name: Update Prowler version (release)
        if: github.event_name == 'release'
        run: |
-          poetry version ${{ github.event.release.tag_name }}
+          PROWLER_VERSION="${{ github.event.release.tag_name }}"
+          poetry version "${PROWLER_VERSION}"
+          echo "PROWLER_VERSION=${PROWLER_VERSION}" >> "${GITHUB_ENV}"

      - name: Login to DockerHub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Public ECR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          registry: public.ecr.aws
          username: ${{ secrets.PUBLIC_ECR_AWS_ACCESS_KEY_ID }}
@@ -67,11 +112,11 @@ jobs:
          AWS_REGION: ${{ env.AWS_REGION }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3

      - name: Build and push container image (latest)
        if: github.event_name == 'push'
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          push: true
          tags: |
@@ -83,16 +128,16 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          # Use local context to get changes
          # https://github.com/docker/build-push-action#path-context
          context: .
          push: true
          tags: |
-            ${{ secrets.DOCKER_HUB_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }}
+            ${{ secrets.DOCKER_HUB_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.PROWLER_VERSION }}
            ${{ secrets.DOCKER_HUB_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.STABLE_TAG }}
-            ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }}
+            ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.PROWLER_VERSION }}
            ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.STABLE_TAG }}
          file: ${{ env.DOCKERFILE_PATH }}
          cache-from: type=gha
@@ -102,16 +147,26 @@ jobs:
    needs: container-build-push
    runs-on: ubuntu-latest
    steps:
-      - name: Get latest commit info
+      - name: Get latest commit info (latest)
        if: github.event_name == 'push'
        run: |
          LATEST_COMMIT_HASH=$(echo ${{ github.event.after }} | cut -b -7)
          echo "LATEST_COMMIT_HASH=${LATEST_COMMIT_HASH}" >> $GITHUB_ENV
-      - name: Dispatch event for latest
-        if: github.event_name == 'push'
+
+      - name: Dispatch event (latest)
+        if: github.event_name == 'push' && ${{ env. PROWLER_VERSION_MAJOR }} == '3'
        run: |
-          curl https://api.github.com/repos/${{ secrets.DISPATCH_OWNER }}/${{ secrets.DISPATCH_REPO }}/dispatches -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --data '{"event_type":"dispatch","client_payload":{"version":"latest", "tag": "${{ env.LATEST_COMMIT_HASH }}"}}'
-      - name: Dispatch event for release
-        if: github.event_name == 'release'
+          curl https://api.github.com/repos/${{ secrets.DISPATCH_OWNER }}/${{ secrets.DISPATCH_REPO }}/dispatches \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.ACCESS_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            --data '{"event_type":"dispatch","client_payload":{"version":"latest", "tag": "${{ env.LATEST_COMMIT_HASH }}"}}'
+
+      - name: Dispatch event (release)
+        if: github.event_name == 'release' && ${{ env. PROWLER_VERSION_MAJOR }} == '3'
        run: |
-          curl https://api.github.com/repos/${{ secrets.DISPATCH_OWNER }}/${{ secrets.DISPATCH_REPO }}/dispatches -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.ACCESS_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --data '{"event_type":"dispatch","client_payload":{"version":"release", "tag":"${{ github.event.release.tag_name }}"}}'
+          curl https://api.github.com/repos/${{ secrets.DISPATCH_OWNER }}/${{ secrets.DISPATCH_REPO }}/dispatches \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.ACCESS_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            --data '{"event_type":"dispatch","client_payload":{"version":"release", "tag":"${{ env.PROWLER_VERSION }}"}}'
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -37,11 +37,11 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,6 +52,6 @@ jobs:
        # queries: security-extended,security-and-quality

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/find-secrets.yml
+++ b/.github/workflows/find-secrets.yml
@@ -7,11 +7,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@v3.4.4
+        uses: trufflesecurity/trufflehog@v3.71.2
        with:
          path: ./
          base: ${{ github.event.repository.default_branch }}
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -0,0 +1,16 @@
+name: "Pull Request Labeler"
+
+on:
+    pull_request_target:
+      branches:
+        - "master"
+        - "prowler-4.0-dev"
+
+jobs:
+  labeler:
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/labeler@v5
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -14,13 +14,13 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        python-version: ["3.9", "3.10", "3.11"]
+        python-version: ["3.9", "3.10", "3.11", "3.12"]

    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@v41
+        uses: tj-actions/changed-files@v44
        with:
          files: ./**
          files_ignore: |
@@ -36,7 +36,7 @@ jobs:
          pipx install poetry
      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
@@ -88,6 +88,6 @@ jobs:
          poetry run pytest -n auto --cov=./prowler --cov-report=xml tests
      - name: Upload coverage reports to Codecov
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/pypi-release.yml
+++ b/.github/workflows/pypi-release.yml
@@ -6,7 +6,10 @@ on:

 env:
  RELEASE_TAG: ${{ github.event.release.tag_name }}
-  GITHUB_BRANCH: master
+  PYTHON_VERSION: 3.11
+  CACHE: "poetry"
+  # TODO: create a bot user for this kind of tasks, like prowler-bot
+  GIT_COMMITTER_EMAIL: "sergio@prowler.com"

 jobs:
  release-prowler-job:
@@ -15,56 +18,80 @@ jobs:
      POETRY_VIRTUALENVS_CREATE: "false"
    name: Release Prowler to PyPI
    steps:
-      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ env.GITHUB_BRANCH }}
+      - name: Get Prowler version
+        run: |
+          PROWLER_VERSION="${{ env.RELEASE_TAG }}"
+
+          case ${PROWLER_VERSION%%.*} in
+          3)
+              echo "Releasing Prowler v3 with tag ${PROWLER_VERSION}"
+              ;;
+          4)
+              echo "Releasing Prowler v4 with tag ${PROWLER_VERSION}"
+              ;;
+          *)
+              echo "Releasing another Prowler major version, aborting..."
+              exit 1
+              ;;
+          esac
+
+      - uses: actions/checkout@v4
+
      - name: Install dependencies
        run: |
          pipx install poetry
          pipx inject poetry poetry-bumpversion
-      - name: setup python
-        uses: actions/setup-python@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
        with:
-          python-version: 3.9
-          cache: 'poetry'
-      - name: Change version and Build package
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: ${{ env.CACHE }}
+
+      - name: Update Poetry and config version
        run: |
          poetry version ${{ env.RELEASE_TAG }}
+
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+
+      - name: Push updated version to the release tag
+        run: |
+          # Configure Git
          git config user.name "github-actions"
-          git config user.email "<noreply@github.com>"
+          git config user.email "${{ env.GIT_COMMITTER_EMAIL }}"
+
+          # Add the files with the version changed
          git add prowler/config/config.py pyproject.toml
-          git commit -m "chore(release): ${{ env.RELEASE_TAG }}" --no-verify
-          git tag -fa ${{ env.RELEASE_TAG }} -m "chore(release): ${{ env.RELEASE_TAG }}"
+          git commit -m "chore(release): ${{ env.RELEASE_TAG }}" --no-verify -S
+
+          # Replace the tag with the version updated
+          git tag -fa ${{ env.RELEASE_TAG }} -m "chore(release): ${{ env.RELEASE_TAG }}" --sign
+
+          # Push the tag
          git push -f origin ${{ env.RELEASE_TAG }}
+
+      - name: Build Prowler package
+        run: |
          poetry build
-      - name: Publish prowler package to PyPI
+
+      - name: Publish Prowler package to PyPI
        run: |
          poetry config pypi-token.pypi ${{ secrets.PYPI_API_TOKEN }}
          poetry publish
-      # Create pull request with new version
-      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4
-        with:
-          token: ${{ secrets.PROWLER_ACCESS_TOKEN }}
-          commit-message: "chore(release): update Prowler Version to ${{ env.RELEASE_TAG }}."
-          branch: release-${{ env.RELEASE_TAG }}
-          labels: "status/waiting-for-revision, severity/low"
-          title: "chore(release): update Prowler Version to ${{ env.RELEASE_TAG }}"
-          body: |
-            ### Description

-            This PR updates Prowler Version to ${{ env.RELEASE_TAG }}.
-
-            ### License
-
-            By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
-      - name: Replicate PyPi Package
+      - name: Replicate PyPI package
        run: |
          rm -rf ./dist && rm -rf ./build && rm -rf prowler.egg-info
          pip install toml
          python util/replicate_pypi_package.py
          poetry build
+
      - name: Publish prowler-cloud package to PyPI
        run: |
          poetry config pypi-token.pypi ${{ secrets.PYPI_API_TOKEN }}
--- a/.github/workflows/refresh_aws_services_regions.yml
+++ b/.github/workflows/refresh_aws_services_regions.yml
@@ -23,12 +23,12 @@ jobs:
    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
        with:
          ref: ${{ env.GITHUB_BRANCH }}

      - name: setup python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
        with:
          python-version: 3.9 #install the python needed

@@ -38,7 +38,7 @@ jobs:
          pip install boto3

      - name: Configure AWS Credentials -- DEV
-        uses: aws-actions/configure-aws-credentials@v1
+        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-region: ${{ env.AWS_REGION_DEV }}
          role-to-assume: ${{ secrets.DEV_IAM_ROLE_ARN }}
@@ -50,12 +50,12 @@ jobs:

      # Create pull request
      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4
+        uses: peter-evans/create-pull-request@v6
        with:
          token: ${{ secrets.PROWLER_ACCESS_TOKEN }}
          commit-message: "feat(regions_update): Update regions for AWS services."
          branch: "aws-services-regions-updated-${{ github.sha }}"
-          labels: "status/waiting-for-revision, severity/low"
+          labels: "status/waiting-for-revision, severity/low, provider/aws"
          title: "chore(regions_update): Changes in regions for AWS services."
          body: |
            ### Description
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,7 +1,7 @@
 repos:
  ## GENERAL
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v4.5.0
    hooks:
      - id: check-merge-conflict
      - id: check-yaml
@@ -15,7 +15,7 @@ repos:

  ## TOML
  - repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks
-    rev: v2.10.0
+    rev: v2.12.0
    hooks:
      - id: pretty-format-toml
        args: [--autofix]
@@ -28,7 +28,7 @@ repos:
      - id: shellcheck
  ## PYTHON
  - repo: https://github.com/myint/autoflake
-    rev: v2.2.0
+    rev: v2.2.1
    hooks:
      - id: autoflake
        args:
@@ -39,25 +39,25 @@ repos:
          ]

  - repo: https://github.com/timothycrosley/isort
-    rev: 5.12.0
+    rev: 5.13.2
    hooks:
      - id: isort
        args: ["--profile", "black"]

  - repo: https://github.com/psf/black
-    rev: 22.12.0
+    rev: 24.1.1
    hooks:
      - id: black

  - repo: https://github.com/pycqa/flake8
-    rev: 6.1.0
+    rev: 7.0.0
    hooks:
      - id: flake8
        exclude: contrib
        args: ["--ignore=E266,W503,E203,E501,W605"]

  - repo: https://github.com/python-poetry/poetry
-    rev: 1.6.0 # add version here
+    rev: 1.7.0
    hooks:
      - id: poetry-check
      - id: poetry-lock
@@ -80,18 +80,12 @@ repos:
      - id: trufflehog
        name: TruffleHog
        description: Detect secrets in your data.
-        # entry: bash -c 'trufflehog git file://. --only-verified --fail'
+        entry: bash -c 'trufflehog --no-update git file://. --only-verified --fail'
        # For running trufflehog in docker, use the following entry instead:
-        entry: bash -c 'docker run -v "$(pwd):/workdir" -i --rm trufflesecurity/trufflehog:latest git file:///workdir --only-verified --fail'
+        # entry: bash -c 'docker run -v "$(pwd):/workdir" -i --rm trufflesecurity/trufflehog:latest git file:///workdir --only-verified --fail'
        language: system
        stages: ["commit", "push"]

-      - id: pytest-check
-        name: pytest-check
-        entry: bash -c 'pytest tests -n auto'
-        language: system
-        files: '.*\.py'
-
      - id: bandit
        name: bandit
        description: "Bandit is a tool for finding common security issues in Python code"
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -8,16 +8,18 @@ version: 2
 build:
  os: "ubuntu-22.04"
  tools:
-    python: "3.9"
+    python: "3.11"
  jobs:
    post_create_environment:
      # Install poetry
      # https://python-poetry.org/docs/#installing-manually
-      - pip install poetry
-      # Tell poetry to not use a virtual environment
-      - poetry config virtualenvs.create false
+      - python -m pip install poetry
    post_install:
-      - poetry install -E docs
+      # Install dependencies with 'docs' dependency group
+      # https://python-poetry.org/docs/managing-dependencies/#dependency-groups
+      # VIRTUAL_ENV needs to be set manually for now.
+      # See https://github.com/readthedocs/readthedocs.org/pull/11152/
+      - VIRTUAL_ENV=${READTHEDOCS_VIRTUALENV_PATH} python -m poetry install --only=docs

 mkdocs:
  configuration: mkdocs.yml
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement

 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at community@prowler.cloud. All
+reported by contacting the project team at [support.prowler.com](https://customer.support.prowler.com/servicedesk/customer/portals). All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.
--- a/2
+++ b/2
@@ -186,7 +186,7 @@
      same "printed page" as the copyright notice for easier
      identification within third-party archives.

-Copyright 2018 Netflix, Inc.
+   Copyright @ 2024 Toni de la Fuente

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
--- a/README.md
+++ b/README.md
@@ -1,24 +1,31 @@
 <p align="center">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/62c1ce73bbcdd6b9e5ba03dfcae26dfd165defd9/docs/img/prowler-pro-dark.png?raw=True#gh-dark-mode-only" width="150" height="36">
-  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/62c1ce73bbcdd6b9e5ba03dfcae26dfd165defd9/docs/img/prowler-pro-light.png?raw=True#gh-light-mode-only" width="15%" height="15%">
+  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-black.png?raw=True#gh-light-mode-only" width="350" height="115">
+  <img align="center" src="https://github.com/prowler-cloud/prowler/blob/master/docs/img/prowler-logo-white.png?raw=True#gh-dark-mode-only" width="350" height="115">
 </p>
 <p align="center">
-  <b><i>See all the things you and your team can do with ProwlerPro at <a href="https://prowler.pro">prowler.pro</a></i></b>
+  <b><i>Prowler SaaS </b> and <b>Prowler Open Source</b> are as dynamic and adaptable as the environment they’re meant to protect. Trusted by the leaders in security.
 </p>
+<p align="center">
+<b>Learn more at <a href="https://prowler.com">prowler.com</i></b>
+</p>
+
+<p align="center">
+<a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog"><img width="30" height="30" alt="Prowler community on Slack" src="https://github.com/prowler-cloud/prowler/assets/3985464/3617e470-670c-47c9-9794-ce895ebdb627"></a>
+  <br>
+<a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog">Join our Prowler community!</a>
+</p>
+
 <hr>
-<p align="center">
-  <img src="https://user-images.githubusercontent.com/3985464/113734260-7ba06900-96fb-11eb-82bc-d4f68a1e2710.png" />
-</p>
 <p align="center">
  <a href="https://join.slack.com/t/prowler-workspace/shared_invite/zt-1hix76xsl-2uq222JIXrC7Q8It~9ZNog"><img alt="Slack Shield" src="https://img.shields.io/badge/slack-prowler-brightgreen.svg?logo=slack"></a>
  <a href="https://pypi.org/project/prowler/"><img alt="Python Version" src="https://img.shields.io/pypi/v/prowler.svg"></a>
  <a href="https://pypi.python.org/pypi/prowler/"><img alt="Python Version" src="https://img.shields.io/pypi/pyversions/prowler.svg"></a>
  <a href="https://pypistats.org/packages/prowler"><img alt="PyPI Prowler Downloads" src="https://img.shields.io/pypi/dw/prowler.svg?label=prowler%20downloads"></a>
-  <a href="https://pypistats.org/packages/prowler-cloud"><img alt="PyPI Prowler-Cloud Downloads" src="https://img.shields.io/pypi/dw/prowler-cloud.svg?label=prowler-cloud%20downloads"></a>
  <a href="https://hub.docker.com/r/toniblyx/prowler"><img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/toniblyx/prowler"></a>
  <a href="https://hub.docker.com/r/toniblyx/prowler"><img alt="Docker" src="https://img.shields.io/docker/cloud/build/toniblyx/prowler"></a>
  <a href="https://hub.docker.com/r/toniblyx/prowler"><img alt="Docker" src="https://img.shields.io/docker/image-size/toniblyx/prowler"></a>
  <a href="https://gallery.ecr.aws/prowler-cloud/prowler"><img width="120" height=19" alt="AWS ECR Gallery" src="https://user-images.githubusercontent.com/3985464/151531396-b6535a68-c907-44eb-95a1-a09508178616.png"></a>
+  <a href="https://codecov.io/gh/prowler-cloud/prowler"><img src="https://codecov.io/gh/prowler-cloud/prowler/graph/badge.svg?token=OflBGsdpDl"/></a>
 </p>
 <p align="center">
  <a href="https://github.com/prowler-cloud/prowler"><img alt="Repo size" src="https://img.shields.io/github/repo-size/prowler-cloud/prowler"></a>
@@ -30,6 +37,7 @@
  <a href="https://twitter.com/ToniBlyx"><img alt="Twitter" src="https://img.shields.io/twitter/follow/toniblyx?style=social"></a>
  <a href="https://twitter.com/prowlercloud"><img alt="Twitter" src="https://img.shields.io/twitter/follow/prowlercloud?style=social"></a>
 </p>
+<hr>

 # Description

@@ -37,16 +45,16 @@

 It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, AWS Well-Architected Framework Security Pillar, AWS Foundational Technical Review (FTR), ENS (Spanish National Security Scheme) and your custom security frameworks.

-| Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.cloud/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.cloud/en/latest/tutorials/misc/#categories) |
+| Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
-| AWS | 301 | 61 -> `prowler aws --list-services` | 25 -> `prowler aws --list-compliance` | 5 -> `prowler aws --list-categories` |
-| GCP | 73 | 11 -> `prowler gcp --list-services` | 1 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
-| Azure | 23 | 4 -> `prowler azure --list-services` | CIS soon | 1 -> `prowler azure --list-categories` |
-| Kubernetes | Planned | - | - | - |
+| AWS | 304 | 61 -> `prowler aws --list-services` | 28 -> `prowler aws --list-compliance` | 6 -> `prowler aws --list-categories` |
+| GCP | 75 | 11 -> `prowler gcp --list-services` | 1 -> `prowler gcp --list-compliance` | 2 -> `prowler gcp --list-categories`|
+| Azure | 126 | 16 -> `prowler azure --list-services` | 2 -> `prowler azure --list-compliance` | 2 -> `prowler azure --list-categories` |
+| Kubernetes | Work In Progress | - | CIS soon | - |

 # 📖 Documentation

-The full documentation can now be found at [https://docs.prowler.cloud](https://docs.prowler.cloud)
+The full documentation can now be found at [https://docs.prowler.com](https://docs.prowler.com/projects/prowler-open-source/en/latest/)

 ## Looking for Prowler v2 documentation?
 For Prowler v2 Documentation, please go to https://github.com/prowler-cloud/prowler/tree/2.12.1.
@@ -54,13 +62,13 @@ For Prowler v2 Documentation, please go to https://github.com/prowler-cloud/prow
 # ⚙️ Install

 ## Pip package
-Prowler is available as a project in [PyPI](https://pypi.org/project/prowler-cloud/), thus can be installed using pip with Python >= 3.9:
+Prowler is available as a project in [PyPI](https://pypi.org/project/prowler-cloud/), thus can be installed using pip with Python >= 3.9, < 3.13:

 ```console
 pip install prowler
 prowler -v
 ```
-More details at https://docs.prowler.cloud
+More details at [https://docs.prowler.com](https://docs.prowler.com/projects/prowler-open-source/en/latest/)

 ## Containers

@@ -77,7 +85,7 @@ The container images are available here:

 ## From Github

-Python >= 3.9 is required with pip and poetry:
+Python >= 3.9, < 3.13 is required with pip and poetry:

 ```
 git clone https://github.com/prowler-cloud/prowler
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -14,7 +14,7 @@ As an **AWS Partner** and we have passed the [AWS Foundation Technical Review (F

 If you would like to report a vulnerability or have a security concern regarding Prowler Open Source or ProwlerPro service, please submit the information by contacting to help@prowler.pro.

-The information you share with Verica as part of this process is kept confidential within Verica and the Prowler team. We will only share this information with a third party if the vulnerability you report is found to affect a third-party product, in which case we will share this information with the third-party product's author or manufacturer. Otherwise, we will only share this information as permitted by you.
+The information you share with ProwlerPro as part of this process is kept confidential within ProwlerPro. We will only share this information with a third party if the vulnerability you report is found to affect a third-party product, in which case we will share this information with the third-party product's author or manufacturer. Otherwise, we will only share this information as permitted by you.

 We will review the submitted report, and assign it a tracking number. We will then respond to you, acknowledging receipt of the report, and outline the next steps in the process.

--- a/docs/developer-guide/checks.md
+++ b/docs/developer-guide/checks.md
@@ -101,7 +101,7 @@ All the checks MUST fill the `report.status` and `report.status_extended` with t

 - Status -- `report.status`
    - `PASS` --> If the check is passing against the configured value.
-    - `FAIL` --> If the check is passing against the configured value.
+    - `FAIL` --> If the check is failing against the configured value.
    - `INFO` --> This value cannot be used unless a manual operation is required in order to determine if the `report.status` is whether `PASS` or `FAIL`.
 - Status Extended -- `report.status_extended`
    - MUST end in a dot `.`
@@ -125,7 +125,7 @@ All the checks MUST fill the `report.resource_id` and `report.resource_arn` with
    - Resource ARN -- `report.resource_arn`
        - AWS Account --> Root ARN `arn:aws:iam::123456789012:root`
        - AWS Resource --> Resource ARN
-        - Root resource --> Root ARN `arn:aws:iam::123456789012:root`
+        - Root resource --> Resource Type ARN `f"arn:{service_client.audited_partition}:<service_name>:{service_client.region}:{service_client.audited_account}:<resource_type>"`
 - GCP
    - Resource ID -- `report.resource_id`
        - GCP Resource --> Resource ID
@@ -196,14 +196,17 @@ aws:
 As you can see in the above code, within the service client, in this case the `ec2_client`, there is an object called `audit_config` which is a Python dictionary containing the values read from the configuration file.

 In order to use it, you have to check first if the value is present in the configuration file. If the value is not present, you can create it in the `config.yaml` file and then, read it from the check.
-> It is mandatory to always use the `dictionary.get(value, default)` syntax to set a default value in the case the configuration value is not present.
+
+???+ note
+    It is mandatory to always use the `dictionary.get(value, default)` syntax to set a default value in the case the configuration value is not present.


 ## Check Metadata

 Each Prowler check has metadata associated which is stored at the same level of the check's folder in a file called A `check_name.metadata.json` containing the check's metadata.

-> We are going to include comments in this example metadata JSON but they cannot be included because the JSON format does not allow comments.
+???+ note
+    We are going to include comments in this example metadata JSON but they cannot be included because the JSON format does not allow comments.

 ```json
 {
--- a/docs/developer-guide/debugging.md
+++ b/docs/developer-guide/debugging.md
@@ -0,0 +1,45 @@
+# Debugging
+
+Debugging in Prowler make things easier!
+If you are developing Prowler, it's possible that you will encounter some situations where you have to inspect the code in depth to fix some unexpected issues during the execution. To do that, if you are using VSCode you can run the code using the integrated debugger. Please, refer to this [documentation](https://code.visualstudio.com/docs/editor/debugging) for guidance about the debugger in VSCode.
+The following file is an example of the [debugging configuration](https://code.visualstudio.com/docs/editor/debugging#_launch-configurations) file that you can add to [Virtual Studio Code](https://code.visualstudio.com/).
+
+This file should inside the *.vscode* folder and its name has to be *launch.json*:
+
+```json
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Python: Current File",
+            "type": "python",
+            "request": "launch",
+            "program": "prowler.py",
+            "args": [
+                "aws",
+                "-f",
+                "eu-west-1",
+                "--service",
+                "cloudwatch",
+                "--log-level",
+                "ERROR",
+                "-p",
+                "dev",
+            ],
+            "console": "integratedTerminal",
+            "justMyCode": false
+        },
+        {
+            "name": "Python: Debug Tests",
+            "type": "python",
+            "request": "launch",
+            "program": "${file}",
+            "purpose": [
+                "debug-test"
+            ],
+            "console": "integratedTerminal",
+            "justMyCode": false
+        }
+    ]
+}
+```
--- a/docs/developer-guide/documentation.md
+++ b/docs/developer-guide/documentation.md
@@ -1,6 +1,6 @@
 ## Contribute with documentation

-We use `mkdocs` to build this Prowler documentation site so you can easily contribute back with new docs or improving them.
+We use `mkdocs` to build this Prowler documentation site so you can easily contribute back with new docs or improving them. To install all necessary dependencies use `poetry install --with docs`.

 1. Install `mkdocs` with your favorite package manager.
 2. Inside the `prowler` repository folder run `mkdocs serve` and point your browser to `http://localhost:8000` and you will see live changes to your local copy of this documentation site.
--- a/docs/developer-guide/introduction.md
+++ b/docs/developer-guide/introduction.md
@@ -1,6 +1,6 @@
 # Developer Guide

-You can extend Prowler in many different ways, in most cases you will want to create your own checks and compliance security frameworks, here is where you can learn about how to get started with it. We also include how to create custom outputs, integrations and more.
+You can extend Prowler Open Source in many different ways, in most cases you will want to create your own checks and compliance security frameworks, here is where you can learn about how to get started with it. We also include how to create custom outputs, integrations and more.

 ## Get the code and install all dependencies

@@ -16,7 +16,7 @@ pip install poetry
 ```
 Then install all dependencies including the ones for developers:
 ```
-poetry install
+poetry install --with dev
 poetry shell
 ```

@@ -31,7 +31,9 @@ You should get an output like the following:
 pre-commit installed at .git/hooks/pre-commit
 ```

-Before we merge any of your pull requests we pass checks to the code, we use the following tools and automation to make sure the code is secure and dependencies up-to-dated (these should have been already installed if you ran `pipenv install -d`):
+Before we merge any of your pull requests we pass checks to the code, we use the following tools and automation to make sure the code is secure and dependencies up-to-dated:
+???+ note
+    These should have been already installed if you ran `poetry install --with dev`

 - [`bandit`](https://pypi.org/project/bandit/) for code security review.
 - [`safety`](https://pypi.org/project/safety/) and [`dependabot`](https://github.com/features/security) for dependencies.
--- a/docs/developer-guide/security-compliance-framework.md
+++ b/docs/developer-guide/security-compliance-framework.md
@@ -23,7 +23,7 @@ Each file version of a framework will have the following structure at high level
  "Requirements": [
    {
      "Id": "<unique-id>",
-      "Description": "Requiemente full description",
+      "Description": "Requirement full description",
      "Checks": [
        "Here is the prowler check or checks that is going to be executed"
      ],
@@ -38,4 +38,4 @@ Each file version of a framework will have the following structure at high level
 }
 ```

-Finally, to have a proper output file for your reports, your framework data model has to be created in `prowler/lib/outputs/models.py` and also the CLI table output in `prowler/lib/outputs/compliance.py`.
+Finally, to have a proper output file for your reports, your framework data model has to be created in `prowler/lib/outputs/models.py` and also the CLI table output in `prowler/lib/outputs/compliance.py`. Also, you need to add a new conditional in `prowler/lib/outputs/file_descriptors.py` if you create a new CSV model.
--- a/docs/developer-guide/unit-testing.md
+++ b/docs/developer-guide/unit-testing.md
@@ -40,13 +40,15 @@ Other commands to run tests:
 - Run tests for a provider service: `pytest -n auto -vvv -s -x tests/providers/<provider>/services/<service>`
 - Run tests for a provider check: `pytest -n auto -vvv -s -x tests/providers/<provider>/services/<service>/<check>`

-> Refer to the [pytest documentation](https://docs.pytest.org/en/7.1.x/getting-started.html) documentation for more information.
+???+ note
+    Refer to the [pytest documentation](https://docs.pytest.org/en/7.1.x/getting-started.html) documentation for more information.

 ## AWS

 For the AWS provider we have ways to test a Prowler check based on the following criteria:

-> Note: We use and contribute to the [Moto](https://github.com/getmoto/moto) library which allows us to easily mock out tests based on AWS infrastructure. **It's awesome!**
+???+ note
+    We use and contribute to the [Moto](https://github.com/getmoto/moto) library which allows us to easily mock out tests based on AWS infrastructure. **It's awesome!**

 - AWS API calls covered by [Moto](https://github.com/getmoto/moto):
    - Service tests with `@mock_<service>`
@@ -195,7 +197,8 @@ class Test_iam_password_policy_uppercase:

 If the IAM service for the check's we want to test is not covered by Moto, we have to inject the objects in the service client using [MagicMock](https://docs.python.org/3/library/unittest.mock.html#unittest.mock.MagicMock). As we have pointed above, we cannot instantiate the service since it will make real calls to the AWS APIs.

-> The following example uses the IAM GetAccountPasswordPolicy which is covered by Moto but this is only for demonstration purposes.
+???+ note
+    The following example uses the IAM GetAccountPasswordPolicy which is covered by Moto but this is only for demonstration purposes.

 The following code shows how to use MagicMock to create the service objects.

@@ -325,7 +328,8 @@ class Test_iam_password_policy_uppercase:

 Note that this does not use Moto, to keep it simple, but if you use any `moto`-decorators in addition to the patch, the call to `orig(self, operation_name, kwarg)` will be intercepted by Moto.

-> The above code comes from here https://docs.getmoto.org/en/latest/docs/services/patching_other_services.html
+???+ note
+    The above code comes from here https://docs.getmoto.org/en/latest/docs/services/patching_other_services.html

 #### Mocking more than one service

@@ -385,7 +389,7 @@ with mock.patch(
    "prowler.providers.<provider>.lib.audit_info.audit_info.audit_info",
    new=audit_info,
 ), mock.patch(
-    "prowler.providers.aws.services.<service>.<check>.<check>.<service>_client",
+    "prowler.providers.<provider>.services.<service>.<check>.<check>.<service>_client",
    new=<SERVICE>(audit_info),
 ):
 ```
@@ -407,10 +411,10 @@ with mock.patch(
    "prowler.providers.<provider>.lib.audit_info.audit_info.audit_info",
    new=audit_info,
 ), mock.patch(
-    "prowler.providers.aws.services.<service>.<SERVICE>",
+    "prowler.providers.<provider>.services.<service>.<SERVICE>",
    new=<SERVICE>(audit_info),
 ) as service_client, mock.patch(
-    "prowler.providers.aws.services.<service>.<service>_client.<service>_client",
+    "prowler.providers.<provider>.services.<service>.<service>_client.<service>_client",
    new=service_client,
 ):
 ```
@@ -523,7 +527,7 @@ from unittest import mock
 from uuid import uuid4

 # Azure Constants
-AZURE_SUSCRIPTION = str(uuid4())
+from tests.providers.azure.azure_fixtures import AZURE_SUBSCRIPTION



@@ -542,7 +546,7 @@ class Test_defender_ensure_defender_for_arm_is_on:

        # Create the custom Defender object to be tested
        defender_client.pricings = {
-            AZURE_SUSCRIPTION: {
+            AZURE_SUBSCRIPTION: {
                "Arm": Defender_Pricing(
                    resource_id=resource_id,
                    pricing_tier="Not Standard",
@@ -580,9 +584,9 @@ class Test_defender_ensure_defender_for_arm_is_on:
            assert result[0].status == "FAIL"
            assert (
                result[0].status_extended
-                == f"Defender plan Defender for ARM from subscription {AZURE_SUSCRIPTION} is set to OFF (pricing tier not standard)"
+                == f"Defender plan Defender for ARM from subscription {AZURE_SUBSCRIPTION} is set to OFF (pricing tier not standard)"
            )
-            assert result[0].subscription == AZURE_SUSCRIPTION
+            assert result[0].subscription == AZURE_SUBSCRIPTION
            assert result[0].resource_name == "Defender plan ARM"
            assert result[0].resource_id == resource_id
 ```
--- a/docs/getting-started/requirements.md
+++ b/docs/getting-started/requirements.md
@@ -5,7 +5,7 @@ Prowler has been written in Python using the [AWS SDK (Boto3)](https://boto3.ama

 Since Prowler uses AWS Credentials under the hood, you can follow any authentication method as described [here](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-precedence).

-### AWS Authentication
+### Authentication

 Make sure you have properly configured your AWS-CLI with a valid Access Key and Region or declare AWS variables properly (or instance profile/role):

@@ -26,9 +26,8 @@ Those credentials must be associated to a user or role with proper permissions t
  - `arn:aws:iam::aws:policy/SecurityAudit`
  - `arn:aws:iam::aws:policy/job-function/ViewOnlyAccess`

-  > Moreover, some read-only additional permissions are needed for several checks, make sure you attach also the custom policy [prowler-additions-policy.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-additions-policy.json) to the role you are using.
-
-  > If you want Prowler to send findings to [AWS Security Hub](https://aws.amazon.com/security-hub), make sure you also attach the custom policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json).
+???+ note
+    Moreover, some read-only additional permissions are needed for several checks, make sure you attach also the custom policy [prowler-additions-policy.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-additions-policy.json) to the role you are using. If you want Prowler to send findings to [AWS Security Hub](https://aws.amazon.com/security-hub), make sure you also attach the custom policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json).

 ### Multi-Factor Authentication

@@ -39,7 +38,7 @@ If your IAM entity enforces MFA you can use `--mfa` and Prowler will ask you to

 ## Azure

-Prowler for azure supports the following authentication types:
+Prowler for Azure supports the following authentication types:

 - Service principal authentication by environment variables (Enterprise Application)
 - Current az cli credentials stored
@@ -63,33 +62,61 @@ The other three cases does not need additional configuration, `--az-cli-auth` an

 ### Permissions

-To use each one you need to pass the proper flag to the execution. Prowler fro Azure handles two types of permission scopes, which are:
+To use each one you need to pass the proper flag to the execution. Prowler for Azure handles two types of permission scopes, which are:

- **Azure Active Directory permissions**: Used to retrieve metadata from the identity assumed by Prowler and future AAD checks (not mandatory to have access to execute the tool)
+- **Microsoft Entra ID permissions**: Used to retrieve metadata from the identity assumed by Prowler (not mandatory to have access to execute the tool).
 - **Subscription scope permissions**: Required to launch the checks against your resources, mandatory to launch the tool.


-#### Azure Active Directory scope
+#### Microsoft Entra ID scope

-Azure Active Directory (AAD) permissions required by the tool are the following:
+Microsoft Entra ID (AAD earlier) permissions required by the tool are the following:

 - `Directory.Read.All`
 - `Policy.Read.All`
+- `UserAuthenticationMethod.Read.All`

-The best way to assign it is through the azure web console:
+The best way to assign it is through the Azure web console:
+
+1. Access to Microsoft Entra ID
+2. In the left menu bar, go to "App registrations"
+3. Once there, in the menu bar click on "+ New registration" to register a new application
+4. Fill the "Name, select the "Supported account types" and click on "Register. You will be redirected to the applications page.
+  ![Register an Application page](../img/register-application.png)
+4. Select the new application
+5. In the left menu bar, select "API permissions"
+6. Then click on "+ Add a permission" and select "Microsoft Graph"
+7. Once in the "Microsoft Graph" view, select "Application permissions"
+8. Finally, search for "Directory", "Policy" and "UserAuthenticationMethod" select the following permissions:
+    - `Directory.Read.All`
+    - `Policy.Read.All`
+    - `UserAuthenticationMethod.Read.All`
+    ![EntraID Permissions](../img/AAD-permissions.png)

-![AAD Permissions](../img/AAD-permissions.png)

 #### Subscriptions scope

-Regarding the subscription scope, Prowler by default scans all the subscriptions that is able to list, so it is required to add the following RBAC builtin roles per subscription  to the entity that is going to be assumed by the tool:
+Regarding the subscription scope, Prowler by default scans all the subscriptions that is able to list, so it is required to add the following RBAC builtin roles per subscription to the entity that is going to be assumed by the tool:

 - `Security Reader`
 - `Reader`

+To assign this roles, follow the instructions:
+
+1. Access your subscription, then select your subscription.
+2. Select "Access control (IAM)".
+3. In the overview, select "Roles"
+  ![IAM Page](../img/page-IAM.png)
+4. Click on "+ Add" and select "Add role assignment"
+5. In the search bar, type `Security Reader`, select it and click on "Next"
+6. In the Members tab, click on "+ Select members" and add the members you want to assign this role.
+7. Click on "Review + assign" to apply the new role.
+
+*Repeat these steps for `Reader` role*
+
 ## Google Cloud

-### GCP Authentication
+### Authentication

 Prowler will follow the same credentials search as [Google authentication libraries](https://cloud.google.com/docs/authentication/application-default-credentials#search_order):

@@ -99,4 +126,5 @@ Prowler will follow the same credentials search as [Google authentication librar

 Those credentials must be associated to a user or service account with proper permissions to do all checks. To make sure, add the `Viewer` role to the member associated with the credentials.

-> By default, `prowler` will scan all accessible GCP Projects, use flag `--project-ids` to specify the projects to be scanned.
+???+ note
+    By default, `prowler` will scan all accessible GCP Projects, use flag `--project-ids` to specify the projects to be scanned.
--- a/docs/img/AAD-permissions.png
+++ b/docs/img/AAD-permissions.png
--- a/docs/img/page-IAM.png
+++ b/docs/img/page-IAM.png
--- a/docs/img/prowler-logo-black.png
+++ b/docs/img/prowler-logo-black.png
--- a/docs/img/prowler-logo-white.png
+++ b/docs/img/prowler-logo-white.png
--- a/docs/img/register-application.png
+++ b/docs/img/register-application.png
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,38 +1,13 @@
-<p href="https://github.com/prowler-cloud/prowler">
-<img align="right" src="./img/prowler-logo.png" height="100">
-</p>
-<br>
+**Prowler** is an Open Source security tool to perform AWS, Azure and Google Cloud security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. We have Prowler CLI (Command Line Interface) that we call Prowler Open Source and a service on top of it that we call <a href="https://prowler.com">Prowler SaaS</a>.

-# Prowler Documentation
-
-**Welcome to [Prowler Open Source v3](https://github.com/prowler-cloud/prowler/) Documentation!** 📄
-
-For **Prowler v2 Documentation**, please go [here](https://github.com/prowler-cloud/prowler/tree/2.12.0) to the branch and its README.md.
-
- You are currently in the **Getting Started** section where you can find general information and requirements to help you start with the tool.
- In the [Tutorials](./tutorials/misc.md) section you will see how to take advantage of all the features in Prowler.
- In the [Contact Us](./contact.md) section you can find how to reach us out in case of technical issues.
- In the [About](./about.md) section you will find more information about the Prowler team and license.
-
-## About Prowler
-
-**Prowler** is an Open Source security tool to perform AWS, Azure and Google Cloud security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness.
-
-It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
-
-[![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/prowlercloud.svg?style=social&label=Follow%20%40prowlercloud)](https://twitter.com/prowlercloud)
-
-## About ProwlerPro
-
-<a href="https://prowler.pro"><img align="right" src="./img/prowler-pro-light.png" width="350"></a> **ProwlerPro** gives you the benefits of Prowler Open Source plus continuous monitoring, faster execution, personalized support, visualization of your data with dashboards, alerts and much more.
-Visit <a href="https://prowler.pro">prowler.pro</a> for more info.
+![Prowler Execution](img/short-display.png)

+Prowler offers hundreds of controls covering more than 25 standards and compliance frameworks like CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

 ## Quick Start
 ### Installation

-Prowler is available as a project in [PyPI](https://pypi.org/project/prowler-cloud/), thus can be installed using pip with `Python >= 3.9`:
-
+Prowler is available as a project in [PyPI](https://pypi.org/project/prowler/), thus can be installed using pip with `Python >= 3.9`:

 === "Generic"

@@ -149,7 +124,8 @@ Prowler is available as a project in [PyPI](https://pypi.org/project/prowler-clo
    prowler -v
    ```

-    > To download the results from AWS CloudShell, select Actions -> Download File and add the full path of each file. For the CSV file it will be something like `/home/cloudshell-user/output/prowler-output-123456789012-20221220191331.csv`
+    ???+ note
+        To download the results from AWS CloudShell, select Actions -> Download File and add the full path of each file. For the CSV file it will be something like `/home/cloudshell-user/output/prowler-output-123456789012-20221220191331.csv`

 === "Azure CloudShell"

@@ -184,14 +160,18 @@ You can run Prowler from your workstation, an EC2 instance, Fargate or any other
 ![Architecture](img/architecture.png)
 ## Basic Usage

-To run Prowler, you will need to specify the provider (e.g aws, gcp or azure):
-> If no provider specified, AWS will be used for backward compatibility with most of v2 options.
+To run Prowler, you will need to specify the provider (e.g `aws`, `gcp` or `azure`):
+
+???+ note
+    If no provider specified, AWS will be used for backward compatibility with most of v2 options.

 ```console
 prowler <provider>
 ```
 ![Prowler Execution](img/short-display.png)
-> Running the `prowler` command without options will use your environment variable credentials, see [Requirements](./getting-started/requirements.md) section to review the credentials settings.
+
+???+ note
+    Running the `prowler` command without options will use your environment variable credentials, see [Requirements](./getting-started/requirements.md) section to review the credentials settings.

 If you miss the former output you can use `--verbose` but Prowler v3 is smoking fast, so you won't see much ;)

@@ -242,7 +222,9 @@ Use a custom AWS profile with `-p`/`--profile` and/or AWS regions which you want
 ```console
 prowler aws --profile custom-profile -f us-east-1 eu-south-2
 ```
-> By default, `prowler` will scan all AWS regions.
+
+???+ note
+    By default, `prowler` will scan all AWS regions.

 See more details about AWS Authentication in [Requirements](getting-started/requirements.md)

@@ -292,3 +274,6 @@ prowler gcp --project-ids <Project ID 1> <Project ID 2> ... <Project ID N>
 ```

 See more details about GCP Authentication in [Requirements](getting-started/requirements.md)
+
+## Prowler v2 Documentation
+For **Prowler v2 Documentation**, please check it out [here](https://github.com/prowler-cloud/prowler/blob/8818f47333a0c1c1a457453c87af0ea5b89a385f/README.md).
--- a/docs/security.md
+++ b/docs/security.md
@@ -13,9 +13,9 @@ As an **AWS Partner** and we have passed the [AWS Foundation Technical Review (F

 ## Reporting Vulnerabilities

-If you would like to report a vulnerability or have a security concern regarding Prowler Open Source or ProwlerPro service, please submit the information by contacting to help@prowler.pro.
+If you would like to report a vulnerability or have a security concern regarding Prowler Open Source or Prowler SaaS service, please submit the information by contacting to us via [**support.prowler.com**](http://support.prowler.com).

-The information you share with Verica as part of this process is kept confidential within Verica and the Prowler team. We will only share this information with a third party if the vulnerability you report is found to affect a third-party product, in which case we will share this information with the third-party product's author or manufacturer. Otherwise, we will only share this information as permitted by you.
+The information you share with the Prowler team as part of this process is kept confidential within Prowler. We will only share this information with a third party if the vulnerability you report is found to affect a third-party product, in which case we will share this information with the third-party product's author or manufacturer. Otherwise, we will only share this information as permitted by you.

 We will review the submitted report, and assign it a tracking number. We will then respond to you, acknowledging receipt of the report, and outline the next steps in the process.

--- a/docs/tutorials/allowlist.md
+++ b/docs/tutorials/allowlist.md
@@ -113,7 +113,8 @@ You will need to pass the S3 URI where your Allowlist YAML file was uploaded to
 ```
 prowler aws -w s3://<bucket>/<prefix>/allowlist.yaml
 ```
-> Make sure that the used AWS credentials have s3:GetObject permissions in the S3 path where the allowlist file is located.
+???+ note
+    Make sure that the used AWS credentials have s3:GetObject permissions in the S3 path where the allowlist file is located.

 ### AWS DynamoDB Table ARN

@@ -138,7 +139,8 @@ The following example will allowlist all resources in all accounts for the EC2 c

 <img src="../img/allowlist-row.png"/>

-> Make sure that the used AWS credentials have `dynamodb:PartiQLSelect` permissions in the table.
+???+ note
+    Make sure that the used AWS credentials have `dynamodb:PartiQLSelect` permissions in the table.

 ### AWS Lambda ARN

--- a/docs/tutorials/aws/authentication.md
+++ b/docs/tutorials/aws/authentication.md
@@ -19,9 +19,8 @@ Those credentials must be associated to a user or role with proper permissions t
  - `arn:aws:iam::aws:policy/SecurityAudit`
  - `arn:aws:iam::aws:policy/job-function/ViewOnlyAccess`

-  > Moreover, some read-only additional permissions are needed for several checks, make sure you attach also the custom policy [prowler-additions-policy.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-additions-policy.json) to the role you are using.
-
-  > If you want Prowler to send findings to [AWS Security Hub](https://aws.amazon.com/security-hub), make sure you also attach the custom policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json).
+???+ note
+    Moreover, some read-only additional permissions are needed for several checks, make sure you attach also the custom policy [prowler-additions-policy.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-additions-policy.json) to the role you are using. If you want Prowler to send findings to [AWS Security Hub](https://aws.amazon.com/security-hub), make sure you also attach the custom policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json).


 ## Profiles
--- a/docs/tutorials/aws/img/enable-2.png
+++ b/docs/tutorials/aws/img/enable-2.png
--- a/docs/tutorials/aws/img/enable-partner-integration-2.png
+++ b/docs/tutorials/aws/img/enable-partner-integration-2.png
--- a/docs/tutorials/aws/img/enable-partner-integration-3.png
+++ b/docs/tutorials/aws/img/enable-partner-integration-3.png
--- a/docs/tutorials/aws/img/enable-partner-integration-4.png
+++ b/docs/tutorials/aws/img/enable-partner-integration-4.png
--- a/docs/tutorials/aws/img/enable-partner-integration.png
+++ b/docs/tutorials/aws/img/enable-partner-integration.png
--- a/docs/tutorials/aws/img/enable.png
+++ b/docs/tutorials/aws/img/enable.png
--- a/docs/tutorials/aws/img/finding-details.png
+++ b/docs/tutorials/aws/img/finding-details.png
--- a/docs/tutorials/aws/img/findings.png
+++ b/docs/tutorials/aws/img/findings.png
--- a/docs/tutorials/aws/organizations.md
+++ b/docs/tutorials/aws/organizations.md
@@ -1,21 +1,28 @@
 # AWS Organizations
+
 ## Get AWS Account details from your AWS Organization

-Prowler allows you to get additional information of the scanned account in CSV and JSON outputs. When scanning a single account you get the Account ID as part of the output.
+Prowler allows you to get additional information of the scanned account from AWS Organizations.

-If you have AWS Organizations Prowler can get your account details like Account Name, Email, ARN, Organization ID and Tags and you will have them next to every finding in the CSV and JSON outputs.
+If you have AWS Organizations enabled, Prowler can get your account details like account name, email, ARN, organization id and tags and you will have them next to every finding's output.

-In order to do that you can use the option `-O`/`--organizations-role <organizations_role_arn>`. See the following sample command:
+In order to do that you can use the argument `-O`/`--organizations-role <organizations_role_arn>`. If this argument is not present Prowler will try to fetch that information automatically if the AWS account is a delegated administrator for the AWS Organization.
+
+???+ note
+    Refer [here](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_delegate_policies.html) for more information about AWS Organizations delegated administrator.
+
+See the following sample command:

 ```shell
 prowler aws \
  -O arn:aws:iam::<management_organizations_account_id>:role/<role_name>
 ```
-> Make sure the role in your AWS Organizations management account has the permissions `organizations:ListAccounts*` and `organizations:ListTagsForResource`.
+???+ note
+    Make sure the role in your AWS Organizations management account has the permissions `organizations:DescribeAccount` and `organizations:ListTagsForResource`.

-In that command Prowler will scan the account and getting the account details from the AWS Organizations management account assuming a role and creating two reports with those details in JSON and CSV.
+Prowler will scan the AWS account and get the account details from AWS Organizations.

-In the JSON output below (redacted) you can see tags coded in base64 to prevent breaking CSV or JSON due to its format:
+In the JSON output below you can see tags coded in base64 to prevent breaking CSV or JSON due to its format:

 ```json
  "Account Email": "my-prod-account@domain.com",
@@ -25,13 +32,15 @@ In the JSON output below (redacted) you can see tags coded in base64 to prevent
  "Account tags": "\"eyJUYWdzIjpasf0=\""
 ```

-The additional fields in CSV header output are as follow:
+The additional fields in CSV header output are as follows:

-```csv
-ACCOUNT_DETAILS_EMAIL,ACCOUNT_DETAILS_NAME,ACCOUNT_DETAILS_ARN,ACCOUNT_DETAILS_ORG,ACCOUNT_DETAILS_TAGS
-```
+- ACCOUNT_DETAILS_EMAIL
+- ACCOUNT_DETAILS_NAME
+- ACCOUNT_DETAILS_ARN
+- ACCOUNT_DETAILS_ORG
+- ACCOUNT_DETAILS_TAGS

-## Extra: run Prowler across all accounts in AWS Organizations by assuming roles
+## Extra: Run Prowler across all accounts in AWS Organizations by assuming roles

 If you want to run Prowler across all accounts of AWS Organizations you can do this:

@@ -55,4 +64,6 @@ If you want to run Prowler across all accounts of AWS Organizations you can do t
    done
    ```

-> Using the same for loop it can be scanned a list of accounts with a variable like `ACCOUNTS_LIST='11111111111 2222222222 333333333'`
+???+ note
+    Using the same for loop it can be scanned a list of accounts with a variable like:
+    </br>`ACCOUNTS_LIST='11111111111 2222222222 333333333'`
--- a/docs/tutorials/aws/regions-and-partitions.md
+++ b/docs/tutorials/aws/regions-and-partitions.md
@@ -6,10 +6,13 @@ By default Prowler is able to scan the following AWS partitions:
 - China: `aws-cn`
 - GovCloud (US): `aws-us-gov`

-> To check the available regions for each partition and service please refer to the following document [aws_regions_by_service.json](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/aws/aws_regions_by_service.json)
+???+ note
+    To check the available regions for each partition and service please refer to the following document [aws_regions_by_service.json](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/aws/aws_regions_by_service.json)

 It is important to take into consideration that to scan the China (`aws-cn`) or GovCloud (`aws-us-gov`) partitions it is either required to have a valid region for that partition in your AWS credentials or to specify the regions you want to audit for that partition using the `-f/--region` flag.
-> Please, refer to https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials for more information about the AWS credentials configuration.
+
+???+ note
+    Please, refer to https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials for more information about the AWS credentials configuration.

 Prowler can scan specific region(s) with:
 ```console
@@ -34,7 +37,8 @@ aws_access_key_id = XXXXXXXXXXXXXXXXXXX
 aws_secret_access_key = XXXXXXXXXXXXXXXXXXX
 region = cn-north-1
 ```
-> With this option all the partition regions will be scanned without the need of use the `-f/--region` flag
+???+ note
+    With this option all the partition regions will be scanned without the need of use the `-f/--region` flag


 ## AWS GovCloud (US)
@@ -52,7 +56,8 @@ aws_access_key_id = XXXXXXXXXXXXXXXXXXX
 aws_secret_access_key = XXXXXXXXXXXXXXXXXXX
 region = us-gov-east-1
 ```
-> With this option all the partition regions will be scanned without the need of use the `-f/--region` flag
+???+ note
+    With this option all the partition regions will be scanned without the need of use the `-f/--region` flag


 ## AWS ISO (US & Europe)
--- a/docs/tutorials/aws/role-assumption.md
+++ b/docs/tutorials/aws/role-assumption.md
@@ -30,15 +30,15 @@ Prowler can use your custom Role Session name with:
 prowler aws --role-session-name <role_session_name>
 ```

-> It defaults to `ProwlerAssessmentSession`
+???+ note
+    It defaults to `ProwlerAssessmentSession`.

 ## STS Endpoint Region

 If you are using Prowler in AWS regions that are not enabled by default you need to use the argument `--sts-endpoint-region` to point the AWS STS API calls `assume-role` and `get-caller-identity` to the non-default region, e.g.: `prowler aws --sts-endpoint-region eu-south-2`.

-> Since v3.11.0, Prowler uses a regional token in STS sessions so it can scan all AWS regions without needing the `--sts-endpoint-region` argument.
-
-> Make sure that you have enabled the AWS Region you want to scan in BOTH AWS Accounts (assumed role account and account from which you assume the role).
+???+ note
+    Since v3.11.0, Prowler uses a regional token in STS sessions so it can scan all AWS regions without needing the `--sts-endpoint-region` argument. Make sure that you have enabled the AWS Region you want to scan in **BOTH** AWS Accounts (assumed role account and account from which you assume the role).

 ## Role MFA

@@ -51,6 +51,7 @@ If your IAM Role has MFA configured you can use `--mfa` along with  `-R`/`--role

 To create a role to be assumed in one or multiple accounts you can use either as CloudFormation Stack or StackSet the following [template](https://github.com/prowler-cloud/prowler/blob/master/permissions/create_role_to_assume_cfn.yaml) and adapt it.

-> _NOTE 1 about Session Duration_: Depending on the amount of checks you run and the size of your infrastructure, Prowler may require more than 1 hour to finish. Use option `-T <seconds>` to allow up to 12h (43200 seconds). To allow more than 1h you need to modify _"Maximum CLI/API session duration"_ for that particular role, read more [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session).
+???+ note "About Session Duration"
+    Depending on the amount of checks you run and the size of your infrastructure, Prowler may require more than 1 hour to finish. Use option `-T <seconds>` to allow up to 12h (43200 seconds). To allow more than 1h you need to modify _"Maximum CLI/API session duration"_ for that particular role, read more [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session).

-> _NOTE 2 about Session Duration_: Bear in mind that if you are using roles assumed by role chaining there is a hard limit of 1 hour so consider not using role chaining if possible, read more about that, in foot note 1 below the table [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html).
+    Bear in mind that if you are using roles assumed by role chaining there is a hard limit of 1 hour so consider not using role chaining if possible, read more about that, in foot note 1 below the table [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html).
--- a/docs/tutorials/aws/s3.md
+++ b/docs/tutorials/aws/s3.md
@@ -21,6 +21,5 @@ By default Prowler sends HTML, JSON and CSV output formats, if you want to send
 prowler <provider> -M csv -B my-bucket
 ```

-> In the case you do not want to use the assumed role credentials but the initial credentials to put the reports into the S3 bucket, use `-D`/`--output-bucket-no-assume` instead of `-B`/`--output-bucket`.
-
-> Make sure that the used credentials have `s3:PutObject` permissions in the S3 path where the reports are going to be uploaded.
+???+ note
+        In the case you do not want to use the assumed role credentials but the initial credentials to put the reports into the S3 bucket, use `-D`/`--output-bucket-no-assume` instead of `-B`/`--output-bucket`. Make sure that the used credentials have `s3:PutObject` permissions in the S3 path where the reports are going to be uploaded.
--- a/docs/tutorials/aws/securityhub.md
+++ b/docs/tutorials/aws/securityhub.md
@@ -1,61 +1,137 @@
 # AWS Security Hub Integration

-Prowler supports natively and as **official integration** sending findings to [AWS Security Hub](https://aws.amazon.com/security-hub). This integration allows Prowler to import its findings to AWS Security Hub.
+Prowler supports natively and as **official integration** sending findings to [AWS Security Hub](https://aws.amazon.com/security-hub). This integration allows **Prowler** to import its findings to AWS Security Hub.

-With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions and from Prowler for free.

-Before sending findings to Prowler, you will need to perform next steps:
+Before sending findings, you will need to enable AWS Security Hub and the **Prowler** integration.

-1. Since Security Hub is a region based service, enable it in the region or regions you require. Use the AWS Management Console or using the AWS CLI with this command if you have enough permissions:
-    - `aws securityhub enable-security-hub --region <region>`.
-2. Enable Prowler as partner integration integration. Use the AWS Management Console or using the AWS CLI with this command if you have enough permissions:
-    - `aws securityhub enable-import-findings-for-product --region <region> --product-arn arn:aws:securityhub:<region>::product/prowler/prowler` (change region also inside the ARN).
-    - Using the AWS Management Console:
-     ![Screenshot 2020-10-29 at 10 26 02 PM](https://user-images.githubusercontent.com/3985464/97634660-5ade3400-1a36-11eb-9a92-4a45cc98c158.png)
-3. Allow Prowler to import its findings to AWS Security Hub by adding the policy below to the role or user running Prowler:
-    - [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json)
+## Enable AWS Security Hub

+To enable the integration you have to perform the following steps, in _at least_ one AWS region of a given AWS account, to enable **AWS Security Hub** and **Prowler** as a partner integration.
+
+Since **AWS Security Hub** is a region based service, you will need to enable it in the region or regions you require. You can configure it using the AWS Management Console or the AWS CLI.
+
+???+ note
+    Take into account that enabling this integration will incur in costs in AWS Security Hub, please refer to its pricing [here](https://aws.amazon.com/security-hub/pricing/) for more information.
+
+### Using the AWS Management Console
+
+#### Enable AWS Security Hub
+
+If you have currently AWS Security Hub enabled you can skip to the [next section](#enable-prowler-integration).
+
+1. Open the **AWS Security Hub** console at https://console.aws.amazon.com/securityhub/.
+
+2. When you open the Security Hub console for the first time make sure that you are in the region you want to enable, then choose **Go to Security Hub**.
+![](./img/enable.png)
+
+3. On the next page, the Security standards section lists the security standards that Security Hub supports. Select the check box for a standard to enable it, and clear the check box to disable it.
+
+4. Choose **Enable Security Hub**.
+![](./img/enable-2.png)
+
+#### Enable Prowler Integration
+
+If you have currently the Prowler integration enabled in AWS Security Hub you can skip to the [next section](#send-findings) and start sending findings.
+
+Once **AWS Security Hub** is enabled you will need to enable **Prowler** as partner integration to allow **Prowler** to send findings to your **AWS Security Hub**.
+
+1. Open the **AWS Security Hub** console at https://console.aws.amazon.com/securityhub/.
+
+2. Select the **Integrations** tab in the right-side menu bar.
+![](./img/enable-partner-integration.png)
+
+3. Search for _Prowler_ in the text search box and the **Prowler** integration will appear.
+
+4. Once there, click on **Accept Findings** to allow **AWS Security Hub** to receive findings from **Prowler**.
+![](./img/enable-partner-integration-2.png)
+
+5. A new modal will appear to confirm that you are enabling the **Prowler** integration.
+![](./img/enable-partner-integration-3.png)
+
+6. Right after click on **Accept Findings**, you will see that the integration is enabled in **AWS Security Hub**.
+![](./img/enable-partner-integration-4.png)
+
+### Using the AWS CLI
+
+To enable **AWS Security Hub** and the **Prowler** integration you have to run the following commands using the AWS CLI:
+
+```shell
+aws securityhub enable-security-hub --region <region>
+```
+???+ note
+    For this command to work you will need the `securityhub:EnableSecurityHub` permission. You will need to set the AWS region where you want to enable AWS Security Hub.
+
+Once **AWS Security Hub** is enabled you will need to enable **Prowler** as partner integration to allow **Prowler** to send findings to your AWS Security Hub. You have to run the following commands using the AWS CLI:
+
+```shell
+aws securityhub enable-import-findings-for-product --region eu-west-1 --product-arn arn:aws:securityhub:<region>::product/prowler/prowler
+```
+???+ note
+    You will need to set the AWS region where you want to enable the integration and also the AWS region also within the ARN. For this command to work you will need the `securityhub:securityhub:EnableImportFindingsForProduct` permission.
+
+
+## Send Findings
 Once it is enabled, it is as simple as running the command below (for all regions):

 ```sh
-prowler aws -S
+prowler aws --security-hub
 ```

 or for only one filtered region like eu-west-1:

 ```sh
-prowler -S -f eu-west-1
+prowler --security-hub --region eu-west-1
 ```

-> **Note 1**: It is recommended to send only fails to Security Hub and that is possible adding `-q` to the command.
+???+ note
+    It is recommended to send only fails to Security Hub and that is possible adding `-q/--quiet` to the command. You can use, instead of the `-q/--quiet` argument, the `--send-sh-only-fails` argument to save all the findings in the Prowler outputs but just to send FAIL findings to AWS Security Hub.

-> **Note 2**: Since Prowler perform checks to all regions by default you may need to filter by region when running Security Hub integration, as shown in the example above. Remember to enable Security Hub in the region or regions you need by calling `aws securityhub enable-security-hub --region <region>` and run Prowler with the option `-f <region>` (if no region is used it will try to push findings in all regions hubs). Prowler will send findings to the Security Hub on the region where the scanned resource is located.
+    Since Prowler perform checks to all regions by default you may need to filter by region when running Security Hub integration, as shown in the example above. Remember to enable Security Hub in the region or regions you need by calling `aws securityhub enable-security-hub --region <region>` and run Prowler with the option `-f/--region <region>` (if no region is used it will try to push findings in all regions hubs). Prowler will send findings to the Security Hub on the region where the scanned resource is located.

-> **Note 3**: To have updated findings in Security Hub you have to run Prowler periodically. Once a day or every certain amount of hours.
+    To have updated findings in Security Hub you have to run Prowler periodically. Once a day or every certain amount of hours.

-Once you run findings for first time you will be able to see Prowler findings in Findings section:
+### See you Prowler findings in AWS Security Hub

-![Screenshot 2020-10-29 at 10 29 05 PM](https://user-images.githubusercontent.com/3985464/97634676-66c9f600-1a36-11eb-9341-70feb06f6331.png)
+Once configured the **AWS Security Hub** in your next scan you will receive the **Prowler** findings in the AWS regions configured. To review those findings in **AWS Security Hub**:
+
+1. Open the **AWS Security Hub** console at https://console.aws.amazon.com/securityhub/.
+
+2. Select the **Findings** tab in the right-side menu bar.
+![](./img/findings.png)
+
+3. Use the search box filters and use the **Product Name** filter with the value _Prowler_ to see the findings sent from **Prowler**.
+
+4. Then, you can click on the check **Title** to see the details and the history of a finding.
+![](./img/finding-details.png)
+
+As you can see in the related requirements section, in the detailed view of the findings, **Prowler** also sends compliance information related to every finding.

 ## Send findings to Security Hub assuming an IAM Role

 When you are auditing a multi-account AWS environment, you can send findings to a Security Hub of another account by assuming an IAM role from that account using the `-R` flag in the Prowler command:

 ```sh
-prowler -S -R arn:aws:iam::123456789012:role/ProwlerExecRole
+prowler --security-hub --role arn:aws:iam::123456789012:role/ProwlerExecutionRole
 ```

-> Remember that the used role needs to have permissions to send findings to Security Hub. To get more information about the permissions required, please refer to the following IAM policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json)
+???+ note
+    Remember that the used role needs to have permissions to send findings to Security Hub. To get more information about the permissions required, please refer to the following IAM policy [prowler-security-hub.json](https://github.com/prowler-cloud/prowler/blob/master/permissions/prowler-security-hub.json)


 ## Send only failed findings to Security Hub

-When using Security Hub it is recommended to send only the failed findings generated. To follow that recommendation you could add the `-q` flag to the Prowler command:
+When using the **AWS Security Hub** integration you can send only the `FAIL` findings generated by **Prowler**. Therefore, the **AWS Security Hub** usage costs eventually would be lower. To follow that recommendation you could add the `-q/--quiet` flag to the Prowler command:

 ```sh
-prowler -S -q
+prowler --security-hub --quiet
 ```

+You can use, instead of the `-q/--quiet` argument, the `--send-sh-only-fails` argument to save all the findings in the Prowler outputs but just to send FAIL findings to AWS Security Hub:
+
+```sh
+prowler --security-hub --send-sh-only-fails
+```

 ## Skip sending updates of findings to Security Hub

@@ -63,5 +139,5 @@ By default, Prowler archives all its findings in Security Hub that have not appe
 You can skip this logic by using the option `--skip-sh-update` so Prowler will not archive older findings:

 ```sh
-prowler -S --skip-sh-update
+prowler --security-hub --skip-sh-update
 ```
--- a/docs/tutorials/check-aliases.md
+++ b/docs/tutorials/check-aliases.md
@@ -1,19 +1,19 @@
 # Check Aliases

 Prowler allows you to use aliases for the checks. You only have to add the `CheckAliases` key to the check's metadata with a list of the aliases:
-
-    "Provider": "<provider>",
-    "CheckID": "<check_id>",
-    "CheckTitle": "<check_title>",
-    "CheckAliases": [
-      "<check_alias_1>"
-      "<check_alias_2>",
-      ...
-    ],
-    ...
-
+```json title="check.metadata.json"
+"Provider": "<provider>",
+"CheckID": "<check_id>",
+"CheckTitle": "<check_title>",
+"CheckAliases": [
+  "<check_alias_1>"
+  "<check_alias_2>",
+  ...
+],
+...
+```
 Then, you can execute the check either with its check ID or with one of the previous aliases:
-```console
+```shell
 prowler <provider> -c/--checks <check_alias_1>

 Using alias <check_alias_1> for check <check_id>...
--- a/docs/tutorials/compliance.md
+++ b/docs/tutorials/compliance.md
@@ -8,29 +8,38 @@ prowler <provider> --list-compliance
 ```
 Currently, the available frameworks are:

- `cis_1.4_aws`
- `cis_1.5_aws`
- `ens_rd2022_aws`
+- `aws_account_security_onboarding_aws`
 - `aws_audit_manager_control_tower_guardrails_aws`
 - `aws_foundational_security_best_practices_aws`
+- `aws_well_architected_framework_reliability_pillar_aws`
 - `aws_well_architected_framework_security_pillar_aws`
+- `cis_1.4_aws`
+- `cis_1.5_aws`
+- `cis_2.0_aws`
+- `cis_2.0_gcp`
+- `cis_2.0_azure`
+- `cis_2.1_azure`
+- `cis_3.0_aws`
 - `cisa_aws`
+- `ens_rd2022_aws`
 - `fedramp_low_revision_4_aws`
 - `fedramp_moderate_revision_4_aws`
 - `ffiec_aws`
+- `aws_foundational_technical_review_aws`
 - `gdpr_aws`
- `gxp_eu_annex_11_aws`
 - `gxp_21_cfr_part_11_aws`
+- `gxp_eu_annex_11_aws`
 - `hipaa_aws`
+- `iso27001_2013_aws`
+- `mitre_attack_aws`
+- `nist_800_171_revision_2_aws`
 - `nist_800_53_revision_4_aws`
 - `nist_800_53_revision_5_aws`
- `nist_800_171_revision_2_aws`
 - `nist_csf_1.1_aws`
 - `pci_3.2.1_aws`
 - `rbi_cyber_security_framework_aws`
 - `soc2_aws`

-
 ## List Requirements of Compliance Frameworks
 For each compliance framework, you can use option `--list-compliance-requirements` to list its requirements:
 ```sh
--- a/docs/tutorials/configuration_file.md
+++ b/docs/tutorials/configuration_file.md
@@ -37,13 +37,24 @@ The following list includes all the AWS checks with configurable variables that
 ## Azure

 ### Configurable Checks
+The following list includes all the Azure checks with configurable variables that can be changed in the configuration yaml file:
+
+| Check Name                                                    | Value                                            | Type            |
+|---------------------------------------------------------------|--------------------------------------------------|-----------------|
+| `network_public_ip_shodan`                                   | `shodan_api_key`                    | String         |
+| `app_ensure_php_version_is_latest`                            | `php_latest_version`                             | String          |
+| `app_ensure_python_version_is_latest`                         | `python_latest_version`                          | String          |
+| `app_ensure_java_version_is_latest`                           | `java_latest_version`                            | String          |
+

 ## GCP

 ### Configurable Checks

 ## Config YAML File Structure
-> This is the new Prowler configuration file format. The old one without provider keys is still compatible just for the AWS provider.
+
+???+ note
+    This is the new Prowler configuration file format. The old one without provider keys is still compatible just for the AWS provider.

 ```yaml title="config.yaml"
 # AWS Configuration
@@ -126,8 +137,22 @@ aws:

 # Azure Configuration
 azure:
+  # Azure Network Configuration
+  # azure.network_public_ip_shodan
+  shodan_api_key: null
+
+  # Azure App Configuration
+  # azure.app_ensure_php_version_is_latest
+  php_latest_version: "8.2"
+  # azure.app_ensure_python_version_is_latest
+  python_latest_version: "3.12"
+  # azure.app_ensure_java_version_is_latest
+  java_latest_version: "17"

 # GCP Configuration
 gcp:
+  # GCP Compute Configuration
+  # gcp.compute_public_address_shodan
+  shodan_api_key: null

 ```
--- a/docs/tutorials/gcp/authentication.md
+++ b/docs/tutorials/gcp/authentication.md
@@ -13,7 +13,8 @@ Otherwise, you can generate and download Service Account keys in JSON format (re
 prowler gcp --credentials-file path
 ```

-> `prowler` will scan the GCP project associated with the credentials.
+???+ note
+    `prowler` will scan the GCP project associated with the credentials.


 Prowler will follow the same credentials search as [Google authentication libraries](https://cloud.google.com/docs/authentication/application-default-credentials#search_order):
--- a/docs/tutorials/ignore-unused-services.md
+++ b/docs/tutorials/ignore-unused-services.md
@@ -1,6 +1,7 @@
 # Ignore Unused Services

-> Currently only available on the AWS provider.
+???+ note
+    Currently only available on the AWS provider.

 Prowler allows you to ignore unused services findings, so you can reduce the number of findings in Prowler's reports.

@@ -47,7 +48,7 @@ It is a best practice to encrypt both metadata and connection passwords in AWS G
 #### Inspector
 Amazon Inspector is a vulnerability discovery service that automates continuous scanning for security vulnerabilities within your Amazon EC2, Amazon ECR, and AWS Lambda environments. Prowler recommends to enable it and resolve all the Inspector's findings. Ignoring the unused services, Prowler will only notify you if there are any Lambda functions, EC2 instances or ECR repositories in the region where Amazon inspector should be enabled.

-  - `inspector2_findings_exist`
+  - `inspector2_is_enabled`

 #### Macie
 Amazon Macie is a security service that uses machine learning to automatically discover, classify and protect sensitive data in S3 buckets. Prowler will only create a finding when Macie is not enabled if there are S3 buckets in your account.
--- a/docs/tutorials/integrations.md
+++ b/docs/tutorials/integrations.md
@@ -10,7 +10,9 @@ prowler <provider> --slack

 ![Prowler Slack Message](img/slack-prowler-message.png)

-> Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_ID environment variables.
+???+ note
+    Slack integration needs SLACK_API_TOKEN and SLACK_CHANNEL_ID environment variables.
+
 ### Configuration

 To configure the Slack Integration, follow the next steps:
--- a/docs/tutorials/logging.md
+++ b/docs/tutorials/logging.md
@@ -18,7 +18,8 @@ You can establish the log level of Prowler with `--log-level` option:
 prowler <provider> --log-level {DEBUG,INFO,WARNING,ERROR,CRITICAL}
 ```

-> By default, Prowler will run with the `CRITICAL` log level, since critical errors will abort the execution.
+???+ note
+    By default, Prowler will run with the `CRITICAL` log level, since critical errors will abort the execution.

 ## Export Logs to File

@@ -45,4 +46,5 @@ An example of a log file will be the following:
        "message": "eu-west-2 -- ClientError[124]: An error occurred (UnauthorizedOperation) when calling the DescribeNetworkAcls operation: You are not authorized to perform this operation."
    }

-> NOTE: Each finding is represented as a `json` object.
+???+ note
+    Each finding is represented as a `json` object.
--- a/docs/tutorials/misc.md
+++ b/docs/tutorials/misc.md
@@ -61,21 +61,26 @@ Prowler allows you to include your custom checks with the flag:
 ```console
 prowler <provider> -x/--checks-folder <custom_checks_folder>
 ```
-> S3 URIs are also supported as folders for custom checks, e.g. s3://bucket/prefix/checks_folder/. Make sure that the used credentials have s3:GetObject permissions in the S3 path where the custom checks are located.
+
+???+ note
+    S3 URIs are also supported as folders for custom checks, e.g. `s3://bucket/prefix/checks_folder/`. Make sure that the used credentials have `s3:GetObject` permissions in the S3 path where the custom checks are located.

 The custom checks folder must contain one subfolder per check, each subfolder must be named as the check and must contain:

 - An empty `__init__.py`: to make Python treat this check folder as a package.
 - A `check_name.py` containing the check's logic.
 - A `check_name.metadata.json` containing the check's metadata.
->The check name must start with the service name followed by an underscore (e.g., ec2_instance_public_ip).
+
+???+ note
+    The check name must start with the service name followed by an underscore (e.g., ec2_instance_public_ip).

 To see more information about how to write checks see the [Developer Guide](../developer-guide/checks.md#create-a-new-check-for-a-provider).

-> If you want to run ONLY your custom check(s), import it with -x (--checks-folder) and then run it with -c (--checks), e.g.:
-```console
-prowler aws -x s3://bucket/prowler/providers/aws/services/s3/s3_bucket_policy/ -c s3_bucket_policy
-```
+???+ note
+    If you want to run ONLY your custom check(s), import it with -x (--checks-folder) and then run it with -c (--checks), e.g.:
+    ```console
+    prowler aws -x s3://bucket/prowler/providers/aws/services/s3/s3_bucket_policy/ -c s3_bucket_policy
+    ```

 ## Severities
 Each of Prowler's checks has a severity, which can be:
--- a/docs/tutorials/parallel-execution.md
+++ b/docs/tutorials/parallel-execution.md
@@ -10,7 +10,8 @@ This can help for really large accounts, but please be aware of AWS API rate lim

 For information on Prowler's retrier configuration please refer to this [page](https://docs.prowler.cloud/en/latest/tutorials/aws/boto3-configuration/).

-> Note: You might need to increase the `--aws-retries-max-attempts` parameter from the default value of 3. The retrier follows an exponential backoff strategy.
+???+ note
+    You might need to increase the `--aws-retries-max-attempts` parameter from the default value of 3. The retrier follows an exponential backoff strategy.

 ## Linux

--- a/docs/tutorials/pentesting.md
+++ b/docs/tutorials/pentesting.md
@@ -50,6 +50,7 @@ Several checks analyse resources that are exposed to the Internet, these are:
 - sagemaker_notebook_instance_without_direct_internet_access_configured
 - sns_topics_not_publicly_accessible
 - sqs_queues_not_publicly_accessible
+- network_public_ip_shodan

 ...

@@ -61,8 +62,17 @@ prowler <provider> --categories internet-exposed

 ### Shodan

-Prowler allows you check if any elastic ip in your AWS Account is exposed in Shodan with `-N`/`--shodan <shodan_api_key>` option:
+Prowler allows you check if any public IPs in your Cloud environments are exposed in Shodan with `-N`/`--shodan <shodan_api_key>` option:

+For example, you can check if any of your AWS EC2 instances has an elastic IP exposed in shodan:
 ```console
-prowler aws --shodan <shodan_api_key> -c ec2_elastic_ip_shodan
+prowler aws -N/--shodan <shodan_api_key> -c ec2_elastic_ip_shodan
+```
+Also, you can check if any of your Azure Subscription has an public IP exposed in shodan:
+```console
+prowler azure -N/--shodan <shodan_api_key> -c network_public_ip_shodan
+```
+And finally, you can check if any of your GCP projects has an public IP address exposed in shodan:
+```console
+prowler gcp -N/--shodan <shodan_api_key> -c compute_public_address_shodan
 ```
--- a/docs/tutorials/quick-inventory.md
+++ b/docs/tutorials/quick-inventory.md
@@ -1,14 +1,18 @@
 # Quick Inventory

 Prowler allows you to execute a quick inventory to extract the number of resources in your provider.
-> Currently, it is only available for AWS provider.
+
+???+ note
+    Currently, it is only available for AWS provider.


 - You can use option `-i`/`--quick-inventory` to execute it:
 ```sh
 prowler <provider> -i
 ```
-> By default, it extracts resources from all the regions, you could use `-f`/`--filter-region` to specify the regions to execute the analysis.
+
+???+ note
+    By default, it extracts resources from all the regions, you could use `-f`/`--filter-region` to specify the regions to execute the analysis.

 - This feature specify both the number of resources for each service and for each resource type.

--- a/docs/tutorials/reporting.md
+++ b/docs/tutorials/reporting.md
@@ -19,11 +19,12 @@ prowler <provider> -M csv json json-asff html -F <custom_report_name>
 ```console
 prowler <provider> -M csv json json-asff html -o <custom_report_directory>
 ```
-> Both flags can be used simultaneously to provide a custom directory and filename.
-```console
-prowler <provider> -M csv json json-asff html \
-        -F <custom_report_name> -o <custom_report_directory>
-```
+???+ note
+    Both flags can be used simultaneously to provide a custom directory and filename.
+    ```console
+    prowler <provider> -M csv json json-asff html \
+            -F <custom_report_name> -o <custom_report_directory>
+    ```
 ## Output timestamp format
 By default, the timestamp format of the output files is ISO 8601. This can be changed with the flag `--unix-timestamp` generating the timestamp fields in pure unix timestamp format.

@@ -41,9 +42,10 @@ Hereunder is the structure for each of the supported report formats by Prowler:

 ### HTML
 ![HTML Output](../img/output-html.png)
+
 ### CSV

-CSV format has a set of common columns for all the providers, and then provider specific columns.  
+CSV format has a set of common columns for all the providers, and then provider specific columns.
 The common columns are the following:

 - ASSESSMENT_START_TIME
@@ -90,7 +92,6 @@ And then by the provider specific columns:
 - RESOURCE_ID
 - RESOURCE_ARN

-
 #### AZURE

 - TENANT_DOMAIN
@@ -98,7 +99,6 @@ And then by the provider specific columns:
 - RESOURCE_ID
 - RESOURCE_NAME

-
 #### GCP

 - PROJECT_ID
@@ -107,9 +107,9 @@ And then by the provider specific columns:
 - RESOURCE_NAME


+???+ note
+    Since Prowler v3 the CSV column delimiter is the semicolon (`;`)

-
-> Since Prowler v3 the CSV column delimiter is the semicolon (`;`)
 ### JSON

 The following code is an example output of the JSON format:
@@ -206,7 +206,8 @@ The following code is an example output of the JSON format:
 }]
 ```

-> NOTE: Each finding is a `json` object within a list. This has changed in v3 since in v2 the format used was [ndjson](http://ndjson.org/).
+???+ note
+    Each finding is a `json` object within a list. This has changed in v3 since in v2 the format used was [ndjson](http://ndjson.org/).


 ### JSON-OCSF
@@ -467,7 +468,9 @@ Based on [Open Cybersecurity Schema Framework Security Finding v1.0.0-rc.3](http
 }]
 ```

-> NOTE: Each finding is a `json` object.
+???+ note
+    Each finding is a `json` object.
+
 ### JSON-ASFF

 The following code is an example output of the [JSON-ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-syntax.html) format:
@@ -600,4 +603,5 @@ The following code is an example output of the [JSON-ASFF](https://docs.aws.amaz
 }]
 ```

-> NOTE: Each finding is a `json` object within a list.
+???+ note
+    Each finding is a `json` object within a list.
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -1,15 +1,15 @@
 # Project information
-site_name: Prowler Documentation
-site_url: https://docs.prowler.pro/
+site_name: Prowler Open Source Documentation
+site_url: https://docs.prowler.com/
 site_description: >-
-  Prowler Documentation Site
+  Prowler Open Source Documentation

 # Theme Configuration
 theme:
  language: en
-  logo: img/prowler-logo.png
+  logo: img/prowler-logo-white.png
  name: material
-  favicon: img/prowler-icon.svg
+  favicon: favicon.ico
  features:
    - navigation.tabs
    - navigation.tabs.sticky
@@ -19,6 +19,11 @@ theme:
    primary: black
    accent: green

+plugins:
+  - search
+  - git-revision-date-localized:
+      enable_creation_date: true
+
 edit_uri: "https://github.com/prowler-cloud/prowler/tree/master/docs"
 # Prowler OSS Repository
 repo_url: https://github.com/prowler-cloud/prowler/
@@ -74,11 +79,13 @@ nav:
      - Testing:
          - Unit Tests: developer-guide/unit-testing.md
          - Integration Tests: developer-guide/integration-testing.md
+      - Debugging: developer-guide/debugging.md
  - Security: security.md
  - Contact Us: contact.md
  - Troubleshooting: troubleshooting.md
  - About: about.md
-  - ProwlerPro: https://prowler.pro
+  - Prowler SaaS: https://prowler.com
+
 # Customization
 extra:
  consent:
@@ -102,11 +109,15 @@ extra:
      link: https://twitter.com/prowlercloud

 # Copyright
-copyright: Copyright &copy; 2022 Toni de la Fuente, Maintained by the Prowler Team at Verica, Inc.</a>
+copyright: >
+  Copyright &copy; <script>document.write(new Date().getFullYear())</script> Toni de la Fuente, Maintained by the Prowler Team at ProwlerPro, Inc.</a>
+  </br><a href="#__consent">Change cookie settings</a>

 markdown_extensions:
  - abbr
  - admonition
+  - pymdownx.details
+  - pymdownx.superfences
  - attr_list
  - def_list
  - footnotes
@@ -120,8 +131,8 @@ markdown_extensions:
  - pymdownx.caret
  - pymdownx.details
  - pymdownx.emoji:
-      emoji_generator: !!python/name:materialx.emoji.to_svg
-      emoji_index: !!python/name:materialx.emoji.twemoji
+      emoji_index: !!python/name:material.extensions.emoji.twemoji
+      emoji_generator: !!python/name:material.extensions.emoji.to_svg
  - pymdownx.highlight:
      anchor_linenums: true
  - pymdownx.inlinehilite
--- a/poetry.lock
+++ b/poetry.lock
--- a/prowler/compliance/aws/aws_account_security_onboarding_aws.json
+++ b/prowler/compliance/aws/aws_account_security_onboarding_aws.json
--- a/prowler/compliance/aws/aws_foundational_technical_review_aws.json
+++ b/prowler/compliance/aws/aws_foundational_technical_review_aws.json
@@ -0,0 +1,693 @@
+{
+  "Framework": "AWS-Foundational-Technical-Review",
+  "Version": "",
+  "Provider": "AWS",
+  "Description": "The AWS Foundational Technical Review (FTR) assesses an AWS Partner's solution against a specific set of Amazon Web Services (AWS) best practices around security, performance, and operational processes that are most critical for customer success. Passing the FTR is required to qualify AWS Software Partners for AWS Partner Network (APN) programs such as AWS Competency and AWS Service Ready but any AWS Partner who offers a technology solution may request a FTR review through AWS Partner Central.",
+  "Requirements": [
+    {
+      "Id": "HOST-001",
+      "Name": "Confirm your hosting model",
+      "Description": "To use this FTR checklist you must host all critical application components on AWS. You may use external providers for edge services such as content delivery networks (CDNs) or domain name system (DNS), or corporate identity providers. If you are using any edge services outside AWS, please specify them in the self-assessment.",
+      "Attributes": [
+        {
+          "Section": "Partner-hosted FTR requirements",
+          "Subsection": "Hosting",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "SUP-001",
+      "Name": "Subscribe to the AWS Business Support tier (or higher) for all production AWS accounts or have an action plan to handle issues which require help from AWS Support",
+      "Description": "It is recommended that you subscribe to the AWS Business Support tier or higher (including AWS Partner-Led Support) for all of your AWS production accounts. For more information, refer to Compare AWS Support Plans. If you don't have premium support, you must have an action plan to handle issues which require help from AWS Support. AWS Support provides a mix of tools and technology, people, and programs designed to proactively help you optimize performance, lower costs, and innovate faster. AWS Business Support provides additional benefits including access to AWS Trusted Advisor and AWS Personal Health Dashboard and faster response times.",
+      "Attributes": [
+        {
+          "Section": "Partner-hosted FTR requirements",
+          "Subsection": "Support level",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "WAFR-001",
+      "Name": "Conduct periodic architecture reviews (minimum once every year)",
+      "Description": "Conduct periodic architecture reviews of your production workload (at least once per year) using a documented architectural standard that includes AWS-specific best practices. If you have an internally defined standard for your AWS workloads, we recommend you use it for these reviews. If you do not have an internal standard, we recommend you use the AWS Well-Architected Framework.",
+      "Attributes": [
+        {
+          "Section": "Partner-hosted FTR requirements",
+          "Subsection": "Architecture review",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "WAFR-002",
+      "Name": "Review the AWS Shared Responsibility Models for Security and Resiliency",
+      "Description": "Review the AWS Shared Responsibility Model for Security and the AWS Shared Responsibility Model for Resiliency. Ensure that your product’s architecture and operational processes address the customer responsibilities defined in these models. We recommend you to use AWS Resilience Hub to ensure your workload resiliency posture meets your targets and to provide you with operational procedures you may use to address the customer responsibilities.",
+      "Attributes": [
+        {
+          "Section": "Partner-hosted FTR requirements",
+          "Subsection": "Architecture review",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "ARC-001",
+      "Name": "Use root user only by exception",
+      "Description": "The root user has unlimited access to your account and its resources, and using it only by exception helps protect your AWS resources. The AWS root user must not be used for everyday tasks, even administrative ones. Instead, adhere to the best practice of using the root user only to create your first AWS Identity and Access Management (IAM) user. Then securely lock away the root user credentials and use them to perform only a few accounts and service management tasks. To view the tasks that require you to sign in as the root user, see AWS Tasks That Require Root User. FTR does not require you to actively monitor root usage.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "AWS root account",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "ARC-003",
+      "Name": "Enable multi-factor authentication (MFA) on the root user for all AWS accounts",
+      "Description": "Enabling MFA provides an additional layer of protection against unauthorized access to your account. To configure MFA for the root user, follow the instructions for enabling either a virtual MFA or hardware MFA device. If you are using AWS Organizations to create new accounts, the initial password for the root user is set to a random value that is never exposed to you. If you do not recover the password for the root user of these accounts, you do not need to enable MFA on them. For any accounts where you do have access to the root user’s password, you must enable MFA",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "AWS root account",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_root_mfa_enabled",
+        "iam_root_hardware_mfa_enabled"
+      ]
+    },
+    {
+      "Id": "ARC-004",
+      "Name": "Remove access keys for the root user",
+      "Description": "Programmatic access to AWS APIs should never use the root user. It is best not to generate static an access key for the root user. If one already exists, you should transition any processes using that key to use temporary access keys from an AWS Identity and Access Management (IAM) role, or, if necessary, static access keys from an IAM user.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "AWS root account",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_no_root_access_key"
+      ]
+    },
+    {
+      "Id": "ARC-005",
+      "Name": "Develop incident management plans",
+      "Description": "An incident management plan is critical to respond, mitigate, and recover from the potential impact of security incidents. An incident management plan is a structured process for identifying, remediating, and responding in a timely matter to security incidents. An effective incident management plan must be continually iterated upon, remaining current with your cloud operations goal. For more information on developing incident management plan please see Develop incident management plans.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "AWS root account",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "ACOM-001",
+      "Name": "Configure AWS account contacts",
+      "Description": "If an account is not managed by AWS Organizations, alternate account contacts help AWS get in contact with the appropriate personnel if needed. Configure the account’s alternate contacts to point to a group rather than an individual. For example, create separate email distribution lists for billing, operations, and security and configure these as Billing, Security, and Operations contacts in each active AWS account. This ensures that multiple people will receive AWS notifications and be able to respond, even if someone is on vacation, changes roles, or leaves the company.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Communications from AWS",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "ACOM-002",
+      "Name": "Set account contact information including the root user email address to email addresses and phone numbers owned by your company",
+      "Description": "Using company owned email addresses and phone numbers for contact information enables you to access them even if the individuals whom they belong to are no longer with your organization",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Communications from AWS",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-001",
+      "Name": "Enable multi-factor authentication (MFA) for all Human Identities with AWS access",
+      "Description": "You must require any human identities to authenticate using MFA before accessing your AWS accounts. Typically, this means enabling MFA within your corporate identity provider. If you have existing legacy IAM users you must enable MFA for console access for those principals as well. Enabling MFA for IAM users provides an additional layer of security. With MFA, users have a device that generates a unique authentication code (a one-time password, or OTP). Users must provide both their normal credentials (user name and password) and the OTP. The MFA device can either be a special piece of hardware, or it can be a virtual device (for example, it can run in an app on a smartphone). Please note that machine identities do not require MFA.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_root_mfa_enabled",
+        "iam_root_hardware_mfa_enabled",
+        "iam_user_hardware_mfa_enabled",
+        "iam_user_mfa_enabled_console_access",
+        "iam_administrator_access_with_mfa"
+      ]
+    },
+    {
+      "Id": "IAM-002",
+      "Name": "Monitor and secure static AWS Identity and Access Management (IAM) credentials",
+      "Description": "Use temporary IAM credentials retrieved by assuming a role whenever possible. In cases where it is infeasible to use IAM roles, implement the following controls to reduce the risk these credentials are misused: Rotate IAM access keys regularly (recommended at least every 90 days). Maintain an inventory of all static keys and where they are used and remove unused access keys. Implement monitoring of AWS CloudTrail logs to detect anomalous activity or other potential misuse (e.g. using AWS GuardDuty.) Define a runbook or SOP for revoking credentials in the event you detect misuse.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_rotate_access_key_90_days",
+        "iam_user_accesskey_unused",
+        "iam_user_with_temporary_credentials",
+        "guardduty_is_enabled",
+        "guardduty_no_high_severity_findings"
+      ]
+    },
+    {
+      "Id": "IAM-003",
+      "Name": "Use strong password policy",
+      "Description": "Enforce a strong password policy, and educate users to avoid common or re-used passwords. For IAM users, you can create a password policy for your account on the Account Settings page of the IAM console. You can use the password policy to define password requirements, such as minimum length and whether it requires non-alphabetic characters, and so on. For more information, see Setting an Account Password Policy for IAM users.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_password_policy_expires_passwords_within_90_days_or_less",
+        "iam_password_policy_lowercase",
+        "iam_password_policy_minimum_length_14",
+        "iam_password_policy_number",
+        "iam_password_policy_reuse_24",
+        "iam_password_policy_symbol",
+        "iam_password_policy_uppercase"
+      ]
+    },
+    {
+      "Id": "IAM-004",
+      "Name": "Create individual identities (no shared credentials) for anyone who needs AWS access",
+      "Description": "Create individual entities and give unique security credentials and permissions to each user accessing your account. With individual entities and no shared credentials, you can audit the activity of each user.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-005",
+      "Name": "Use IAM roles and its temporary security credentials to provide access to third parties.",
+      "Description": "Do not provision IAM users and share those credentials with people outside of your organization. Any external services that need to make AWS API calls against your account (for example, a monitoring solution that accesses your account's AWS CloudWatch metrics) must use a cross-account role. For more information, refer to Providing access to AWS accounts owned by third parties.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-006",
+      "Name": "Grant least privilege access",
+      "Description": "You must follow the standard security advice of granting least privilege. Grant only the access that identities require by allowing access to specific actions on specific AWS resources under specific conditions. Rely on groups and identity attributes to dynamically set permissions at scale, rather than defining permissions for individual users. For example, you can allow a group of developers access to manage only resources for their project. This way, when a developer is removed from the group, access for the developer is revoked everywhere that group was used for access control, without requiring any changes to the access policies.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_policy_attached_only_to_group_or_roles"
+      ]
+    },
+    {
+      "Id": "IAM-007",
+      "Name": "Manage access based on life cycle",
+      "Description": "Integrate access controls with operator and application lifecycle and your centralized federation provider and IAM. For example, remove a user’s access when they leave the organization or change roles.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-008",
+      "Name": "Audit identities quarterly",
+      "Description": "Auditing the identities that are configured in your identity provider and IAM helps ensure that only authorized identities have access to your workload. For example, remove people that leave the organization, and remove cross-account roles that are no longer required. Have a process in place to periodically audit permissions to the services accessed by an IAM entity. This helps you identify the policies you needto modify to remove any unused permissions. For more information, see Refining permissions in AWS using last accessed information.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-009",
+      "Name": "Do not embed credentials in application code",
+      "Description": "Ensure that all credentials used by your applications (for example, IAM access keys and database passwords) are never included in your application's source code or committed to source control in any way.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-0010",
+      "Name": "Store secrets securely.",
+      "Description": "Encrypt all secrets in transit and at rest, define fine-grained access controls that only allow access to specific identities, and log access to secrets in an audit log. We recommend you use a purpose-built secret management service such as AWS Secrets Manager, AWS Systems Manager Parameter Store, or an AWS Partner solution, but internally developed solutions that meet these requirements are also acceptable.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-0011",
+      "Name": "Encrypt all end user/customer credentials and hash passwords at rest.",
+      "Description": "If you are storing end user/customer credentials in a database that you manage, encrypt credentials at rest and hash passwords. As an alternative, AWS recommends using a user-identity synchronization service, such as Amazon Cognito or an equivalent AWS Partner solution.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "IAM-0012",
+      "Name": "Use temporary credentials",
+      "Description": "Use temporary security credentials to access AWS resources. For machine identities within AWS (for example, Amazon Elastic Compute Cloud (Amazon EC2) instances or AWS Lambda functions), always use IAM roles to acquire temporary security credentials. For machine identities running outside of AWS, use IAM Roles Anywhere or securely store static AWS access keys that are only used to assume an IAM role.For human identities, use AWS IAM Identity Center or other identity federation solutions where possible. If you must use static AWS access keys for human users, require MFA for all access, including the AWS Management Console, and AWS Command Line Interface (AWS CLI).",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Identity and Access Management",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "iam_rotate_access_key_90_days",
+        "iam_user_accesskey_unused",
+        "iam_user_with_temporary_credentials",
+        "iam_policy_attached_only_to_group_or_roles",
+        "iam_role_administratoraccess_policy",
+        "iam_role_cross_account_readonlyaccess_policy",
+        "iam_role_cross_service_confused_deputy_prevention",
+        "iam_root_hardware_mfa_enabled",
+        "iam_root_mfa_enabled",
+        "iam_root_hardware_mfa_enabled",
+        "iam_user_hardware_mfa_enabled",
+        "iam_user_mfa_enabled_console_access",
+        "iam_administrator_access_with_mfa"
+      ]
+    },
+    {
+      "Id": "SECOPS-001",
+      "Name": "Perform vulnerability management",
+      "Description": "Define a mechanism and frequency to scan and patch for vulnerabilities in your dependencies, and in your operating systems to help protect against new threats. Scan and patch your dependencies, and your operating systems on a defined schedule. Software vulnerability management is essential to keeping your system secure from threat actors. Embedding vulnerability assessments early into your continuous integration/continuous delivery (CI/CD) pipeline allows you to prioritize remediation of any security vulnerabilities detected. The solution you need to achieve this varies according to the AWS services that you are consuming. To check for vulnerabilities in software running in Amazon EC2 instances, you can add Amazon Inspector to your pipeline to cause your build to fail if Inspector detects vulnerabilities. You can also use open source products such as OWASP Dependency-Check, Snyk, OpenVAS, package managers and AWS Partner tools for vulnerability management.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Operational security",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist",
+        "accessanalyzer_enabled_without_findings",
+        "guardduty_no_high_severity_findings"
+      ]
+    },
+    {
+      "Id": "NETSEC-001",
+      "Name": "Implement the least permissive rules for all Amazon EC2 security groups",
+      "Description": "All Amazon EC2 security groups should restrict access to the greatest degree possible. At a minimum, do the following: Ensure that no security groups allow ingress from 0.0.0.0/0 to port 22 or 3389 (CIS 5.2) Ensure that the default security group of every VPC restricts all traffic (CIS 5.3/Security Control EC2.2)",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Network Security",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "ec2_ami_public",
+        "ec2_instance_public_ip",
+        "ec2_securitygroup_allow_ingress_from_internet_to_any_port",
+        "ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_3389",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_cassandra_7199_9160_8888",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_elasticsearch_kibana_9200_9300_5601",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_kafka_9092",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_memcached_11211",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_oracle_1521_2483",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_postgres_5432",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_redis_6379",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_sql_server_1433_1434",
+        "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_telnet_23",
+        "ec2_securitygroup_allow_wide_open_public_ipv4",
+        "ec2_securitygroup_default_restrict_traffic",
+        "ec2_securitygroup_not_used",
+        "ec2_securitygroup_with_many_ingress_egress_rules"
+      ]
+    },
+    {
+      "Id": "NETSEC-002",
+      "Name": "Restrict resources in public subnets",
+      "Description": "Do not place resources in public subnets of your VPC unless they must receive network traffic from public sources. Public subnets are subnets associated with a route table that has a route to an internet gateway.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Network Security",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "vpc_subnet_no_public_ip_by_default",
+        "vpc_subnet_separate_private_public",
+        "vpc_endpoint_connections_trust_boundaries",
+        "vpc_endpoint_services_allowed_principals_trust_boundaries",
+        "workspaces_vpc_2private_1public_subnets_nat"
+      ]
+    },
+    {
+      "Id": "BAR-001",
+      "Name": "Configure automatic data backups",
+      "Description": "You must perform regular backups to a durable storage service. Backups ensure that you have the ability to recover from administrative, logical, or physical error scenarios. Configure backups to be taken automatically based on a periodic schedule, or by changes in the dataset. RDS instances, EBS volumes, DynamoDB tables, and S3 objects can all be configured for automatic backup. AWS Backup, AWS Marketplace solutions or third-party solutions can also be used. If objects in S3 bucket are write-once-read-many (WORM), compensating controls such as object lock can be used meet this requirement. If it is customers’ responsibility to backup their data, it must be clearly stated in the documentation and the Partner must provide clear instructions on how to backup the data.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Backups and recovery",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "backup_plans_exist",
+        "backup_reportplans_exist",
+        "backup_vaults_encrypted",
+        "backup_vaults_exist",
+        "efs_have_backup_enabled",
+        "rds_instance_backup_enabled"
+      ]
+    },
+    {
+      "Id": "BAR-002",
+      "Name": "Periodically recover data to verify the integrity of your backup process",
+      "Description": "To confirm that your backup process meets your recovery time objectives (RTO) and recovery point objectives (RPO), run a recovery test on a regular schedule and after making significant changes to your cloud environment. For more information, refer to Getting Started - Backup and Restore with AWS.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Backups and recovery",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-001",
+      "Name": "Define a Recovery Point Objective (RPO)",
+      "Description": "To confirm that your backup process meets your recovery time objectives (RTO) and recovery point objectives (RPO), run a recovery test on a regular schedule and after making significant changes to your cloud environment. For more information, refer to Getting Started - Backup and Restore with AWS.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-002",
+      "Name": "Establish a Recovery Time Objective (RTO)",
+      "Description": "Define an RTO that meets your organization’s needs and expectations. RTO is the maximum acceptable delay your organization will accept between the interruption and restoration of service.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-004",
+      "Name": "Resiliency Testing",
+      "Description": "Test resiliency to ensure that RTO and RPO are met, both periodically (minimum every 12 months) and after major updates. The resiliency test must include accidental data loss, instance failures, and Availability Zone (AZ) failures. At least one resilience test that meets RTO and RPO requirements must be completed prior to FTR approval. You can use AWS Resilience Hub to test and verify your workloads to see if it meets its resilience target. AWS Resilience Hub works with AWS Fault Injection Service (AWS FIS) , a chaos engineering service, to provide fault-injection simulations of real-world failures to validate the application recovers within the resilience targets you defined. AWS Resilience Hub also provides API operations for you to integrate its resilience assessment and testing into your CI/CD pipelines for ongoing resilience validation. Including resilience validation in CI/CD pipelines helps make sure that changes to the workload’s underlying infrastructure don't compromise resilience.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-005",
+      "Name": "Communicate customer responsibilities for resilience",
+      "Description": "Clearly define your customers’ responsibility for backup, recovery, and availability. At a minimum, your product documentation or customer agreements should cover the following: Responsibility the customer has for backing up the data stored in your solution. Instructions for backing up data or configuring optional features in your product for data protection, if applicable. Options customers have for configuring the availability of your product.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-006",
+      "Name": "Architect your product to meet availability targets and uptime service level agreements (SLAs)",
+      "Description": "If you publish or privately agree to availability targets or uptime SLAs, ensure that your architecture and operational processes are designed to support them. Additionally, provide clear guidance to customers on any configuration required to achieve the targets or SLAs.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RES-007",
+      "Name": "Define a customer communication plan for outages",
+      "Description": "Establish a plan for communicating information about system outages to your customers both during and after incidents. Your communication should not include any data that was provided by AWS under a non-disclosure agreement (NDA).",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Resiliency",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "S3-001",
+      "Name": "Review all Amazon S3 buckets to determine appropriate access levels",
+      "Description": "You must ensure that buckets that require public access have been reviewed to determine if public read or write access is needed and if appropriate controls are in place to control public access. When assigning access permissions, follow the principle of least privilege, an AWS best practice. For more information, refer to overview of managing access.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Amazon S3 bucket access",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "s3_bucket_acl_prohibited",
+        "s3_bucket_default_encryption",
+        "s3_bucket_kms_encryption",
+        "s3_bucket_level_public_access_block",
+        "s3_bucket_object_lock",
+        "s3_bucket_policy_public_write_access",
+        "s3_bucket_public_access",
+        "s3_bucket_public_list_acl",
+        "s3_bucket_public_write_acl",
+        "s3_bucket_secure_transport_policy",
+        "s3_bucket_server_access_logging_enabled"
+      ]
+    },
+    {
+      "Id": "CAA-001",
+      "Name": "Use cross-account roles to access customer AWS accounts",
+      "Description": "Cross-account roles reduce the amount of sensitive information AWS Partners need to store for their customers.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-007",
+      "Name": "Provide guidance or an automated setup mechanism (for example, an AWS CloudFormation template) for creating cross-account roles with the minimum required privileges",
+      "Description": "The policy created for cross-account access in customer accounts must follow the principle of least privilege. The AWS Partner must provide a role-policy document or an automated setup mechanism (for example, an AWS CloudFormation template) for the customers to use to ensure that the roles are created with minimum required privileges. For more information, refer to the AWS Partner Network (APN) blog posts.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-002",
+      "Name": "Use an external ID with cross-account roles to access customer accounts",
+      "Description": "An external ID allows the user that is assuming the role to assert the circumstances in which they are operating. It also provides a way for the account owner to permit the role to be assumed only under specific circumstances. The primary function of the external ID is to address and prevent the confused deputy problem.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-004",
+      "Name": "Use a value you generate (not something provided by the customer) for the external ID",
+      "Description": "When configuring cross-account access using IAM roles, you must use a value you generate for the external ID, instead of one provided by the customer, to ensure the integrity of the cross-account role configuration. A partner-generated external ID ensures that malicious parties cannot impersonate a customer's configuration and enforces uniqueness and format consistency across all customers. If you are not generating an external ID today we recommend implementing a process that generates a random unique value (such as a Universally Unique Identifier) for the external ID that a customer uses to set up a cross-account role.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-005",
+      "Name": "Ensure that all external IDs are unique.",
+      "Description": "The external IDs used must be unique across all customers. Re-using external IDs for different customers does not solve the confused deputy problem and runs the risk of customer A being able to view data of customer B by using the role ARN and the external ID of customer B. To resolve this, we recommend implementing a process that ensures a random unique value, such as a Universally Unique Identifier, is generated for the external ID that a customer would use to setup a cross account role.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-006",
+      "Name": "Provide read-only access to external ID to customers",
+      "Description": "Customers must not be able to set or influence external IDs. When the external ID is editable, it is possible for one customer to impersonate the configuration of another. For example, when the external ID is editable, customer A can create a cross account role setup using customer B’s role ARN and external ID, granting customer A access to customer B’s data. Remediation of this item involves making the external ID a view-only field, ensuring that the external ID cannot be changed to impersonate the setup of another customer.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "CAA-003",
+      "Name": "Deprecate any historical use of customer-provided IAM credentials",
+      "Description": "If your application provides legacy support for the use of static IAM credentials for cross-account access, the application's user interface and customer documentation must make it clear that this method is deprecated. Existing customers should be encouraged to switch to cross-account role based-access, and collection of credentials should be disabled for new customers.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Cross-account access",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "SDAT-001",
+      "Name": "Identify sensitive data (for example, Personally Identifiable Information (PII) and Protected Health Information (PHI))",
+      "Description": "Data classification enables you to determine which data needs to be protected and how. Based on the workload and the data it processes, identify the data that is not common public knowledge.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Sensitive data",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "SDAT-002",
+      "Name": "Encrypt all sensitive data at rest",
+      "Description": "Encryption maintains the confidentiality of sensitive data even when it gets stolen or the network through which it is transmitted becomes compromised.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Sensitive data",
+          "Type": "Automated"
+        }
+      ],
+      "Checks": [
+        "sns_topics_kms_encryption_at_rest_enabled",
+        "athena_workgroup_encryption",
+        "cloudtrail_kms_encryption_enabled",
+        "dynamodb_accelerator_cluster_encryption_enabled",
+        "dynamodb_tables_kms_cmk_encryption_enabled",
+        "efs_encryption_at_rest_enabled",
+        "opensearch_service_domains_encryption_at_rest_enabled"
+      ]
+    },
+    {
+      "Id": "SDAT-003",
+      "Name": "Only use protocols with encryption when transmitting sensitive data outside of your VPC",
+      "Description": "Encryption maintains data confidentiality even when the network through which it is transmitted becomes compromised.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Sensitive data",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    },
+    {
+      "Id": "RCVP-001",
+      "Name": "Establish a process to ensure that all required compliance standards are met",
+      "Description": "If you advertise that your product meets specific compliance standards, you must have an internal process for ensuring compliance. Examples of compliance standards include Payment Card Industry Data Security Standard (PCI DSS) PCI DSS, Federal Risk and Authorization Management Program (FedRAMP)FedRAMP, and U.S. Health Insurance Portability and Accountability Act (HIPAA)HIPAA. Applicable compliance standards are determined by various factors, such as what types of data the solution stores or transmits and which geographic regions the solution supports.",
+      "Attributes": [
+        {
+          "Section": "Architectural and Operational Controls",
+          "Subsection": "Regulatory compliance validation process",
+          "Type": "Manual"
+        }
+      ],
+      "Checks": []
+    }
+  ]
+}
--- a/prowler/compliance/aws/cis_2.0_aws.json
+++ b/prowler/compliance/aws/cis_2.0_aws.json
@@ -468,27 +468,6 @@
    },
    {
      "Id": "2.1.1",
-      "Description": "Ensure all S3 buckets employ encryption-at-rest",
-      "Checks": [
-        "s3_bucket_default_encryption"
-      ],
-      "Attributes": [
-        {
-          "Section": "2.1. Simple Storage Service (S3)",
-          "Profile": "Level 2",
-          "AssessmentStatus": "Automated",
-          "Description": "Amazon S3 provides a variety of no, or low, cost encryption options to protect data at rest.",
-          "RationaleStatement": "Encrypting data at rest reduces the likelihood that it is unintentionally exposed and can nullify the impact of disclosure if the encryption remains unbroken.",
-          "ImpactStatement": "Amazon S3 buckets with default bucket encryption using SSE-KMS cannot be used as destination buckets for Amazon S3 server access logging. Only SSE-S3 default encryption is supported for server access log destination buckets.",
-          "RemediationProcedure": "**From Console:**  1. Login to AWS Management Console and open the Amazon S3 console using https://console.aws.amazon.com/s3/  2. Select a Bucket. 3. Click on 'Properties'. 4. Click edit on `Default Encryption`. 5. Select either `AES-256`, `AWS-KMS`, `SSE-KMS` or `SSE-S3`. 6. Click `Save` 7. Repeat for all the buckets in your AWS account lacking encryption.  **From Command Line:**  Run either  ``` aws s3api put-bucket-encryption --bucket <bucket name> --server-side-encryption-configuration '{\"Rules\": [{\"ApplyServerSideEncryptionByDefault\": {\"SSEAlgorithm\": \"AES256\"}}]}' ```  or  ``` aws s3api put-bucket-encryption --bucket <bucket name> --server-side-encryption-configuration '{\"Rules\": [{\"ApplyServerSideEncryptionByDefault\": {\"SSEAlgorithm\": \"aws:kms\",\"KMSMasterKeyID\": \"aws/s3\"}}]}' ```  **Note:** the KMSMasterKeyID can be set to the master key of your choosing; aws/s3 is an AWS preconfigured default.",
-          "AuditProcedure": "**From Console:**  1. Login to AWS Management Console and open the Amazon S3 console using https://console.aws.amazon.com/s3/  2. Select a Bucket. 3. Click on 'Properties'. 4. Verify that `Default Encryption` is enabled, and displays either `AES-256`, `AWS-KMS`, `SSE-KMS` or `SSE-S3`. 5. Repeat for all the buckets in your AWS account.  **From Command Line:**  1. Run command to list buckets ``` aws s3 ls ``` 2. For each bucket, run  ``` aws s3api get-bucket-encryption --bucket <bucket name> ``` 3. Verify that either  ``` \"SSEAlgorithm\": \"AES256\" ```  or  ``` \"SSEAlgorithm\": \"aws:kms\"```  is displayed.",
-          "AdditionalInformation": "S3 bucket encryption only applies to objects as they are placed in the bucket. Enabling S3 bucket encryption does **not** encrypt objects previously stored within the bucket.",
-          "References": "https://docs.aws.amazon.com/AmazonS3/latest/user-guide/default-bucket-encryption.html:https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-related-resources"
-        }
-      ]
-    },
-    {
-      "Id": "2.1.2",
      "Description": "Ensure S3 Bucket Policy is set to deny HTTP requests",
      "Checks": [
        "s3_bucket_secure_transport_policy"
@@ -509,7 +488,7 @@
      ]
    },
    {
-      "Id": "2.1.3",
+      "Id": "2.1.2",
      "Description": "Ensure MFA Delete is enabled on S3 buckets",
      "Checks": [
        "s3_bucket_no_mfa_delete"
@@ -530,7 +509,7 @@
      ]
    },
    {
-      "Id": "2.1.4",
+      "Id": "2.1.3",
      "Description": "Ensure all data in Amazon S3 has been discovered, classified and secured when required.",
      "Checks": [
        "macie_is_enabled"
@@ -551,7 +530,7 @@
      ]
    },
    {
-      "Id": "2.1.5",
+      "Id": "2.1.4",
      "Description": "Ensure that S3 Buckets are configured with 'Block public access (bucket settings)'",
      "Checks": [
        "s3_bucket_level_public_access_block",
--- a/prowler/compliance/aws/cis_3.0_aws.json
+++ b/prowler/compliance/aws/cis_3.0_aws.json
--- a/prowler/compliance/aws/ens_rd2022_aws.json
+++ b/prowler/compliance/aws/ens_rd2022_aws.json
@@ -814,7 +814,8 @@
        }
      ],
      "Checks": [
-        "inspector2_findings_exist"
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist"
      ]
    },
    {
@@ -1935,7 +1936,8 @@
        }
      ],
      "Checks": [
-        "inspector2_findings_exist"
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist"
      ]
    },
    {
@@ -2010,7 +2012,8 @@
        }
      ],
      "Checks": [
-        "inspector2_findings_exist"
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist"
      ]
    },
    {
--- a/prowler/compliance/aws/mitre_attack_aws.json
+++ b/prowler/compliance/aws/mitre_attack_aws.json
@@ -29,7 +29,8 @@
        "securityhub_enabled",
        "elbv2_waf_acl_attached",
        "guardduty_is_enabled",
-        "inspector2_findings_exist",
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist",
        "awslambda_function_not_publicly_accessible",
        "ec2_instance_public_ip"
      ],
@@ -576,7 +577,8 @@
        "config_recorder_all_regions_enabled",
        "securityhub_enabled",
        "guardduty_is_enabled",
-        "inspector2_findings_exist"
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist"
      ],
      "Attributes": [
        {
@@ -737,7 +739,8 @@
        "iam_user_hardware_mfa_enabled",
        "iam_user_mfa_enabled_console_access",
        "securityhub_enabled",
-        "inspector2_findings_exist"
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist"
      ],
      "Attributes": [
        {
@@ -1892,7 +1895,8 @@
        "networkfirewall_in_all_vpc",
        "elbv2_waf_acl_attached",
        "guardduty_is_enabled",
-        "inspector2_findings_exist",
+        "inspector2_is_enabled",
+        "inspector2_active_findings_exist",
        "ec2_networkacl_allow_ingress_any_port",
        "ec2_networkacl_allow_ingress_tcp_port_22",
        "ec2_networkacl_allow_ingress_tcp_port_3389",
--- a/prowler/compliance/aws/soc2_aws.json
+++ b/prowler/compliance/aws/soc2_aws.json
@@ -13,7 +13,7 @@
          "ItemId": "cc_1_1",
          "Section": "CC1.0 - Common Criteria Related to Control Environment",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -27,7 +27,7 @@
          "ItemId": "cc_1_2",
          "Section": "CC1.0 - Common Criteria Related to Control Environment",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -41,7 +41,7 @@
          "ItemId": "cc_1_3",
          "Section": "CC1.0 - Common Criteria Related to Control Environment",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -62,7 +62,7 @@
          "ItemId": "cc_1_4",
          "Section": "CC1.0 - Common Criteria Related to Control Environment",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -76,7 +76,7 @@
          "ItemId": "cc_1_5",
          "Section": "CC1.0 - Common Criteria Related to Control Environment",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -90,7 +90,7 @@
          "ItemId": "cc_2_1",
          "Section": "CC2.0 - Common Criteria Related to Communication and Information",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -109,7 +109,7 @@
          "ItemId": "cc_2_2",
          "Section": "CC2.0 - Common Criteria Related to Communication and Information",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -123,7 +123,7 @@
          "ItemId": "cc_2_3",
          "Section": "CC2.0 - Common Criteria Related to Communication and Information",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -137,7 +137,7 @@
          "ItemId": "cc_3_1",
          "Section": "CC3.0 - Common Criteria Related to Risk Assessment",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -155,7 +155,7 @@
          "ItemId": "cc_3_2",
          "Section": "CC3.0 - Common Criteria Related to Risk Assessment",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -175,7 +175,7 @@
          "ItemId": "cc_3_3",
          "Section": "CC3.0 - Common Criteria Related to Risk Assessment",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -189,7 +189,7 @@
          "ItemId": "cc_3_4",
          "Section": "CC3.0 - Common Criteria Related to Risk Assessment",
          "Service": "config",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -205,7 +205,7 @@
          "ItemId": "cc_4_1",
          "Section": "CC4.0 - Monitoring Activities",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -219,7 +219,7 @@
          "ItemId": "cc_4_2",
          "Section": "CC4.0 - Monitoring Activities",
          "Service": "guardduty",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -236,7 +236,7 @@
          "ItemId": "cc_5_1",
          "Section": "CC5.0 - Control Activities",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -250,7 +250,7 @@
          "ItemId": "cc_5_2",
          "Section": "CC5.0 - Control Activities",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -264,7 +264,7 @@
          "ItemId": "cc_5_3",
          "Section": "CC5.0 - Control Activities",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -278,7 +278,7 @@
          "ItemId": "cc_6_1",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "s3",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -294,7 +294,7 @@
          "ItemId": "cc_6_2",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "rds",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -310,7 +310,7 @@
          "ItemId": "cc_6_3",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "iam",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -328,7 +328,7 @@
          "ItemId": "cc_6_4",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -342,7 +342,7 @@
          "ItemId": "cc_6_5",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -356,7 +356,7 @@
          "ItemId": "cc_6_6",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "ec2",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -372,7 +372,7 @@
          "ItemId": "cc_6_7",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "acm",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -388,7 +388,7 @@
          "ItemId": "cc_6_8",
          "Section": "CC6.0 - Logical and Physical Access",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -405,7 +405,7 @@
          "ItemId": "cc_7_1",
          "Section": "CC7.0 - System Operations",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -424,7 +424,7 @@
          "ItemId": "cc_7_2",
          "Section": "CC7.0 - System Operations",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -460,7 +460,7 @@
          "ItemId": "cc_7_3",
          "Section": "CC7.0 - System Operations",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -492,7 +492,7 @@
          "ItemId": "cc_7_4",
          "Section": "CC7.0 - System Operations",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -523,7 +523,7 @@
          "ItemId": "cc_7_5",
          "Section": "CC7.0 - System Operations",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -537,7 +537,7 @@
          "ItemId": "cc_8_1",
          "Section": "CC8.0 - Change Management",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -553,7 +553,7 @@
          "ItemId": "cc_9_1",
          "Section": "CC9.0 - Risk Mitigation",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -567,7 +567,7 @@
          "ItemId": "cc_9_2",
          "Section": "CC9.0 - Risk Mitigation",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -581,7 +581,7 @@
          "ItemId": "cc_a_1_1",
          "Section": "CCA1.0 - Additional Criterial for Availability",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -595,7 +595,7 @@
          "ItemId": "cc_a_1_2",
          "Section": "CCA1.0 - Additional Criterial for Availability",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -626,7 +626,7 @@
          "ItemId": "cc_a_1_3",
          "Section": "CCA1.0 - Additional Criterial for Availability",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -640,7 +640,7 @@
          "ItemId": "cc_c_1_1",
          "Section": "CCC1.0 - Additional Criterial for Confidentiality",
          "Service": "aws",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -656,7 +656,7 @@
          "ItemId": "cc_c_1_2",
          "Section": "CCC1.0 - Additional Criterial for Confidentiality",
          "Service": "s3",
-          "Soc_Type": "automated"
+          "Type": "automated"
        }
      ],
      "Checks": [
@@ -672,7 +672,7 @@
          "ItemId": "p_1_1",
          "Section": "P1.0 - Privacy Criteria Related to Notice and Communication of Objectives Related to Privacy",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -686,7 +686,7 @@
          "ItemId": "p_2_1",
          "Section": "P2.0 - Privacy Criteria Related to Choice and Consent",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -700,7 +700,7 @@
          "ItemId": "p_3_1",
          "Section": "P3.0 - Privacy Criteria Related to Collection",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -714,7 +714,7 @@
          "ItemId": "p_3_2",
          "Section": "P3.0 - Privacy Criteria Related to Collection",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -728,7 +728,7 @@
          "ItemId": "p_4_1",
          "Section": "P4.0 - Privacy Criteria Related to Use, Retention, and Disposal",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -742,7 +742,7 @@
          "ItemId": "p_4_2",
          "Section": "P4.0 - Privacy Criteria Related to Use, Retention, and Disposal",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -756,7 +756,7 @@
          "ItemId": "p_4_3",
          "Section": "P4.0 - Privacy Criteria Related to Use, Retention, and Disposal",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -770,7 +770,7 @@
          "ItemId": "p_5_1",
          "Section": "P5.0 - Privacy Criteria Related to Access",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -784,7 +784,7 @@
          "ItemId": "p_5_2",
          "Section": "P5.0 - Privacy Criteria Related to Access",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -798,7 +798,7 @@
          "ItemId": "p_6_1",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -812,7 +812,7 @@
          "ItemId": "p_6_2",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -826,7 +826,7 @@
          "ItemId": "p_6_3",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -840,7 +840,7 @@
          "ItemId": "p_6_4",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -854,7 +854,7 @@
          "ItemId": "p_6_5",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -868,7 +868,7 @@
          "ItemId": "p_6_6",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -882,7 +882,7 @@
          "ItemId": "p_6_7",
          "Section": "P6.0 - Privacy Criteria Related to Disclosure and Notification",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -896,7 +896,7 @@
          "ItemId": "p_7_1",
          "Section": "P7.0 - Privacy Criteria Related to Quality",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
@@ -910,7 +910,7 @@
          "ItemId": "p_8_1",
          "Section": "P8.0 - Privacy Criteria Related to Monitoring and Enforcement",
          "Service": "aws",
-          "Soc_Type": "manual"
+          "Type": "manual"
        }
      ],
      "Checks": []
--- a/prowler/compliance/azure/cis_2.0_azure.json
+++ b/prowler/compliance/azure/cis_2.0_azure.json
--- a/prowler/compliance/azure/cis_2.1_azure.json
+++ b/prowler/compliance/azure/cis_2.1_azure.json
--- a/prowler/config/aws_allowlist.yaml
+++ b/prowler/config/aws_allowlist.yaml
@@ -38,6 +38,9 @@ Allowlist:
            - "aws-controltower-ReadOnlyExecutionRole"
            - "AWSControlTower_VPCFlowLogsRole"
            - "AWSControlTowerExecution"
+            - "AWSAFTAdmin"
+            - "AWSAFTExecution"
+            - "AWSAFTService"
        "iam_policy_*":
          Regions:
            - "*"
--- a/prowler/config/config.py
+++ b/prowler/config/config.py
@@ -11,7 +11,7 @@ from prowler.lib.logger import logger

 timestamp = datetime.today()
 timestamp_utc = datetime.now(timezone.utc).replace(tzinfo=timezone.utc)
-prowler_version = "3.11.3"
+prowler_version = "3.15.3"
 html_logo_url = "https://github.com/prowler-cloud/prowler/"
 html_logo_img = "https://user-images.githubusercontent.com/3985464/113734260-7ba06900-96fb-11eb-82bc-d4f68a1e2710.png"
 square_logo_img = "https://user-images.githubusercontent.com/38561120/235905862-9ece5bd7-9aa3-4e48-807a-3a9035eb8bfb.png"
--- a/prowler/config/config.yaml
+++ b/prowler/config/config.yaml
@@ -89,6 +89,20 @@ aws:

 # Azure Configuration
 azure:
+  # Azure Network Configuration
+  # azure.network_public_ip_shodan
+  shodan_api_key: null
+
+  # Azure App Service
+  # azure.app_ensure_php_version_is_latest
+  php_latest_version: "8.2"
+  # azure.app_ensure_python_version_is_latest
+  python_latest_version: "3.12"
+  # azure.app_ensure_java_version_is_latest
+  java_latest_version: "17"

 # GCP Configuration
 gcp:
+  # GCP Compute Configuration
+  # gcp.compute_public_address_shodan
+  shodan_api_key: null
--- a/prowler/lib/banner.py
+++ b/prowler/lib/banner.py
@@ -4,7 +4,7 @@ from prowler.config.config import banner_color, orange_color, prowler_version, t


 def print_banner(args):
-    banner = f"""{banner_color}                         _
+    banner = rf"""{banner_color}                         _
 _ __  _ __ _____      _| | ___ _ __
 | '_ \| '__/ _ \ \ /\ / / |/ _ \ '__|
 | |_) | | | (_) \ V  V /| |  __/ |
--- a/prowler/lib/check/check.py
+++ b/prowler/lib/check/check.py
@@ -67,9 +67,9 @@ def bulk_load_compliance_frameworks(provider: str) -> dict:
                        # cis_v1.4_aws.json --> cis_v1.4_aws
                        compliance_framework_name = filename.split(".json")[0]
                        # Store the compliance info
-                        bulk_compliance_frameworks[
-                            compliance_framework_name
-                        ] = load_compliance_framework(file_path)
+                        bulk_compliance_frameworks[compliance_framework_name] = (
+                            load_compliance_framework(file_path)
+                        )
    except Exception as e:
        logger.error(f"{e.__class__.__name__}[{e.__traceback__.tb_lineno}] -- {e}")

@@ -217,7 +217,7 @@ def print_categories(categories: set):
    singular_string = f"\nThere is {Fore.YELLOW}{categories_num}{Style.RESET_ALL} available category.\n"

    message = plural_string if categories_num > 1 else singular_string
-    for category in categories:
+    for category in sorted(categories):
        print(f"- {category}")

    print(message)
@@ -246,7 +246,7 @@ def print_compliance_frameworks(
    singular_string = f"\nThere is {Fore.YELLOW}{frameworks_num}{Style.RESET_ALL} available Compliance Framework.\n"
    message = plural_string if frameworks_num > 1 else singular_string

-    for framework in bulk_compliance_frameworks.keys():
+    for framework in sorted(bulk_compliance_frameworks.keys()):
        print(f"- {framework}")

    print(message)
--- a/prowler/lib/check/checks_loader.py
+++ b/prowler/lib/check/checks_loader.py
@@ -32,19 +32,26 @@ def load_checks_to_execute(

        # First, loop over the bulk_checks_metadata to extract the needed subsets
        for check, metadata in bulk_checks_metadata.items():
-            # Aliases
-            for alias in metadata.CheckAliases:
-                check_aliases[alias] = check
+            try:
+                # Aliases
+                for alias in metadata.CheckAliases:
+                    if alias not in check_aliases:
+                        check_aliases[alias] = []
+                    check_aliases[alias].append(check)

-            # Severities
-            if metadata.Severity:
-                check_severities[metadata.Severity].append(check)
+                # Severities
+                if metadata.Severity:
+                    check_severities[metadata.Severity].append(check)

-            # Categories
-            for category in metadata.Categories:
-                if category not in check_categories:
-                    check_categories[category] = []
-                check_categories[category].append(check)
+                # Categories
+                for category in metadata.Categories:
+                    if category not in check_categories:
+                        check_categories[category] = []
+                    check_categories[category].append(check)
+            except Exception as error:
+                logger.error(
+                    f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}] -- {error}"
+                )

        # Handle if there are checks passed using -c/--checks
        if check_list:
@@ -103,6 +110,7 @@ def load_checks_to_execute(
        logger.error(
            f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}] -- {error}"
        )
+        return checks_to_execute


 def update_checks_to_execute_with_aliases(
@@ -110,15 +118,20 @@ def update_checks_to_execute_with_aliases(
 ) -> set:
    """update_checks_to_execute_with_aliases returns the checks_to_execute updated using the check aliases."""
    # Verify if any input check is an alias of another check
-    for input_check in checks_to_execute:
-        if (
-            input_check in check_aliases
-            and check_aliases[input_check] not in checks_to_execute
-        ):
-            # Remove input check name and add the real one
-            checks_to_execute.remove(input_check)
-            checks_to_execute.add(check_aliases[input_check])
-            print(
-                f"\nUsing alias {Fore.YELLOW}{input_check}{Style.RESET_ALL} for check {Fore.YELLOW}{check_aliases[input_check]}{Style.RESET_ALL}...\n"
-            )
-    return checks_to_execute
+    try:
+        new_checks_to_execute = checks_to_execute.copy()
+        for input_check in checks_to_execute:
+            if input_check in check_aliases:
+                # Remove input check name and add the real one
+                new_checks_to_execute.remove(input_check)
+                for alias in check_aliases[input_check]:
+                    if alias not in new_checks_to_execute:
+                        new_checks_to_execute.add(alias)
+                        print(
+                            f"\nUsing alias {Fore.YELLOW}{input_check}{Style.RESET_ALL} for check {Fore.YELLOW}{alias}{Style.RESET_ALL}..."
+                        )
+        return new_checks_to_execute
+    except Exception as error:
+        logger.error(
+            f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}] -- {error}"
+        )
--- a/prowler/lib/check/compliance.py
+++ b/prowler/lib/check/compliance.py
@@ -53,14 +53,14 @@ def update_checks_metadata_with_compliance(
                    check_compliance.append(compliance)
            # Create metadata for Manual Control
            manual_check_metadata = {
-                "Provider": "aws",
+                "Provider": framework.Provider.lower(),
                "CheckID": "manual_check",
                "CheckTitle": "Manual Check",
                "CheckType": [],
                "ServiceName": "",
                "SubServiceName": "",
                "ResourceIdTemplate": "",
-                "Severity": "",
+                "Severity": "low",
                "ResourceType": "",
                "Description": "",
                "Risk": "",
--- a/prowler/lib/check/compliance_models.py
+++ b/prowler/lib/check/compliance_models.py
@@ -52,12 +52,12 @@ class ENS_Requirement_Attribute(BaseModel):
 class Generic_Compliance_Requirement_Attribute(BaseModel):
    """Generic Compliance Requirement Attribute"""

-    ItemId: str
+    ItemId: Optional[str]
    Section: Optional[str]
    SubSection: Optional[str]
    SubGroup: Optional[str]
-    Service: str
-    Soc_Type: Optional[str]
+    Service: Optional[str]
+    Type: Optional[str]


 class CIS_Requirement_Attribute_Profile(str):
@@ -87,6 +87,7 @@ class CIS_Requirement_Attribute(BaseModel):
    RemediationProcedure: str
    AuditProcedure: str
    AdditionalInformation: str
+    DefaultValue: Optional[str]
    References: str


@@ -151,9 +152,9 @@ class Compliance_Requirement(BaseModel):
        Union[
            CIS_Requirement_Attribute,
            ENS_Requirement_Attribute,
-            Generic_Compliance_Requirement_Attribute,
            ISO27001_2013_Requirement_Attribute,
            AWS_Well_Architected_Requirement_Attribute,
+            Generic_Compliance_Requirement_Attribute,
        ]
    ]
    Checks: list[str]
--- a/prowler/lib/check/models.py
+++ b/prowler/lib/check/models.py
@@ -1,10 +1,12 @@
 import os
+import re
 import sys
 from abc import ABC, abstractmethod
 from dataclasses import dataclass

-from pydantic import BaseModel, ValidationError
+from pydantic import BaseModel, ValidationError, validator

+from prowler.config.config import valid_severities
 from prowler.lib.logger import logger


@@ -56,6 +58,29 @@ class Check_Metadata_Model(BaseModel):
    # store the compliance later if supplied
    Compliance: list = None

+    @validator("Categories", each_item=True, pre=True, always=True)
+    def valid_category(value):
+        if not isinstance(value, str):
+            raise ValueError("Categories must be a list of strings")
+        value_lower = value.lower()
+        if not re.match("^[a-z-]+$", value_lower):
+            raise ValueError(
+                f"Invalid category: {value}. Categories can only contain lowercase letters and hyphen '-'"
+            )
+        return value_lower
+
+    @validator("Severity", pre=True, always=True)
+    def severity_to_lower(severity):
+        return severity.lower()
+
+    @validator("Severity")
+    def valid_severity(severity):
+        if severity not in valid_severities:
+            raise ValueError(
+                f"Invalid severity: {severity}. Severity must be one of {', '.join(valid_severities)}"
+            )
+        return severity
+

 class Check(ABC, Check_Metadata_Model):
    """Prowler Check"""
--- a/prowler/lib/outputs/compliance.py
+++ b/prowler/lib/outputs/compliance.py
@@ -11,6 +11,7 @@ from prowler.lib.outputs.models import (
    Check_Output_CSV_AWS_CIS,
    Check_Output_CSV_AWS_ISO27001_2013,
    Check_Output_CSV_AWS_Well_Architected,
+    Check_Output_CSV_AZURE_CIS,
    Check_Output_CSV_ENS_RD2022,
    Check_Output_CSV_GCP_CIS,
    Check_Output_CSV_Generic_Compliance,
@@ -35,6 +36,7 @@ def add_manual_controls(output_options, audit_info, file_descriptors):
            manual_finding.region = ""
            manual_finding.location = ""
            manual_finding.project_id = ""
+            manual_finding.subscription = ""
            fill_compliance(
                output_options, manual_finding, audit_info, file_descriptors
            )
@@ -161,7 +163,36 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
                                csv_header = generate_csv_fields(
                                    Check_Output_CSV_GCP_CIS
                                )
-
+                            elif compliance.Provider == "Azure":
+                                compliance_row = Check_Output_CSV_AZURE_CIS(
+                                    Provider=finding.check_metadata.Provider,
+                                    Description=compliance.Description,
+                                    Subscription=finding.subscription,
+                                    AssessmentDate=outputs_unix_timestamp(
+                                        output_options.unix_timestamp, timestamp
+                                    ),
+                                    Requirements_Id=requirement_id,
+                                    Requirements_Description=requirement_description,
+                                    Requirements_Attributes_Section=attribute.Section,
+                                    Requirements_Attributes_Profile=attribute.Profile,
+                                    Requirements_Attributes_AssessmentStatus=attribute.AssessmentStatus,
+                                    Requirements_Attributes_Description=attribute.Description,
+                                    Requirements_Attributes_RationaleStatement=attribute.RationaleStatement,
+                                    Requirements_Attributes_ImpactStatement=attribute.ImpactStatement,
+                                    Requirements_Attributes_RemediationProcedure=attribute.RemediationProcedure,
+                                    Requirements_Attributes_AuditProcedure=attribute.AuditProcedure,
+                                    Requirements_Attributes_AdditionalInformation=attribute.AdditionalInformation,
+                                    Requirements_Attributes_DefaultValue=attribute.DefaultValue,
+                                    Requirements_Attributes_References=attribute.References,
+                                    Status=finding.status,
+                                    StatusExtended=finding.status_extended,
+                                    ResourceId=finding.resource_id,
+                                    ResourceName=finding.resource_name,
+                                    CheckId=finding.check_metadata.CheckID,
+                                )
+                                csv_header = generate_csv_fields(
+                                    Check_Output_CSV_AZURE_CIS
+                                )
            elif (
                "AWS-Well-Architected-Framework" in compliance.Framework
                and compliance.Provider == "AWS"
@@ -269,11 +300,19 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
                        attributes_categories = ""
                        attributes_values = ""
                        attributes_comments = ""
-                        for attribute in requirement.Attributes:
-                            attributes_aws_services += attribute.AWSService + "\n"
-                            attributes_categories += attribute.Category + "\n"
-                            attributes_values += attribute.Value + "\n"
-                            attributes_comments += attribute.Comment + "\n"
+                        attributes_aws_services = ", ".join(
+                            attribute.AWSService for attribute in requirement.Attributes
+                        )
+                        attributes_categories = ", ".join(
+                            attribute.Category for attribute in requirement.Attributes
+                        )
+                        attributes_values = ", ".join(
+                            attribute.Value for attribute in requirement.Attributes
+                        )
+                        attributes_comments = ", ".join(
+                            attribute.Comment for attribute in requirement.Attributes
+                        )
+
                        compliance_row = Check_Output_MITRE_ATTACK(
                            Provider=finding.check_metadata.Provider,
                            Description=compliance.Description,
@@ -330,7 +369,7 @@ def fill_compliance(output_options, finding, audit_info, file_descriptors):
                                Requirements_Attributes_SubSection=attribute.SubSection,
                                Requirements_Attributes_SubGroup=attribute.SubGroup,
                                Requirements_Attributes_Service=attribute.Service,
-                                Requirements_Attributes_Soc_Type=attribute.Soc_Type,
+                                Requirements_Attributes_Type=attribute.Type,
                                Status=finding.status,
                                StatusExtended=finding.status_extended,
                                ResourceId=finding.resource_id,
@@ -444,8 +483,8 @@ def display_compliance_table(
                )
                overview_table = [
                    [
-                        f"{Fore.RED}{round(fail_count/(fail_count+pass_count)*100, 2)}% ({fail_count}) NO CUMPLE{Style.RESET_ALL}",
-                        f"{Fore.GREEN}{round(pass_count/(fail_count+pass_count)*100, 2)}% ({pass_count}) CUMPLE{Style.RESET_ALL}",
+                        f"{Fore.RED}{round(fail_count / (fail_count + pass_count) * 100, 2)}% ({fail_count}) NO CUMPLE{Style.RESET_ALL}",
+                        f"{Fore.GREEN}{round(pass_count / (fail_count + pass_count) * 100, 2)}% ({pass_count}) CUMPLE{Style.RESET_ALL}",
                    ]
                ]
                print(tabulate(overview_table, tablefmt="rounded_grid"))
@@ -539,8 +578,8 @@ def display_compliance_table(
                )
                overview_table = [
                    [
-                        f"{Fore.RED}{round(fail_count/(fail_count+pass_count)*100, 2)}% ({fail_count}) FAIL{Style.RESET_ALL}",
-                        f"{Fore.GREEN}{round(pass_count/(fail_count+pass_count)*100, 2)}% ({pass_count}) PASS{Style.RESET_ALL}",
+                        f"{Fore.RED}{round(fail_count / (fail_count + pass_count) * 100, 2)}% ({fail_count}) FAIL{Style.RESET_ALL}",
+                        f"{Fore.GREEN}{round(pass_count / (fail_count + pass_count) * 100, 2)}% ({pass_count}) PASS{Style.RESET_ALL}",
                    ]
                ]
                print(tabulate(overview_table, tablefmt="rounded_grid"))
@@ -610,8 +649,8 @@ def display_compliance_table(
                )
                overview_table = [
                    [
-                        f"{Fore.RED}{round(fail_count/(fail_count+pass_count)*100, 2)}% ({fail_count}) FAIL{Style.RESET_ALL}",
-                        f"{Fore.GREEN}{round(pass_count/(fail_count+pass_count)*100, 2)}% ({pass_count}) PASS{Style.RESET_ALL}",
+                        f"{Fore.RED}{round(fail_count / (fail_count + pass_count) * 100, 2)}% ({fail_count}) FAIL{Style.RESET_ALL}",
+                        f"{Fore.GREEN}{round(pass_count / (fail_count + pass_count) * 100, 2)}% ({pass_count}) PASS{Style.RESET_ALL}",
                    ]
                ]
                print(tabulate(overview_table, tablefmt="rounded_grid"))
--- a/prowler/lib/outputs/file_descriptors.py
+++ b/prowler/lib/outputs/file_descriptors.py
@@ -15,6 +15,7 @@ from prowler.lib.outputs.models import (
    Check_Output_CSV_AWS_CIS,
    Check_Output_CSV_AWS_ISO27001_2013,
    Check_Output_CSV_AWS_Well_Architected,
+    Check_Output_CSV_AZURE_CIS,
    Check_Output_CSV_ENS_RD2022,
    Check_Output_CSV_GCP_CIS,
    Check_Output_CSV_Generic_Compliance,
@@ -23,6 +24,7 @@ from prowler.lib.outputs.models import (
 )
 from prowler.lib.utils.utils import file_exists, open_file
 from prowler.providers.aws.lib.audit_info.models import AWS_Audit_Info
+from prowler.providers.azure.lib.audit_info.models import Azure_Audit_Info
 from prowler.providers.common.outputs import get_provider_output_model
 from prowler.providers.gcp.lib.audit_info.models import GCP_Audit_Info

@@ -107,13 +109,22 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit
                    file_descriptors.update({output_mode: file_descriptor})

                elif isinstance(audit_info, GCP_Audit_Info):
-                    if output_mode == "cis_2.0_gcp":
-                        filename = f"{output_directory}/{output_filename}_cis_2.0_gcp{csv_file_suffix}"
+                    filename = f"{output_directory}/{output_filename}_{output_mode}{csv_file_suffix}"
+                    if "cis_" in output_mode:
                        file_descriptor = initialize_file_descriptor(
                            filename, output_mode, audit_info, Check_Output_CSV_GCP_CIS
                        )
                        file_descriptors.update({output_mode: file_descriptor})
-
+                elif isinstance(audit_info, Azure_Audit_Info):
+                    filename = f"{output_directory}/{output_filename}_{output_mode}{csv_file_suffix}"
+                    if "cis_" in output_mode:
+                        file_descriptor = initialize_file_descriptor(
+                            filename,
+                            output_mode,
+                            audit_info,
+                            Check_Output_CSV_AZURE_CIS,
+                        )
+                        file_descriptors.update({output_mode: file_descriptor})
                elif isinstance(audit_info, AWS_Audit_Info):
                    if output_mode == "json-asff":
                        filename = f"{output_directory}/{output_filename}{json_asff_file_suffix}"
@@ -121,87 +132,62 @@ def fill_file_descriptors(output_modes, output_directory, output_filename, audit
                            filename, output_mode, audit_info
                        )
                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif output_mode == "ens_rd2022_aws":
-                        filename = f"{output_directory}/{output_filename}_ens_rd2022_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_CSV_ENS_RD2022,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif output_mode == "cis_1.5_aws":
-                        filename = f"{output_directory}/{output_filename}_cis_1.5_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename, output_mode, audit_info, Check_Output_CSV_AWS_CIS
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif output_mode == "cis_1.4_aws":
-                        filename = f"{output_directory}/{output_filename}_cis_1.4_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename, output_mode, audit_info, Check_Output_CSV_AWS_CIS
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif (
-                        output_mode
-                        == "aws_well_architected_framework_security_pillar_aws"
-                    ):
-                        filename = f"{output_directory}/{output_filename}_aws_well_architected_framework_security_pillar_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_CSV_AWS_Well_Architected,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif (
-                        output_mode
-                        == "aws_well_architected_framework_reliability_pillar_aws"
-                    ):
-                        filename = f"{output_directory}/{output_filename}_aws_well_architected_framework_reliability_pillar_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_CSV_AWS_Well_Architected,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif output_mode == "iso27001_2013_aws":
-                        filename = f"{output_directory}/{output_filename}_iso27001_2013_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_CSV_AWS_ISO27001_2013,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    elif output_mode == "mitre_attack_aws":
-                        filename = f"{output_directory}/{output_filename}_mitre_attack_aws{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_MITRE_ATTACK,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
-
-                    else:
-                        # Generic Compliance framework
+                    else:  # Compliance frameworks
                        filename = f"{output_directory}/{output_filename}_{output_mode}{csv_file_suffix}"
-                        file_descriptor = initialize_file_descriptor(
-                            filename,
-                            output_mode,
-                            audit_info,
-                            Check_Output_CSV_Generic_Compliance,
-                        )
-                        file_descriptors.update({output_mode: file_descriptor})
+                        if output_mode == "ens_rd2022_aws":
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_CSV_ENS_RD2022,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})
+
+                        elif "cis_" in output_mode:
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_CSV_AWS_CIS,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})
+
+                        elif "aws_well_architected_framework" in output_mode:
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_CSV_AWS_Well_Architected,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})
+
+                        elif output_mode == "iso27001_2013_aws":
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_CSV_AWS_ISO27001_2013,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})
+
+                        elif output_mode == "mitre_attack_aws":
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_MITRE_ATTACK,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})
+
+                        else:
+                            # Generic Compliance framework
+                            file_descriptor = initialize_file_descriptor(
+                                filename,
+                                output_mode,
+                                audit_info,
+                                Check_Output_CSV_Generic_Compliance,
+                            )
+                            file_descriptors.update({output_mode: file_descriptor})

    except Exception as error:
        logger.error(
--- a/prowler/lib/outputs/json.py
+++ b/prowler/lib/outputs/json.py
@@ -51,9 +51,9 @@ def fill_json_asff(finding_output, audit_info, finding, output_options):
        finding_output.GeneratorId = "prowler-" + finding.check_metadata.CheckID
        finding_output.AwsAccountId = audit_info.audited_account
        finding_output.Types = finding.check_metadata.CheckType
-        finding_output.FirstObservedAt = (
-            finding_output.UpdatedAt
-        ) = finding_output.CreatedAt = timestamp_utc.strftime("%Y-%m-%dT%H:%M:%SZ")
+        finding_output.FirstObservedAt = finding_output.UpdatedAt = (
+            finding_output.CreatedAt
+        ) = timestamp_utc.strftime("%Y-%m-%dT%H:%M:%SZ")
        finding_output.Severity = Severity(
            Label=finding.check_metadata.Severity.upper()
        )
@@ -100,7 +100,17 @@ def fill_json_asff(finding_output, audit_info, finding, output_options):
        if not finding.check_metadata.Remediation.Recommendation.Url:
            finding.check_metadata.Remediation.Recommendation.Url = "https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html"
        finding_output.Remediation = {
-            "Recommendation": finding.check_metadata.Remediation.Recommendation
+            "Recommendation": {
+                "Text": (
+                    (
+                        finding.check_metadata.Remediation.Recommendation.Text[:509]
+                        + "..."
+                    )
+                    if len(finding.check_metadata.Remediation.Recommendation.Text) > 512
+                    else finding.check_metadata.Remediation.Recommendation.Text
+                ),
+                "Url": finding.check_metadata.Remediation.Recommendation.Url,
+            }
        }

        return finding_output
--- a/prowler/lib/outputs/models.py
+++ b/prowler/lib/outputs/models.py
@@ -55,9 +55,9 @@ def generate_provider_output_csv(
            data["resource_name"] = finding.resource_name
            data["subscription"] = finding.subscription
            data["tenant_domain"] = audit_info.identity.domain
-            data[
-                "finding_unique_id"
-            ] = f"prowler-{provider}-{finding.check_metadata.CheckID}-{finding.subscription}-{finding.resource_id}"
+            data["finding_unique_id"] = (
+                f"prowler-{provider}-{finding.check_metadata.CheckID}-{finding.subscription}-{finding.resource_id}"
+            )
            data["compliance"] = unroll_dict(
                get_check_compliance(finding, provider, output_options)
            )
@@ -68,9 +68,9 @@ def generate_provider_output_csv(
            data["resource_name"] = finding.resource_name
            data["project_id"] = finding.project_id
            data["location"] = finding.location.lower()
-            data[
-                "finding_unique_id"
-            ] = f"prowler-{provider}-{finding.check_metadata.CheckID}-{finding.project_id}-{finding.resource_id}"
+            data["finding_unique_id"] = (
+                f"prowler-{provider}-{finding.check_metadata.CheckID}-{finding.project_id}-{finding.resource_id}"
+            )
            data["compliance"] = unroll_dict(
                get_check_compliance(finding, provider, output_options)
            )
@@ -82,9 +82,9 @@ def generate_provider_output_csv(
            data["region"] = finding.region
            data["resource_id"] = finding.resource_id
            data["resource_arn"] = finding.resource_arn
-            data[
-                "finding_unique_id"
-            ] = f"prowler-{provider}-{finding.check_metadata.CheckID}-{audit_info.audited_account}-{finding.region}-{finding.resource_id}"
+            data["finding_unique_id"] = (
+                f"prowler-{provider}-{finding.check_metadata.CheckID}-{audit_info.audited_account}-{finding.region}-{finding.resource_id}"
+            )
            data["compliance"] = unroll_dict(
                get_check_compliance(finding, provider, output_options)
            )
@@ -599,6 +599,35 @@ class Check_Output_CSV_GCP_CIS(BaseModel):
    CheckId: str


+class Check_Output_CSV_AZURE_CIS(BaseModel):
+    """
+    Check_Output_CSV_CIS generates a finding's output in CSV CIS format.
+    """
+
+    Provider: str
+    Description: str
+    Subscription: str
+    AssessmentDate: str
+    Requirements_Id: str
+    Requirements_Description: str
+    Requirements_Attributes_Section: str
+    Requirements_Attributes_Profile: str
+    Requirements_Attributes_AssessmentStatus: str
+    Requirements_Attributes_Description: str
+    Requirements_Attributes_RationaleStatement: str
+    Requirements_Attributes_ImpactStatement: str
+    Requirements_Attributes_RemediationProcedure: str
+    Requirements_Attributes_AuditProcedure: str
+    Requirements_Attributes_AdditionalInformation: str
+    Requirements_Attributes_DefaultValue: str
+    Requirements_Attributes_References: str
+    Status: str
+    StatusExtended: str
+    ResourceId: str
+    ResourceName: str
+    CheckId: str
+
+
 class Check_Output_CSV_Generic_Compliance(BaseModel):
    """
    Check_Output_CSV_Generic_Compliance generates a finding's output in CSV Generic Compliance format.
@@ -614,8 +643,8 @@ class Check_Output_CSV_Generic_Compliance(BaseModel):
    Requirements_Attributes_Section: Optional[str]
    Requirements_Attributes_SubSection: Optional[str]
    Requirements_Attributes_SubGroup: Optional[str]
-    Requirements_Attributes_Service: str
-    Requirements_Attributes_Soc_Type: Optional[str]
+    Requirements_Attributes_Service: Optional[str]
+    Requirements_Attributes_Type: Optional[str]
    Status: str
    StatusExtended: str
    ResourceId: str
--- a/prowler/lib/outputs/slack.py
+++ b/prowler/lib/outputs/slack.py
@@ -66,14 +66,14 @@ def create_message_blocks(identity, logo, stats):
                "type": "section",
                "text": {
                    "type": "mrkdwn",
-                    "text": f"\n:white_check_mark: *{stats['total_pass']} Passed findings* ({round(stats['total_pass']/stats['findings_count']*100,2)}%)\n",
+                    "text": f"\n:white_check_mark: *{stats['total_pass']} Passed findings* ({round(stats['total_pass'] / stats['findings_count'] * 100 , 2)}%)\n",
                },
            },
            {
                "type": "section",
                "text": {
                    "type": "mrkdwn",
-                    "text": f"\n:x: *{stats['total_fail']} Failed findings* ({round(stats['total_fail']/stats['findings_count']*100,2)}%)\n ",
+                    "text": f"\n:x: *{stats['total_fail']} Failed findings* ({round(stats['total_fail'] / stats['findings_count'] * 100 , 2)}%)\n ",
                },
            },
            {
--- a/prowler/lib/outputs/summary_table.py
+++ b/prowler/lib/outputs/summary_table.py
@@ -96,8 +96,8 @@ def display_summary_table(
            print("\nOverview Results:")
            overview_table = [
                [
-                    f"{Fore.RED}{round(fail_count/len(findings)*100, 2)}% ({fail_count}) Failed{Style.RESET_ALL}",
-                    f"{Fore.GREEN}{round(pass_count/len(findings)*100, 2)}% ({pass_count}) Passed{Style.RESET_ALL}",
+                    f"{Fore.RED}{round(fail_count / len(findings) * 100, 2)}% ({fail_count}) Failed{Style.RESET_ALL}",
+                    f"{Fore.GREEN}{round(pass_count / len(findings) * 100, 2)}% ({pass_count}) Passed{Style.RESET_ALL}",
                ]
            ]
            print(tabulate(overview_table, tablefmt="rounded_grid"))
--- a/prowler/providers/aws/aws_provider.py
+++ b/prowler/providers/aws/aws_provider.py
@@ -33,6 +33,9 @@ class AWS_Provider:
            # If we receive a credentials object filled is coming form an assumed role, so renewal is needed
            if audit_info.credentials:
                logger.info("Creating session for assumed role ...")
+                # FIXME: Boto3 returns the timestamp in UTC and the local TZ could be different so the expiration time could not work as expected
+                # PRWLR-3305
+
                # From botocore we can use RefreshableCredentials class, which has an attribute (refresh_using)
                # that needs to be a method without arguments that retrieves a new set of fresh credentials
                # asuming the role again. -> https://github.com/boto/botocore/blob/098cc255f81a25b852e1ecdeb7adebd94c7b1b73/botocore/credentials.py#L395
--- a/prowler/providers/aws/aws_regions_by_service.json
+++ b/prowler/providers/aws/aws_regions_by_service.json
@@ -139,6 +139,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -233,6 +234,7 @@
          "ap-east-1",
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
@@ -259,6 +261,7 @@
        "aws": [
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
@@ -285,6 +288,7 @@
        "aws": [
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
@@ -400,6 +404,7 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -720,6 +725,7 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
          "eu-central-2",
@@ -729,6 +735,7 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "il-central-1",
          "me-central-1",
          "me-south-1",
          "sa-east-1",
@@ -864,6 +871,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -1097,6 +1105,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -1246,6 +1255,7 @@
          "ap-northeast-1",
          "ap-southeast-1",
          "eu-central-1",
+          "eu-west-3",
          "us-east-1",
          "us-west-2"
        ],
@@ -1409,8 +1419,14 @@
    "chime-sdk-media-pipelines": {
      "regions": {
        "aws": [
+          "ap-northeast-1",
+          "ap-northeast-2",
+          "ap-south-1",
          "ap-southeast-1",
+          "ap-southeast-2",
+          "ca-central-1",
          "eu-central-1",
+          "eu-west-2",
          "us-east-1",
          "us-west-2"
        ],
@@ -1879,7 +1895,9 @@
    },
    "cloudtrail-data": {
      "regions": {
-        "aws": [],
+        "aws": [
+          "me-central-1"
+        ],
        "aws-cn": [],
        "aws-us-gov": []
      }
@@ -2234,6 +2252,15 @@
        "aws-us-gov": []
      }
    },
+    "codewhisperer": {
+      "regions": {
+        "aws": [
+          "us-east-1"
+        ],
+        "aws-cn": [],
+        "aws-us-gov": []
+      }
+    },
    "cognito": {
      "regions": {
        "aws": [
@@ -2245,14 +2272,17 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
          "il-central-1",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -2277,14 +2307,17 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
          "il-central-1",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -2311,14 +2344,17 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
          "il-central-1",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -2761,12 +2797,14 @@
      "regions": {
        "aws": [
          "ap-northeast-1",
+          "ap-northeast-2",
          "ap-southeast-1",
          "ap-southeast-2",
          "ca-central-1",
          "eu-central-1",
          "eu-north-1",
          "eu-west-1",
+          "eu-west-2",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -2800,20 +2838,25 @@
        "aws-us-gov": []
      }
    },
-    "deepcomposer": {
+    "deadline-cloud": {
      "regions": {
        "aws": [
-          "us-east-1"
+          "ap-northeast-1",
+          "ap-southeast-1",
+          "ap-southeast-2",
+          "eu-central-1",
+          "eu-west-1",
+          "us-east-1",
+          "us-east-2",
+          "us-west-2"
        ],
        "aws-cn": [],
        "aws-us-gov": []
      }
    },
-    "deeplens": {
+    "deepcomposer": {
      "regions": {
        "aws": [
-          "ap-northeast-1",
-          "eu-central-1",
          "us-east-1"
        ],
        "aws-cn": [],
@@ -3054,6 +3097,7 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "me-central-1",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -3434,6 +3478,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -3796,6 +3841,7 @@
          "eu-central-1",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
@@ -3833,6 +3879,7 @@
          "eu-central-1",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
@@ -3848,7 +3895,10 @@
          "cn-north-1",
          "cn-northwest-1"
        ],
-        "aws-us-gov": []
+        "aws-us-gov": [
+          "us-gov-east-1",
+          "us-gov-west-1"
+        ]
      }
    },
    "entityresolution": {
@@ -4431,23 +4481,42 @@
    "fsx-openzfs": {
      "regions": {
        "aws": [
+          "af-south-1",
          "ap-east-1",
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
+          "ap-southeast-3",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
+          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
+          "eu-west-3",
+          "il-central-1",
+          "me-central-1",
+          "me-south-1",
+          "sa-east-1",
          "us-east-1",
          "us-east-2",
+          "us-west-1",
          "us-west-2"
        ],
-        "aws-cn": [],
-        "aws-us-gov": []
+        "aws-cn": [
+          "cn-north-1",
+          "cn-northwest-1"
+        ],
+        "aws-us-gov": [
+          "us-gov-east-1",
+          "us-gov-west-1"
+        ]
      }
    },
    "fsx-windows": {
@@ -4611,6 +4680,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -4716,6 +4786,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -4822,6 +4893,7 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
          "eu-central-2",
@@ -4831,6 +4903,7 @@
          "eu-west-2",
          "eu-west-3",
          "il-central-1",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -4857,6 +4930,7 @@
          "ap-northeast-2",
          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
@@ -4866,6 +4940,7 @@
          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
@@ -5031,7 +5106,10 @@
          "us-west-1",
          "us-west-2"
        ],
-        "aws-cn": [],
+        "aws-cn": [
+          "cn-north-1",
+          "cn-northwest-1"
+        ],
        "aws-us-gov": [
          "us-gov-east-1",
          "us-gov-west-1"
@@ -5416,7 +5494,9 @@
          "us-east-1",
          "us-west-2"
        ],
-        "aws-cn": [],
+        "aws-cn": [
+          "cn-north-1"
+        ],
        "aws-us-gov": [
          "us-gov-west-1"
        ]
@@ -5643,6 +5723,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -5754,6 +5835,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -5837,10 +5919,13 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
@@ -5875,10 +5960,13 @@
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
@@ -5934,7 +6022,9 @@
          "us-west-2"
        ],
        "aws-cn": [],
-        "aws-us-gov": []
+        "aws-us-gov": [
+          "us-gov-west-1"
+        ]
      }
    },
    "lexv2-models": {
@@ -5953,7 +6043,9 @@
          "us-west-2"
        ],
        "aws-cn": [],
-        "aws-us-gov": []
+        "aws-us-gov": [
+          "us-gov-west-1"
+        ]
      }
    },
    "license-manager": {
@@ -6225,9 +6317,11 @@
          "eu-central-1",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "il-central-1",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -6516,6 +6610,7 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "me-central-1",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -6537,6 +6632,7 @@
          "ap-northeast-2",
          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-4",
@@ -6546,6 +6642,7 @@
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
+          "me-central-1",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -6612,9 +6709,12 @@
        "aws": [
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
+          "ap-southeast-4",
+          "ca-central-1",
          "eu-central-1",
          "eu-north-1",
          "eu-west-1",
@@ -6672,6 +6772,7 @@
          "ap-northeast-2",
          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-4",
@@ -6680,6 +6781,7 @@
          "eu-north-1",
          "eu-west-1",
          "eu-west-3",
+          "me-central-1",
          "sa-east-1",
          "us-east-1",
          "us-east-2",
@@ -6983,6 +7085,7 @@
          "ap-east-1",
          "ap-northeast-1",
          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
@@ -7011,6 +7114,22 @@
        ]
      }
    },
+    "neptune-graph": {
+      "regions": {
+        "aws": [
+          "ap-northeast-1",
+          "ap-southeast-1",
+          "eu-central-1",
+          "eu-west-1",
+          "eu-west-2",
+          "us-east-1",
+          "us-east-2",
+          "us-west-2"
+        ],
+        "aws-cn": [],
+        "aws-us-gov": []
+      }
+    },
    "network-firewall": {
      "regions": {
        "aws": [
@@ -7043,7 +7162,10 @@
          "us-west-1",
          "us-west-2"
        ],
-        "aws-cn": [],
+        "aws-cn": [
+          "cn-north-1",
+          "cn-northwest-1"
+        ],
        "aws-us-gov": [
          "us-gov-east-1",
          "us-gov-west-1"
@@ -7061,6 +7183,7 @@
          "ap-south-1",
          "ap-southeast-1",
          "ap-southeast-2",
+          "ap-southeast-3",
          "ca-central-1",
          "eu-central-1",
          "eu-north-1",
@@ -7082,6 +7205,32 @@
        ]
      }
    },
+    "networkmonitor": {
+      "regions": {
+        "aws": [
+          "ap-east-1",
+          "ap-northeast-1",
+          "ap-northeast-2",
+          "ap-south-1",
+          "ap-southeast-1",
+          "ap-southeast-2",
+          "ca-central-1",
+          "eu-central-1",
+          "eu-north-1",
+          "eu-west-1",
+          "eu-west-2",
+          "eu-west-3",
+          "me-south-1",
+          "sa-east-1",
+          "us-east-1",
+          "us-east-2",
+          "us-west-1",
+          "us-west-2"
+        ],
+        "aws-cn": [],
+        "aws-us-gov": []
+      }
+    },
    "nimble": {
      "regions": {
        "aws": [
@@ -7378,8 +7527,10 @@
          "ap-southeast-2",
          "ca-central-1",
          "eu-central-1",
+          "eu-north-1",
          "eu-west-1",
          "eu-west-2",
+          "sa-east-1",
          "us-east-1",
          "us-east-2",
          "us-west-1",
@@ -7442,6 +7593,7 @@
      "regions": {
        "aws": [
          "us-east-1",
+          "us-east-2",
          "us-west-2"
        ],
        "aws-cn": [],
@@ -7600,19 +7752,37 @@
    "pinpoint-sms-voice-v2": {
      "regions": {
        "aws": [
+          "af-south-1",
          "ap-northeast-1",
+          "ap-northeast-2",
+          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
+          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
+          "eu-central-2",
+          "eu-north-1",
+          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
+          "eu-west-3",
+          "il-central-1",
+          "me-central-1",
+          "me-south-1",
+          "sa-east-1",
          "us-east-1",
+          "us-east-2",
+          "us-west-1",
          "us-west-2"
        ],
        "aws-cn": [],
        "aws-us-gov": [
+          "us-gov-east-1",
          "us-gov-west-1"
        ]
      }
@@ -7829,7 +7999,9 @@
          "us-east-2",
          "us-west-2"
        ],
-        "aws-cn": [],
+        "aws-cn": [
+          "cn-north-1"
+        ],
        "aws-us-gov": [
          "us-gov-west-1"
        ]
@@ -8087,7 +8259,10 @@
          "ap-south-1",
          "ca-central-1",
          "eu-west-3",
-          "us-west-1"
+          "us-east-1",
+          "us-east-2",
+          "us-west-1",
+          "us-west-2"
        ],
        "aws-cn": [
          "cn-north-1"
@@ -8305,6 +8480,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -8363,7 +8539,10 @@
          "us-west-2"
        ],
        "aws-cn": [],
-        "aws-us-gov": []
+        "aws-us-gov": [
+          "us-gov-east-1",
+          "us-gov-west-1"
+        ]
      }
    },
    "route53": {
@@ -8406,49 +8585,6 @@
        "aws-us-gov": []
      }
    },
-    "route53-application-recovery-controller": {
-      "regions": {
-        "aws": [
-          "af-south-1",
-          "ap-east-1",
-          "ap-northeast-1",
-          "ap-northeast-2",
-          "ap-northeast-3",
-          "ap-south-1",
-          "ap-south-2",
-          "ap-southeast-1",
-          "ap-southeast-2",
-          "ap-southeast-3",
-          "ap-southeast-4",
-          "ca-central-1",
-          "ca-west-1",
-          "eu-central-1",
-          "eu-central-2",
-          "eu-north-1",
-          "eu-south-1",
-          "eu-south-2",
-          "eu-west-1",
-          "eu-west-2",
-          "eu-west-3",
-          "il-central-1",
-          "me-central-1",
-          "me-south-1",
-          "sa-east-1",
-          "us-east-1",
-          "us-east-2",
-          "us-west-1",
-          "us-west-2"
-        ],
-        "aws-cn": [
-          "cn-north-1",
-          "cn-northwest-1"
-        ],
-        "aws-us-gov": [
-          "us-gov-east-1",
-          "us-gov-west-1"
-        ]
-      }
-    },
    "route53-recovery-readiness": {
      "regions": {
        "aws": [
@@ -8823,6 +8959,7 @@
          "ap-southeast-3",
          "ap-southeast-4",
          "ca-central-1",
+          "ca-west-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
@@ -9344,7 +9481,10 @@
          "cn-north-1",
          "cn-northwest-1"
        ],
-        "aws-us-gov": []
+        "aws-us-gov": [
+          "us-gov-east-1",
+          "us-gov-west-1"
+        ]
      }
    },
    "simspaceweaver": {
@@ -9708,18 +9848,22 @@
          "ap-northeast-2",
          "ap-northeast-3",
          "ap-south-1",
+          "ap-south-2",
          "ap-southeast-1",
          "ap-southeast-2",
          "ap-southeast-3",
+          "ap-southeast-4",
          "ca-central-1",
          "eu-central-1",
          "eu-central-2",
          "eu-north-1",
          "eu-south-1",
+          "eu-south-2",
          "eu-west-1",
          "eu-west-2",
          "eu-west-3",
          "il-central-1",
+          "me-central-1",
          "me-south-1",
          "sa-east-1",
          "us-east-1",
@@ -9868,7 +10012,6 @@
    "support": {
      "regions": {
        "aws": [
-          "af-south-1",
          "ap-east-1",
          "ap-northeast-1",
          "ap-northeast-2",
@@ -10626,19 +10769,6 @@
        ]
      }
    },
-    "wam": {
-      "regions": {
-        "aws": [
-          "ap-southeast-1",
-          "ap-southeast-2",
-          "eu-west-1",
-          "us-east-1",
-          "us-west-2"
-        ],
-        "aws-cn": [],
-        "aws-us-gov": []
-      }
-    },
    "wellarchitected": {
      "regions": {
        "aws": [
@@ -10716,7 +10846,10 @@
      "regions": {
        "aws": [
          "ap-northeast-1",
+          "ap-northeast-2",
+          "ap-southeast-1",
          "ap-southeast-2",
+          "ca-central-1",
          "eu-central-1",
          "eu-west-2",
          "us-east-1",
--- a/prowler/providers/aws/lib/allowlist/allowlist.py
+++ b/prowler/providers/aws/lib/allowlist/allowlist.py
@@ -199,7 +199,11 @@ def is_allowlisted_in_check(

            allowlisted_regions = allowlisted_check_info.get("Regions")
            allowlisted_resources = allowlisted_check_info.get("Resources")
-            allowlisted_tags = allowlisted_check_info.get("Tags")
+            allowlisted_tags = allowlisted_check_info.get("Tags", "*")
+            # We need to set the allowlisted_tags if None, "" or [], so the falsy helps
+            if not allowlisted_tags:
+                allowlisted_tags = "*"
+
            # If there is a *, it affects to all checks
            if (
                "*" == allowlisted_check
@@ -220,13 +224,15 @@ def is_allowlisted_in_check(
                # For a finding to be allowlisted requires the following set to True:
                # - allowlisted_in_check -> True
                # - allowlisted_in_region -> True
-                # - allowlisted_in_tags -> True or allowlisted_in_resource -> True
+                # - allowlisted_in_tags -> True
+                # - allowlisted_in_resource -> True
                # - excepted -> False

                if (
                    allowlisted_in_check
                    and allowlisted_in_region
-                    and (allowlisted_in_tags or allowlisted_in_resource)
+                    and allowlisted_in_tags
+                    and allowlisted_in_resource
                ):
                    is_check_allowlisted = True

@@ -304,6 +310,13 @@ def is_excepted(
            is_tag_excepted = __is_item_matched__(excepted_tags, finding_tags)

            if (
+                not is_account_excepted
+                and not is_region_excepted
+                and not is_resource_excepted
+                and not is_tag_excepted
+            ):
+                excepted = False
+            elif (
                (is_account_excepted or not excepted_accounts)
                and (is_region_excepted or not excepted_regions)
                and (is_resource_excepted or not excepted_resources)
--- a/prowler/providers/aws/lib/credentials/credentials.py
+++ b/prowler/providers/aws/lib/credentials/credentials.py
@@ -69,6 +69,9 @@ Caller Identity ARN: {Fore.YELLOW}[{audit_info.audited_identity_arn}]{Style.RESE
 def create_sts_session(
    session: session.Session, aws_region: str
 ) -> session.Session.client:
-    return session.client(
-        "sts", aws_region, endpoint_url=f"https://sts.{aws_region}.amazonaws.com"
+    sts_endpoint_url = (
+        f"https://sts.{aws_region}.amazonaws.com"
+        if "cn-" not in aws_region
+        else f"https://sts.{aws_region}.amazonaws.com.cn"
    )
+    return session.client("sts", aws_region, endpoint_url=sts_endpoint_url)
--- a/prowler/providers/aws/lib/organizations/organizations.py
+++ b/prowler/providers/aws/lib/organizations/organizations.py
@@ -1,40 +1,61 @@
-import sys
-
-from boto3 import client
+from boto3 import client, session

 from prowler.lib.logger import logger
 from prowler.providers.aws.lib.audit_info.models import AWS_Organizations_Info


 def get_organizations_metadata(
-    metadata_account: str, assumed_credentials: dict
-) -> AWS_Organizations_Info:
+    aws_account_id: str,
+    assumed_credentials: dict = None,
+    session: session = None,
+) -> tuple[dict, dict]:
    try:
-        organizations_client = client(
-            "organizations",
-            aws_access_key_id=assumed_credentials["Credentials"]["AccessKeyId"],
-            aws_secret_access_key=assumed_credentials["Credentials"]["SecretAccessKey"],
-            aws_session_token=assumed_credentials["Credentials"]["SessionToken"],
-        )
+        if assumed_credentials:
+            organizations_client = client(
+                "organizations",
+                aws_access_key_id=assumed_credentials["Credentials"]["AccessKeyId"],
+                aws_secret_access_key=assumed_credentials["Credentials"][
+                    "SecretAccessKey"
+                ],
+                aws_session_token=assumed_credentials["Credentials"]["SessionToken"],
+            )
+        if session:
+            organizations_client = session.client("organizations")
+        else:
+            organizations_client = client("organizations")
+
        organizations_metadata = organizations_client.describe_account(
-            AccountId=metadata_account
+            AccountId=aws_account_id
        )
        list_tags_for_resource = organizations_client.list_tags_for_resource(
-            ResourceId=metadata_account
+            ResourceId=aws_account_id
        )
+
+        return organizations_metadata, list_tags_for_resource
    except Exception as error:
-        logger.critical(f"{error.__class__.__name__} -- {error}")
-        sys.exit(1)
-    else:
+        logger.warning(
+            f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+        )
+        return {}, {}
+
+
+def parse_organizations_metadata(metadata: dict, tags: dict) -> AWS_Organizations_Info:
+    try:
        # Convert Tags dictionary to String
        account_details_tags = ""
-        for tag in list_tags_for_resource["Tags"]:
+        for tag in tags.get("Tags", {}):
            account_details_tags += tag["Key"] + ":" + tag["Value"] + ","
+
+        account_details = metadata.get("Account", {})
        organizations_info = AWS_Organizations_Info(
-            account_details_email=organizations_metadata["Account"]["Email"],
-            account_details_name=organizations_metadata["Account"]["Name"],
-            account_details_arn=organizations_metadata["Account"]["Arn"],
-            account_details_org=organizations_metadata["Account"]["Arn"].split("/")[1],
-            account_details_tags=account_details_tags,
+            account_details_email=account_details.get("Email", ""),
+            account_details_name=account_details.get("Name", ""),
+            account_details_arn=account_details.get("Arn", ""),
+            account_details_org=account_details.get("Arn", "").split("/")[1],
+            account_details_tags=account_details_tags.rstrip(","),
        )
        return organizations_info
+    except Exception as error:
+        logger.warning(
+            f"{error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+        )
--- a/prowler/providers/aws/lib/quick_inventory/quick_inventory.py
+++ b/prowler/providers/aws/lib/quick_inventory/quick_inventory.py
@@ -211,9 +211,13 @@ def create_inventory_table(resources: list, resources_in_region: dict) -> dict:

 def create_output(resources: list, audit_info: AWS_Audit_Info, args):
    json_output = []
-    output_file = (
-        f"prowler-inventory-{audit_info.audited_account}-{output_file_timestamp}"
-    )
+    # Check if custom output filename was input, if not, set the default
+    if not hasattr(args, "output_filename") or args.output_filename is None:
+        output_file = (
+            f"prowler-inventory-{audit_info.audited_account}-{output_file_timestamp}"
+        )
+    else:
+        output_file = args.output_filename

    for item in sorted(resources, key=lambda d: d["arn"]):
        resource = {}
@@ -275,8 +279,8 @@ def create_output(resources: list, audit_info: AWS_Audit_Info, args):
        f"\n{Fore.YELLOW}WARNING: Only resources that have or have had tags will appear (except for IAM and S3).\nSee more in https://docs.prowler.cloud/en/latest/tutorials/quick-inventory/#objections{Style.RESET_ALL}"
    )
    print("\nMore details in files:")
-    print(f" - CSV: {args.output_directory}/{output_file+csv_file_suffix}")
-    print(f" - JSON: {args.output_directory}/{output_file+json_file_suffix}")
+    print(f" - CSV: {args.output_directory}/{output_file + csv_file_suffix}")
+    print(f" - JSON: {args.output_directory}/{output_file + json_file_suffix}")

    # Send output to S3 if needed (-B / -D)
    for mode in ["json", "csv"]:
--- a/prowler/providers/aws/lib/s3/s3.py
+++ b/prowler/providers/aws/lib/s3/s3.py
@@ -27,7 +27,7 @@ def send_to_s3_bucket(
        else:  # Compliance output mode
            filename = f"{output_filename}_{output_mode}{csv_file_suffix}"

-        logger.info(f"Sending outputs to S3 bucket {output_bucket_name}")
+        logger.info(f"Sending output file {filename} to S3 bucket {output_bucket_name}")
        # File location
        file_name = output_directory + "/" + filename

--- a/prowler/providers/aws/lib/security_hub/security_hub.py
+++ b/prowler/providers/aws/lib/security_hub/security_hub.py
@@ -1,4 +1,5 @@
 from boto3 import session
+from botocore.client import ClientError

 from prowler.config.config import timestamp_utc
 from prowler.lib.logger import logger
@@ -11,7 +12,7 @@ SECURITY_HUB_MAX_BATCH = 100


 def prepare_security_hub_findings(
-    findings: [], audit_info: AWS_Audit_Info, output_options, enabled_regions: []
+    findings: list, audit_info: AWS_Audit_Info, output_options, enabled_regions: list
 ) -> dict:
    security_hub_findings_per_region = {}

@@ -72,15 +73,32 @@ def verify_security_hub_integration_enabled_per_region(
        if security_hub_prowler_integration_arn not in str(
            security_hub_client.list_enabled_products_for_import()
        ):
-            logger.error(
+            logger.warning(
                f"Security Hub is enabled in {region} but Prowler integration does not accept findings. More info: https://docs.prowler.cloud/en/latest/tutorials/aws/securityhub/"
            )
        else:
            prowler_integration_enabled = True

+    # Handle all the permissions / configuration errors
+    except ClientError as client_error:
+        # Check if Account is subscribed to Security Hub
+        error_code = client_error.response["Error"]["Code"]
+        error_message = client_error.response["Error"]["Message"]
+        if (
+            error_code == "InvalidAccessException"
+            and f"Account {aws_account_number} is not subscribed to AWS Security Hub"
+            in error_message
+        ):
+            logger.warning(
+                f"{client_error.__class__.__name__} -- [{client_error.__traceback__.tb_lineno}]: {client_error}"
+            )
+        else:
+            logger.error(
+                f"{client_error.__class__.__name__} -- [{client_error.__traceback__.tb_lineno}]: {client_error}"
+            )
    except Exception as error:
        logger.error(
-            f"{error.__class__.__name__} -- [{error.__traceback__.tb_lineno}]:{error} in region {region}"
+            f"{error.__class__.__name__} -- [{error.__traceback__.tb_lineno}]: {error}"
        )

    finally:
@@ -169,7 +187,7 @@ def resolve_security_hub_previous_findings(


 def __send_findings_to_security_hub__(
-    findings: [dict], region: str, security_hub_client
+    findings: list[dict], region: str, security_hub_client
 ):
    """Private function send_findings_to_security_hub chunks the findings in groups of 100 findings and send them to AWS Security Hub. It returns the number of sent findings."""
    success_count = 0
--- a/prowler/providers/aws/services/acm/acm_certificates_expiration_check/acm_certificates_expiration_check.py
+++ b/prowler/providers/aws/services/acm/acm_certificates_expiration_check/acm_certificates_expiration_check.py
@@ -19,7 +19,11 @@ class acm_certificates_expiration_check(Check):
                report.resource_tags = certificate.tags
            else:
                report.status = "FAIL"
-                report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} is about to expire in {DAYS_TO_EXPIRE_THRESHOLD} days."
+                if certificate.expiration_days < 0:
+                    report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} has expired ({abs(certificate.expiration_days)} days ago)."
+                else:
+                    report.status_extended = f"ACM Certificate {certificate.id} for {certificate.name} is about to expire in {certificate.expiration_days} days."
+
                report.resource_id = certificate.id
                report.resource_details = certificate.name
                report.resource_arn = certificate.arn
--- a/prowler/providers/aws/services/apigateway/apigateway_service.py
+++ b/prowler/providers/aws/services/apigateway/apigateway_service.py
@@ -1,5 +1,6 @@
 from typing import Optional

+from botocore.exceptions import ClientError
 from pydantic import BaseModel

 from prowler.lib.logger import logger
@@ -47,12 +48,28 @@ class APIGateway(AWSService):
        logger.info("APIGateway - Getting Rest APIs authorizer...")
        try:
            for rest_api in self.rest_apis:
-                regional_client = self.regional_clients[rest_api.region]
-                authorizers = regional_client.get_authorizers(restApiId=rest_api.id)[
-                    "items"
-                ]
-                if authorizers:
-                    rest_api.authorizer = True
+                try:
+                    regional_client = self.regional_clients[rest_api.region]
+                    authorizers = regional_client.get_authorizers(
+                        restApiId=rest_api.id
+                    )["items"]
+                    if authorizers:
+                        rest_api.authorizer = True
+
+                except ClientError as error:
+                    if error.response["Error"]["Code"] == "NotFoundException":
+                        logger.warning(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+                    else:
+                        logger.error(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+
+                except Exception as error:
+                    logger.error(
+                        f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                    )
        except Exception as error:
            logger.error(
                f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -62,10 +79,25 @@ class APIGateway(AWSService):
        logger.info("APIGateway - Describing Rest API...")
        try:
            for rest_api in self.rest_apis:
-                regional_client = self.regional_clients[rest_api.region]
-                rest_api_info = regional_client.get_rest_api(restApiId=rest_api.id)
-                if rest_api_info["endpointConfiguration"]["types"] == ["PRIVATE"]:
-                    rest_api.public_endpoint = False
+                try:
+                    regional_client = self.regional_clients[rest_api.region]
+                    rest_api_info = regional_client.get_rest_api(restApiId=rest_api.id)
+                    if rest_api_info["endpointConfiguration"]["types"] == ["PRIVATE"]:
+                        rest_api.public_endpoint = False
+                except ClientError as error:
+                    if error.response["Error"]["Code"] == "NotFoundException":
+                        logger.warning(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+                    else:
+                        logger.error(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+
+                except Exception as error:
+                    logger.error(
+                        f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                    )
        except Exception as error:
            logger.error(
                f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
@@ -75,29 +107,44 @@ class APIGateway(AWSService):
        logger.info("APIGateway - Getting stages for Rest APIs...")
        try:
            for rest_api in self.rest_apis:
-                regional_client = self.regional_clients[rest_api.region]
-                stages = regional_client.get_stages(restApiId=rest_api.id)
-                for stage in stages["item"]:
-                    waf = None
-                    logging = False
-                    client_certificate = False
-                    if "webAclArn" in stage:
-                        waf = stage["webAclArn"]
-                    if "methodSettings" in stage:
-                        if stage["methodSettings"]:
-                            logging = True
-                    if "clientCertificateId" in stage:
-                        client_certificate = True
-                    arn = f"arn:{self.audited_partition}:apigateway:{regional_client.region}::/restapis/{rest_api.id}/stages/{stage['stageName']}"
-                    rest_api.stages.append(
-                        Stage(
-                            name=stage["stageName"],
-                            arn=arn,
-                            logging=logging,
-                            client_certificate=client_certificate,
-                            waf=waf,
-                            tags=[stage.get("tags")],
+                try:
+                    regional_client = self.regional_clients[rest_api.region]
+                    stages = regional_client.get_stages(restApiId=rest_api.id)
+                    for stage in stages["item"]:
+                        waf = None
+                        logging = False
+                        client_certificate = False
+                        if "webAclArn" in stage:
+                            waf = stage["webAclArn"]
+                        if "methodSettings" in stage:
+                            if stage["methodSettings"]:
+                                logging = True
+                        if "clientCertificateId" in stage:
+                            client_certificate = True
+                        arn = f"arn:{self.audited_partition}:apigateway:{regional_client.region}::/restapis/{rest_api.id}/stages/{stage['stageName']}"
+                        rest_api.stages.append(
+                            Stage(
+                                name=stage["stageName"],
+                                arn=arn,
+                                logging=logging,
+                                client_certificate=client_certificate,
+                                waf=waf,
+                                tags=[stage.get("tags")],
+                            )
                        )
+                except ClientError as error:
+                    if error.response["Error"]["Code"] == "NotFoundException":
+                        logger.warning(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+                    else:
+                        logger.error(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+
+                except Exception as error:
+                    logger.error(
+                        f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
                    )
        except Exception as error:
            logger.error(
@@ -108,33 +155,50 @@ class APIGateway(AWSService):
        logger.info("APIGateway - Getting API resources...")
        try:
            for rest_api in self.rest_apis:
-                regional_client = self.regional_clients[rest_api.region]
-                get_resources_paginator = regional_client.get_paginator("get_resources")
-                for page in get_resources_paginator.paginate(restApiId=rest_api.id):
-                    for resource in page["items"]:
-                        id = resource["id"]
-                        resource_methods = []
-                        methods_auth = {}
-                        for resource_method in resource.get(
-                            "resourceMethods", {}
-                        ).keys():
-                            resource_methods.append(resource_method)
+                try:
+                    regional_client = self.regional_clients[rest_api.region]
+                    get_resources_paginator = regional_client.get_paginator(
+                        "get_resources"
+                    )
+                    for page in get_resources_paginator.paginate(restApiId=rest_api.id):
+                        for resource in page["items"]:
+                            id = resource["id"]
+                            resource_methods = []
+                            methods_auth = {}
+                            for resource_method in resource.get(
+                                "resourceMethods", {}
+                            ).keys():
+                                resource_methods.append(resource_method)

-                        for resource_method in resource_methods:
-                            if resource_method != "OPTIONS":
-                                method_config = regional_client.get_method(
-                                    restApiId=rest_api.id,
-                                    resourceId=id,
-                                    httpMethod=resource_method,
+                            for resource_method in resource_methods:
+                                if resource_method != "OPTIONS":
+                                    method_config = regional_client.get_method(
+                                        restApiId=rest_api.id,
+                                        resourceId=id,
+                                        httpMethod=resource_method,
+                                    )
+                                    auth_type = method_config["authorizationType"]
+                                    methods_auth.update({resource_method: auth_type})
+
+                            rest_api.resources.append(
+                                PathResourceMethods(
+                                    path=resource["path"], resource_methods=methods_auth
                                )
-                                auth_type = method_config["authorizationType"]
-                                methods_auth.update({resource_method: auth_type})
-
-                        rest_api.resources.append(
-                            PathResourceMethods(
-                                path=resource["path"], resource_methods=methods_auth
                            )
+                except ClientError as error:
+                    if error.response["Error"]["Code"] == "NotFoundException":
+                        logger.warning(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
                        )
+                    else:
+                        logger.error(
+                            f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                        )
+
+                except Exception as error:
+                    logger.error(
+                        f"{regional_client.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
+                    )

        except Exception as error:
            logger.error(
--- a/prowler/providers/aws/services/apigatewayv2/apigatewayv2_api_access_logging_enabled/apigatewayv2_api_access_logging_enabled.py
+++ b/prowler/providers/aws/services/apigatewayv2/apigatewayv2_api_access_logging_enabled/apigatewayv2_api_access_logging_enabled.py
@@ -14,13 +14,13 @@ class apigatewayv2_api_access_logging_enabled(Check):
                if stage.logging:
                    report.status = "PASS"
                    report.status_extended = f"API Gateway V2 {api.name} ID {api.id} in stage {stage.name} has access logging enabled."
-                    report.resource_id = api.name
+                    report.resource_id = f"{api.name}-{stage.name}"
                    report.resource_arn = api.arn
                    report.resource_tags = api.tags
                else:
                    report.status = "FAIL"
                    report.status_extended = f"API Gateway V2 {api.name} ID {api.id} in stage {stage.name} has access logging disabled."
-                    report.resource_id = api.name
+                    report.resource_id = f"{api.name}-{stage.name}"
                    report.resource_arn = api.arn
                    report.resource_tags = api.tags
                findings.append(report)
--- a/prowler/providers/aws/services/apigatewayv2/apigatewayv2_service.py
+++ b/prowler/providers/aws/services/apigatewayv2/apigatewayv2_service.py
@@ -32,7 +32,7 @@ class ApiGatewayV2(AWSService):
                                arn=arn,
                                id=apigw["ApiId"],
                                region=regional_client.region,
-                                name=apigw["Name"],
+                                name=apigw.get("Name", ""),
                                tags=[apigw.get("Tags")],
                            )
                        )
--- a/prowler/providers/aws/services/athena/athena_service.py
+++ b/prowler/providers/aws/services/athena/athena_service.py
@@ -54,10 +54,8 @@ class Athena(AWSService):
                    )

                    wg_configuration = wg.get("WorkGroup").get("Configuration")
-                    self.workgroups[
-                        workgroup.arn
-                    ].enforce_workgroup_configuration = wg_configuration.get(
-                        "EnforceWorkGroupConfiguration", False
+                    self.workgroups[workgroup.arn].enforce_workgroup_configuration = (
+                        wg_configuration.get("EnforceWorkGroupConfiguration", False)
                    )

                    # We include an empty EncryptionConfiguration to handle if the workgroup does not have encryption configured
@@ -77,9 +75,9 @@ class Athena(AWSService):
                        encryption_configuration = EncryptionConfiguration(
                            encryption_option=encryption, encrypted=True
                        )
-                        self.workgroups[
-                            workgroup.arn
-                        ].encryption_configuration = encryption_configuration
+                        self.workgroups[workgroup.arn].encryption_configuration = (
+                            encryption_configuration
+                        )
                except Exception as error:
                    logger.error(
                        f"{self.region} -- {error.__class__.__name__}[{error.__traceback__.tb_lineno}]: {error}"
--- a/prowler/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.py
+++ b/prowler/providers/aws/services/awslambda/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled/awslambda_function_invoke_api_operations_cloudtrail_logging_enabled.py
@@ -20,7 +20,7 @@ class awslambda_function_invoke_api_operations_cloudtrail_logging_enabled(Check)
                f"Lambda function {function.name} is not recorded by CloudTrail."
            )
            lambda_recorded_cloudtrail = False
-            for trail in cloudtrail_client.trails:
+            for trail in cloudtrail_client.trails.values():
                for data_event in trail.data_events:
                    # classic event selectors
                    if not data_event.is_advanced:
--- a/prowler/providers/aws/services/awslambda/awslambda_function_no_secrets_in_variables/awslambda_function_no_secrets_in_variables.py
+++ b/prowler/providers/aws/services/awslambda/awslambda_function_no_secrets_in_variables/awslambda_function_no_secrets_in_variables.py
@@ -42,7 +42,7 @@ class awslambda_function_no_secrets_in_variables(Check):
                    environment_variable_names = list(function.environment.keys())
                    secrets_string = ", ".join(
                        [
-                            f"{secret['type']} in variable {environment_variable_names[int(secret['line_number'])-2]}"
+                            f"{secret['type']} in variable {environment_variable_names[int(secret['line_number']) - 2]}"
                            for secret in detect_secrets_output[temp_env_data_file.name]
                        ]
                    )
--- a/prowler/providers/aws/services/backup/backup_plans_exist/backup_plans_exist.py
+++ b/prowler/providers/aws/services/backup/backup_plans_exist/backup_plans_exist.py
@@ -17,7 +17,7 @@ class backup_plans_exist(Check):
            report = Check_Report_AWS(self.metadata())
            report.status = "FAIL"
            report.status_extended = "No Backup Plan exist."
-            report.resource_arn = backup_client.audited_account_arn
+            report.resource_arn = backup_client.backup_plan_arn_template
            report.resource_id = backup_client.audited_account
            report.region = backup_client.region
            findings.append(report)
--- a/Show More
+++ b/Show More