fix(tests): assert metadata and resource id/name

chore(resource): PoC for the initial version
feat(m365): ensure all forms of mail forwarding are blocked or disabled (#7658 )
2026-06-10 21:42:29 +00:00 · 2025-05-06 09:12:17 +02:00 · 2025-05-06 08:04:24 +02:00 · 2025-05-05 11:21:14 -04:00 · 2025-05-05 16:46:32 +02:00 · 2025-05-05 10:40:59 -04:00
1518 changed files with 83554 additions and 26899 deletions
@@ -4,7 +4,7 @@

 #### Prowler UI Configuration ####
 PROWLER_UI_VERSION="stable"
-SITE_URL=http://localhost:3000
+AUTH_URL=http://localhost:3000
 API_BASE_URL=http://prowler-api:8080/api/v1
 NEXT_PUBLIC_API_DOCS_URL=http://prowler-api:8080/api/v1/docs
 AUTH_TRUST_HOST=true
@@ -33,10 +33,10 @@ VALKEY_DB=0
 # API scan settings

 # The path to the directory where scan output should be stored
-DJANGO_TMP_OUTPUT_DIRECTORY = "/tmp/prowler_api_output"
+DJANGO_TMP_OUTPUT_DIRECTORY="/tmp/prowler_api_output"

 # The maximum number of findings to process in a single batch
-DJANGO_FINDINGS_BATCH_SIZE = 1000
+DJANGO_FINDINGS_BATCH_SIZE=1000

 # The AWS access key to be used when uploading scan output to an S3 bucket
 # If left empty, default AWS credentials resolution behavior will be used
@@ -123,4 +123,13 @@ SENTRY_ENVIRONMENT=local
 SENTRY_RELEASE=local

 #### Prowler release version ####
-NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v5.4.5
+NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v5.6.0
+
+# Social login credentials
+SOCIAL_GOOGLE_OAUTH_CALLBACK_URL="${AUTH_URL}/api/auth/callback/google"
+SOCIAL_GOOGLE_OAUTH_CLIENT_ID=""
+SOCIAL_GOOGLE_OAUTH_CLIENT_SECRET=""
+
+SOCIAL_GITHUB_OAUTH_CALLBACK_URL="${AUTH_URL}/api/auth/callback/github"
+SOCIAL_GITHUB_OAUTH_CLIENT_ID=""
+SOCIAL_GITHUB_OAUTH_CLIENT_SECRET=""
@@ -9,108 +9,112 @@ updates:
  - package-ecosystem: "pip"
    directory: "/"
    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
+      interval: "monthly"
+    open-pull-requests-limit: 25
    target-branch: master
    labels:
      - "dependencies"
      - "pip"

-  - package-ecosystem: "pip"
-    directory: "/api"
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
-    target-branch: master
-    labels:
-      - "dependencies"
-      - "pip"
-      - "component/api"
+  # Dependabot Updates are temporary disabled - 2025/03/19
+  # - package-ecosystem: "pip"
+  #   directory: "/api"
+  #   schedule:
+  #     interval: "daily"
+  #   open-pull-requests-limit: 10
+  #   target-branch: master
+  #   labels:
+  #     - "dependencies"
+  #     - "pip"
+  #     - "component/api"

  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
+      interval: "monthly"
+    open-pull-requests-limit: 25
    target-branch: master
    labels:
      - "dependencies"
      - "github_actions"

-  - package-ecosystem: "npm"
-    directory: "/ui"
-    schedule:
-      interval: "daily"
-    open-pull-requests-limit: 10
-    target-branch: master
-    labels:
-      - "dependencies"
-      - "npm"
-      - "component/ui"
+  # Dependabot Updates are temporary disabled - 2025/03/19
+  # - package-ecosystem: "npm"
+  #   directory: "/ui"
+  #   schedule:
+  #     interval: "daily"
+  #   open-pull-requests-limit: 10
+  #   target-branch: master
+  #   labels:
+  #     - "dependencies"
+  #     - "npm"
+  #     - "component/ui"

  - package-ecosystem: "docker"
    directory: "/"
    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
+      interval: "monthly"
+    open-pull-requests-limit: 25
    target-branch: master
    labels:
      - "dependencies"
      - "docker"

+  # Dependabot Updates are temporary disabled - 2025/04/15
  # v4.6
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    target-branch: v4.6
-    labels:
-      - "dependencies"
-      - "pip"
-      - "v4"
+  # - package-ecosystem: "pip"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "weekly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v4.6
+  #   labels:
+  #     - "dependencies"
+  #     - "pip"
+  #     - "v4"

-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    target-branch: v4.6
-    labels:
-      - "dependencies"
-      - "github_actions"
-      - "v4"
+  # - package-ecosystem: "github-actions"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "weekly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v4.6
+  #   labels:
+  #     - "dependencies"
+  #     - "github_actions"
+  #     - "v4"

-  - package-ecosystem: "docker"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    target-branch: v4.6
-    labels:
-      - "dependencies"
-      - "docker"
-      - "v4"
+  # - package-ecosystem: "docker"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "weekly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v4.6
+  #   labels:
+  #     - "dependencies"
+  #     - "docker"
+  #     - "v4"

+  # Dependabot Updates are temporary disabled - 2025/03/19
  # v3
-  - package-ecosystem: "pip"
-    directory: "/"
-    schedule:
-      interval: "monthly"
-    open-pull-requests-limit: 10
-    target-branch: v3
-    labels:
-      - "dependencies"
-      - "pip"
-      - "v3"
+  # - package-ecosystem: "pip"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "monthly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v3
+  #   labels:
+  #     - "dependencies"
+  #     - "pip"
+  #     - "v3"

-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "monthly"
-    open-pull-requests-limit: 10
-    target-branch: v3
-    labels:
-      - "dependencies"
-      - "github_actions"
-      - "v3"
+  # - package-ecosystem: "github-actions"
+  #   directory: "/"
+  #   schedule:
+  #     interval: "monthly"
+  #   open-pull-requests-limit: 10
+  #   target-branch: v3
+  #   labels:
+  #     - "dependencies"
+  #     - "github_actions"
+  #     - "v3"
@@ -16,6 +16,7 @@ Please include a summary of the change and which issue is fixed. List any depend
 - [ ] Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
 - [ ] Review if backport is needed.
 - [ ] Review if is needed to change the [Readme.md](https://github.com/prowler-cloud/prowler/blob/master/README.md)
+- [ ] Ensure new entries are added to [CHANGELOG.md](https://github.com/prowler-cloud/prowler/blob/master/prowler/CHANGELOG.md), if applicable.

 #### API
 - [ ] Verify if API specs need to be regenerated.
@@ -61,7 +61,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Set short git commit SHA
        id: vars
@@ -70,18 +70,18 @@ jobs:
          echo "SHORT_SHA=${shortSha}" >> $GITHUB_ENV

      - name: Login to DockerHub
-        uses: docker/login-action@v3
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - name: Build and push container image (latest)
        # Comment the following line for testing
        if: github.event_name == 'push'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          # Set push: false for testing
@@ -94,7 +94,7 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          push: true
@@ -106,7 +106,7 @@ jobs:

      - name: Trigger deployment
        if: github.event_name == 'push'
-        uses: peter-evans/repository-dispatch@v3
+        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
        with:
          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          repository: ${{ secrets.CLOUD_DISPATCH }}
@@ -44,16 +44,16 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/api-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
      with:
        category: "/language:${{matrix.language}}"
@@ -71,11 +71,11 @@ jobs:
          --health-retries 5

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@v45
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
        with:
          files: api/**
          files_ignore: |
@@ -90,11 +90,11 @@ jobs:
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==1.8.5
+          pipx install poetry==2.1.1

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
@@ -103,7 +103,7 @@ jobs:
        working-directory: ./api
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry install
+          poetry install --no-root
          poetry run pip list
          VERSION=$(curl --silent "https://api.github.com/repos/hadolint/hadolint/releases/latest" | \
            grep '"tag_name":' | \
@@ -145,7 +145,7 @@ jobs:
        working-directory: ./api
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry run safety check --ignore 70612,66963
+          poetry run safety check --ignore 70612,66963,74429

      - name: Vulture
        working-directory: ./api
@@ -167,7 +167,7 @@ jobs:

      - name: Upload coverage reports to Codecov
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
        with:
@@ -175,11 +175,11 @@ jobs:
  test-container-build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Build Container
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.API_WORKING_DIR }}
          push: false
@@ -23,7 +23,7 @@ jobs:
    steps:
      - name: Check labels
        id: preview_label_check
-        uses: docker://agilepathway/pull-request-label-checker:v1.6.55
+        uses: agilepathway/label-checker@c3d16ad512e7cea5961df85ff2486bb774caf3c5 # v1.6.65
        with:
          allow_failure: true
          prefix_mode: true
@@ -33,7 +33,7 @@ jobs:

      - name: Backport Action
        if: steps.preview_label_check.outputs.label_check == 'success'
-        uses: sorenlouv/backport-github-action@v9.5.1
+        uses: sorenlouv/backport-github-action@ad888e978060bc1b2798690dd9d03c4036560947 # v9.5.1
        with:
          github_token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          auto_backport_label_prefix: ${{ env.BACKPORT_LABEL_PREFIX }}
@@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Leave PR comment with the Prowler Documentation URI
-        uses: peter-evans/create-or-update-comment@v4
+        uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
        with:
          issue-number: ${{ env.PR_NUMBER }}
          body: |
@@ -18,6 +18,6 @@ jobs:
    steps:
      - name: conventional-commit-check
        id: conventional-commit-check
-        uses: agenthunt/conventional-commit-checker-action@v2.0.0
+        uses: agenthunt/conventional-commit-checker-action@9e552d650d0e205553ec7792d447929fc78e012b # v2.0.0
        with:
            pr-title-regex: '^([^\s(]+)(?:\(([^)]+)\))?: (.+)'
@@ -7,11 +7,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
      - name: TruffleHog OSS
-        uses: trufflesecurity/trufflehog@v3.88.14
+        uses: trufflesecurity/trufflehog@b06f6d72a3791308bb7ba59c2b8cb7a083bd17e4 # v3.88.26
        with:
          path: ./
          base: ${{ github.event.repository.default_branch }}
@@ -14,4 +14,4 @@ jobs:
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/labeler@v5
+    - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
@@ -0,0 +1,34 @@
+name: Prowler - Merged Pull Request
+
+on:
+  pull_request_target:
+    branches: ['master']
+    types: ['closed']
+
+jobs:
+  trigger-cloud-pull-request:
+    name: Trigger Cloud Pull Request
+    if: github.event.pull_request.merged == true && github.repository == 'prowler-cloud/prowler'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Set short git commit SHA
+        id: vars
+        run: |
+          shortSha=$(git rev-parse --short ${{ github.sha }})
+          echo "SHORT_SHA=${shortSha}" >> $GITHUB_ENV
+
+      - name: Trigger pull request
+        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
+        with:
+          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
+          repository: ${{ secrets.CLOUD_DISPATCH }}
+          event-type: prowler-pull-request-merged
+          client-payload: '{
+            "PROWLER_COMMIT_SHA": "${{ github.sha }}",
+            "PROWLER_COMMIT_SHORT_SHA": "${{ env.SHORT_SHA }}",
+            "PROWLER_PR_TITLE": "${{ github.event.pull_request.title }}",
+            "PROWLER_PR_LABELS": ${{ toJson(github.event.pull_request.labels.*.name) }},
+            "PROWLER_PR_BODY": ${{ toJson(github.event.pull_request.body) }}
+          }'
@@ -59,16 +59,16 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: ${{ env.PYTHON_VERSION }}

      - name: Install Poetry
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry==2.*
          pipx inject poetry poetry-bumpversion

      - name: Get Prowler version
@@ -108,13 +108,13 @@ jobs:
          esac

      - name: Login to DockerHub
-        uses: docker/login-action@v3
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Login to Public ECR
-        uses: docker/login-action@v3
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          registry: public.ecr.aws
          username: ${{ secrets.PUBLIC_ECR_AWS_ACCESS_KEY_ID }}
@@ -123,11 +123,11 @@ jobs:
          AWS_REGION: ${{ env.AWS_REGION }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - name: Build and push container image (latest)
        if: github.event_name == 'push'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          push: true
          tags: |
@@ -140,7 +140,7 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          # Use local context to get changes
          # https://github.com/docker/build-push-action#path-context
@@ -0,0 +1,94 @@
+name: SDK - Bump Version
+
+on:
+  release:
+    types: [published]
+
+
+env:
+  PROWLER_VERSION: ${{ github.event.release.tag_name }}
+  BASE_BRANCH: master
+
+jobs:
+  bump-version:
+    name: Bump Version
+    if: github.repository == 'prowler-cloud/prowler'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Get Prowler version
+        shell: bash
+        run: |
+          if [[ $PROWLER_VERSION =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
+            MAJOR_VERSION=${BASH_REMATCH[1]}
+            MINOR_VERSION=${BASH_REMATCH[2]}
+            FIX_VERSION=${BASH_REMATCH[3]}
+
+            if (( MAJOR_VERSION == 5 )); then
+                if (( FIX_VERSION == 0 )); then
+                  echo "Minor Release: $PROWLER_VERSION"
+
+                  BUMP_VERSION_TO=${MAJOR_VERSION}.$((MINOR_VERSION + 1)).${FIX_VERSION}
+                  echo "BUMP_VERSION_TO=${BUMP_VERSION_TO}" >> "${GITHUB_ENV}"
+
+                  TARGET_BRANCH=${BASE_BRANCH}
+                  echo "TARGET_BRANCH=${TARGET_BRANCH}" >> "${GITHUB_ENV}"
+
+                  echo "Bumping to next minor version: ${BUMP_VERSION_TO} in branch ${TARGET_BRANCH}"
+                else
+                  echo "Patch Release: $PROWLER_VERSION"
+
+                  BUMP_VERSION_TO=${MAJOR_VERSION}.${MINOR_VERSION}.$((FIX_VERSION + 1))
+                  echo "BUMP_VERSION_TO=${BUMP_VERSION_TO}" >> "${GITHUB_ENV}"
+
+                  TARGET_BRANCH=v${MAJOR_VERSION}.${MINOR_VERSION}
+                  echo "TARGET_BRANCH=${TARGET_BRANCH}" >> "${GITHUB_ENV}"
+
+                  echo "Bumping to next patch version: ${BUMP_VERSION_TO} in branch ${TARGET_BRANCH}"
+                fi
+            else
+                echo "Releasing another Prowler major version, aborting..."
+                exit 1
+            fi
+          else
+            echo "Invalid version syntax: '$PROWLER_VERSION' (must be N.N.N)" >&2
+            exit 1
+          fi
+
+      - name: Bump versions in files
+        run: |
+            echo "Using PROWLER_VERSION=$PROWLER_VERSION"
+            echo "Using BUMP_VERSION_TO=$BUMP_VERSION_TO"
+
+            set -e
+
+            echo "Bumping version in pyproject.toml ..."
+            sed -i "s|version = \"${PROWLER_VERSION}\"|version = \"${BUMP_VERSION_TO}\"|" pyproject.toml
+
+            echo "Bumping version in prowler/config/config.py ..."
+            sed -i "s|prowler_version = \"${PROWLER_VERSION}\"|prowler_version = \"${BUMP_VERSION_TO}\"|" prowler/config/config.py
+
+            echo "Bumping version in .env ..."
+            sed -i "s|NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v${PROWLER_VERSION}|NEXT_PUBLIC_PROWLER_RELEASE_VERSION=v${BUMP_VERSION_TO}|" .env
+
+            git --no-pager diff
+
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        with:
+            author: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
+            token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
+            base: ${{ env.TARGET_BRANCH }}
+            commit-message: "chore(release): Bump version to v${{ env.BUMP_VERSION_TO }}"
+            branch: "version-bump-to-v${{ env.BUMP_VERSION_TO }}"
+            title: "chore(release): Bump version to v${{ env.BUMP_VERSION_TO }}"
+            body: |
+              ### Description
+
+              Bump Prowler version to v${{ env.BUMP_VERSION_TO }}
+
+              ### License
+
+              By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@@ -21,6 +21,7 @@ on:
    paths-ignore:
      - 'ui/**'
      - 'api/**'
+      - '.github/**'
  pull_request:
    branches:
      - "master"
@@ -30,6 +31,7 @@ on:
    paths-ignore:
      - 'ui/**'
      - 'api/**'
+      - '.github/**'
  schedule:
    - cron: '00 12 * * *'

@@ -50,16 +52,16 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
      with:
        languages: ${{ matrix.language }}
        config-file: ./.github/codeql/sdk-codeql-config.yml

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
      with:
        category: "/language:${{matrix.language}}"
@@ -21,11 +21,11 @@ jobs:
        python-version: ["3.9", "3.10", "3.11", "3.12"]

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Test if changes are in not ignored paths
        id: are-non-ignored-files-changed
-        uses: tj-actions/changed-files@v45
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
        with:
          files: ./**
          files_ignore: |
@@ -34,6 +34,7 @@ jobs:
            permissions/**
            api/**
            ui/**
+            prowler/CHANGELOG.md
            README.md
            mkdocs.yml
            .backportrc.json
@@ -46,11 +47,11 @@ jobs:
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
          python -m pip install --upgrade pip
-          pipx install poetry==1.8.5
+          pipx install poetry==2.1.1

      - name: Set up Python ${{ matrix.python-version }}
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: ${{ matrix.python-version }}
          cache: "poetry"
@@ -58,7 +59,7 @@ jobs:
      - name: Install dependencies
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry install
+          poetry install --no-root
          poetry run pip list
          VERSION=$(curl --silent "https://api.github.com/repos/hadolint/hadolint/releases/latest" | \
            grep '"tag_name":' | \
@@ -106,15 +107,107 @@ jobs:
        run: |
          /tmp/hadolint Dockerfile --ignore=DL3013

-      - name: Test with pytest
+      # Test AWS
+      - name: AWS - Check if any file has changed
+        id: aws-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/aws/**
+            ./tests/providers/aws/**
+
+      - name: AWS - Test
+        if: steps.aws-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/aws --cov-report=xml:aws_coverage.xml tests/providers/aws
+
+      # Test Azure
+      - name: Azure - Check if any file has changed
+        id: azure-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/azure/**
+            ./tests/providers/azure/**
+
+      - name: Azure - Test
+        if: steps.azure-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/azure --cov-report=xml:azure_coverage.xml tests/providers/azure
+
+      # Test GCP
+      - name: GCP - Check if any file has changed
+        id: gcp-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/gcp/**
+            ./tests/providers/gcp/**
+
+      - name: GCP - Test
+        if: steps.gcp-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/gcp --cov-report=xml:gcp_coverage.xml tests/providers/gcp
+
+      # Test Kubernetes
+      - name: Kubernetes - Check if any file has changed
+        id: kubernetes-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/kubernetes/**
+            ./tests/providers/kubernetes/**
+
+      - name: Kubernetes - Test
+        if: steps.kubernetes-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/kubernetes --cov-report=xml:kubernetes_coverage.xml tests/providers/kubernetes
+
+      # Test NHN
+      - name: NHN - Check if any file has changed
+        id: nhn-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/nhn/**
+            ./tests/providers/nhn/**
+
+      - name: NHN - Test
+        if: steps.nhn-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/nhn --cov-report=xml:nhn_coverage.xml tests/providers/nhn
+
+      # Test M365
+      - name: M365 - Check if any file has changed
+        id: m365-changed-files
+        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
+        with:
+          files: |
+            ./prowler/providers/m365/**
+            ./tests/providers/m365/**
+
+      - name: M365 - Test
+        if: steps.m365-changed-files.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/providers/m365 --cov-report=xml:m365_coverage.xml tests/providers/m365
+
+      # Common Tests
+      - name: Lib - Test
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
        run: |
-          poetry run pytest -n auto --cov=./prowler --cov-report=xml tests
+          poetry run pytest -n auto --cov=./prowler/lib --cov-report=xml:lib_coverage.xml tests/lib

+      - name: Config - Test
+        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
+        run: |
+          poetry run pytest -n auto --cov=./prowler/config --cov-report=xml:config_coverage.xml tests/config
+
+      # Codecov
      - name: Upload coverage reports to Codecov
        if: steps.are-non-ignored-files-changed.outputs.any_changed == 'true'
-        uses: codecov/codecov-action@v5
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
        with:
          flags: prowler
+          files: ./aws_coverage.xml,./azure_coverage.xml,./gcp_coverage.xml,./kubernetes_coverage.xml,./nhn_coverage.xml,./m365_coverage.xml,./lib_coverage.xml,./config_coverage.xml
@@ -7,7 +7,7 @@ on:
 env:
  RELEASE_TAG: ${{ github.event.release.tag_name }}
  PYTHON_VERSION: 3.11
-  CACHE: "poetry"
+  # CACHE: "poetry"

 jobs:
  repository-check:
@@ -64,17 +64,17 @@ jobs:
              ;;
          esac

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Install dependencies
        run: |
-          pipx install poetry==1.8.5
+          pipx install poetry==2.1.1

      - name: Setup Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: ${{ env.PYTHON_VERSION }}
-          cache: ${{ env.CACHE }}
+          # cache: ${{ env.CACHE }}

      - name: Build Prowler package
        run: |
@@ -4,7 +4,7 @@ name: SDK - Refresh AWS services' regions

 on:
  schedule:
-    - cron: "0 9 * * *" #runs at 09:00 UTC everyday
+    - cron: "0 9 * * 1" # runs at 09:00 UTC every Monday

 env:
  GITHUB_BRANCH: "master"
@@ -23,12 +23,12 @@ jobs:
    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ env.GITHUB_BRANCH }}

      - name: setup python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: 3.9 #install the python needed

@@ -38,7 +38,7 @@ jobs:
          pip install boto3

      - name: Configure AWS Credentials -- DEV
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
        with:
          aws-region: ${{ env.AWS_REGION_DEV }}
          role-to-assume: ${{ secrets.DEV_IAM_ROLE_ARN }}
@@ -50,12 +50,13 @@ jobs:

      # Create pull request
      - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v7
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
        with:
+          author: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          commit-message: "feat(regions_update): Update regions for AWS services"
          branch: "aws-services-regions-updated-${{ github.sha }}"
-          labels: "status/waiting-for-revision, severity/low, provider/aws, backport-to-v3"
+          labels: "status/waiting-for-revision, severity/low, provider/aws"
          title: "chore(regions_update): Changes in regions for AWS services"
          body: |
            ### Description
@@ -61,7 +61,7 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Set short git commit SHA
        id: vars
@@ -70,18 +70,18 @@ jobs:
          echo "SHORT_SHA=${shortSha}" >> $GITHUB_ENV

      - name: Login to DockerHub
-        uses: docker/login-action@v3
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - name: Build and push container image (latest)
        # Comment the following line for testing
        if: github.event_name == 'push'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          build-args: |
@@ -96,7 +96,7 @@ jobs:

      - name: Build and push container image (release)
        if: github.event_name == 'release'
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.WORKING_DIRECTORY }}
          build-args: |
@@ -110,7 +110,7 @@ jobs:

      - name: Trigger deployment
        if: github.event_name == 'push'
-        uses: peter-evans/repository-dispatch@v3
+        uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
        with:
          token: ${{ secrets.PROWLER_BOT_ACCESS_TOKEN }}
          repository: ${{ secrets.CLOUD_DISPATCH }}
@@ -44,16 +44,16 @@ jobs:

    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
        with:
          languages: ${{ matrix.language }}
          config-file: ./.github/codeql/ui-codeql-config.yml

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
        with:
          category: "/language:${{matrix.language}}"
@@ -27,11 +27,11 @@ jobs:
        node-version: [20.x]
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          persist-credentials: false
      - name: Setup Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
        with:
          node-version: ${{ matrix.node-version }}
      - name: Install dependencies
@@ -46,11 +46,11 @@ jobs:
  test-container-build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
      - name: Build Container
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
        with:
          context: ${{ env.UI_WORKING_DIR }}
          # Always build using `prod` target
@@ -50,6 +50,7 @@ junit-reports/
 # .env
 ui/.env*
 api/.env*
+.env.local

 # Coverage
 .coverage*
@@ -59,7 +59,7 @@ repos:
        args: ["--ignore=E266,W503,E203,E501,W605"]

  - repo: https://github.com/python-poetry/poetry
-    rev: 1.8.0
+    rev: 2.1.1
    hooks:
      - id: poetry-check
        name: API - poetry-check
@@ -68,7 +68,7 @@ repos:

      - id: poetry-lock
        name: API - poetry-lock
-        args: ["--no-update", "--directory=./api"]
+        args: ["--directory=./api"]
        pass_filenames: false

      - id: poetry-check
@@ -78,7 +78,7 @@ repos:

      - id: poetry-lock
        name: SDK - poetry-lock
-        args: ["--no-update", "--directory=./"]
+        args: ["--directory=./"]
        pass_filenames: false


@@ -115,7 +115,7 @@ repos:
      - id: safety
        name: safety
        description: "Safety is a tool that checks your installed dependencies for known security vulnerabilities"
-        entry: bash -c 'safety check --ignore 70612,66963'
+        entry: bash -c 'safety check --ignore 70612,66963,74429'
        language: system

      - id: vulture
@@ -1,38 +1,64 @@
-FROM python:3.12.9-alpine3.20
+FROM python:3.12.10-slim-bookworm AS build

 LABEL maintainer="https://github.com/prowler-cloud/prowler"
+LABEL org.opencontainers.image.source="https://github.com/prowler-cloud/prowler"

-# Update system dependencies and install essential tools
-#hadolint ignore=DL3018
-RUN apk --no-cache upgrade && apk --no-cache add curl git
+ARG POWERSHELL_VERSION=7.5.0
+
+# hadolint ignore=DL3008
+RUN apt-get update && apt-get install -y --no-install-recommends wget libicu72 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install PowerShell
+RUN ARCH=$(uname -m) && \
+    if [ "$ARCH" = "x86_64" ]; then \
+        wget --progress=dot:giga https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-linux-x64.tar.gz -O /tmp/powershell.tar.gz ; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+        wget --progress=dot:giga https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-linux-arm64.tar.gz -O /tmp/powershell.tar.gz ; \
+    else \
+        echo "Unsupported architecture: $ARCH" && exit 1 ; \
+    fi && \
+    mkdir -p /opt/microsoft/powershell/7 && \
+    tar zxf /tmp/powershell.tar.gz -C /opt/microsoft/powershell/7 && \
+    chmod +x /opt/microsoft/powershell/7/pwsh && \
+    ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh && \
+    rm /tmp/powershell.tar.gz
+
+# Add prowler user
+RUN addgroup --gid 1000 prowler && \
+    adduser --uid 1000 --gid 1000 --disabled-password --gecos "" prowler

-# Create non-root user
-RUN mkdir -p /home/prowler && \
-    echo 'prowler:x:1000:1000:prowler:/home/prowler:' > /etc/passwd && \
-    echo 'prowler:x:1000:' > /etc/group && \
-    chown -R prowler:prowler /home/prowler
 USER prowler

-# Copy necessary files
 WORKDIR /home/prowler
+
+# Copy necessary files
 COPY prowler/  /home/prowler/prowler/
 COPY dashboard/ /home/prowler/dashboard/
 COPY pyproject.toml /home/prowler
-COPY README.md /home/prowler
+COPY README.md /home/prowler/
+COPY prowler/providers/m365/lib/powershell/m365_powershell.py /home/prowler/prowler/providers/m365/lib/powershell/m365_powershell.py

 # Install Python dependencies
 ENV HOME='/home/prowler'
-ENV PATH="$HOME/.local/bin:$PATH"
-RUN pip install --no-cache-dir --upgrade pip setuptools wheel && \
-    pip install --no-cache-dir .
+ENV PATH="${HOME}/.local/bin:${PATH}"
+#hadolint ignore=DL3013
+RUN pip install --no-cache-dir --upgrade pip && \
+    pip install --no-cache-dir poetry
+
+# By default poetry does not compile Python source files to bytecode during installation.
+# This speeds up the installation process, but the first execution may take a little more
+# time because Python then compiles source files to bytecode automatically. If you want to
+# compile source files to bytecode during installation, you can use the --compile option
+RUN poetry install --compile && \
+    rm -rf ~/.cache/pip
+
+# Install PowerShell modules
+RUN poetry run python prowler/providers/m365/lib/powershell/m365_powershell.py

 # Remove deprecated dash dependencies
 RUN pip uninstall dash-html-components -y && \
    pip uninstall dash-core-components -y

-# Remove Prowler directory and build files
-USER 0
-RUN rm -rf /home/prowler/prowler /home/prowler/pyproject.toml /home/prowler/README.md /home/prowler/build /home/prowler/prowler.egg-info
-
 USER prowler
-ENTRYPOINT ["prowler"]
+ENTRYPOINT ["poetry", "run", "prowler"]
@@ -72,10 +72,11 @@ It contains hundreds of controls covering CIS, NIST 800, NIST CSF, CISA, RBI, Fe
 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) |
 |---|---|---|---|---|
 | AWS | 564 | 82 | 33 | 10 |
-| GCP | 77 | 13 | 5 | 3 |
-| Azure | 140 | 18 | 6 | 3 |
-| Kubernetes | 83 | 7 | 2 | 7 |
-| Microsoft365 | 5 | 2 | 1 | 0 |
+| GCP | 79 | 13 | 7 | 3 |
+| Azure | 140 | 18 | 8 | 3 |
+| Kubernetes | 83 | 7 | 4 | 7 |
+| M365 | 44 | 2 | 1 | 0 |
+| NHN (Unofficial) | 6 | 2 | 1 | 0 |

 > You can list the checks, services, compliance frameworks and categories with `prowler <provider> --list-checks`, `prowler <provider> --list-services`, `prowler <provider> --list-compliance` and `prowler <provider> --list-categories`.

@@ -109,7 +110,7 @@ docker compose up -d
 **Requirements**

 * `git` installed.
-* `poetry` installed: [poetry installation](https://python-poetry.org/docs/#installation).
+* `poetry` v2 installed: [poetry installation](https://python-poetry.org/docs/#installation).
 * `npm` installed: [npm installation](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm).
 * `Docker Compose` installed: https://docs.docker.com/compose/install/.

@@ -212,7 +213,7 @@ git clone https://github.com/prowler-cloud/prowler
 cd prowler
 eval $(poetry env activate)
 poetry install
-python prowler.py -v
+python prowler-cli.py -v
 ```
 > [!IMPORTANT]
 > Starting from Poetry v2.0.0, `poetry shell` has been deprecated in favor of `poetry env activate`.
@@ -80,7 +80,7 @@ repos:
      - id: safety
        name: safety
        description: "Safety is a tool that checks your installed dependencies for known security vulnerabilities"
-        entry: bash -c 'poetry run safety check --ignore 70612,66963'
+        entry: bash -c 'poetry run safety check --ignore 70612,66963,74429'
        language: system

      - id: vulture
@@ -2,6 +2,25 @@

 All notable changes to the **Prowler API** are documented in this file.

+
+## [v1.7.0] (UNRELEASED)
+
+### Added
+
+- Added M365 as a new provider [(#7563)](https://github.com/prowler-cloud/prowler/pull/7563).
+
+---
+
+## [v1.6.0] (Prowler v5.5.0)
+
+### Added
+
+- Support for developing new integrations [(#7167)](https://github.com/prowler-cloud/prowler/pull/7167).
+- HTTP Security Headers [(#7289)](https://github.com/prowler-cloud/prowler/pull/7289).
+- New endpoint to get the compliance overviews metadata [(#7333)](https://github.com/prowler-cloud/prowler/pull/7333).
+- Support for muted findings [(#7378)](https://github.com/prowler-cloud/prowler/pull/7378).
+- Added missing fields to API findings and resources [(#7318)](https://github.com/prowler-cloud/prowler/pull/7318).
+
 ---

 ## [v1.5.4] (Prowler v5.4.4)
@@ -54,6 +73,6 @@ All notable changes to the **Prowler API** are documented in this file.
 - Daily scheduled scan instances are now created beforehand with `SCHEDULED` state [(#6700)](https://github.com/prowler-cloud/prowler/pull/6700).
 - Findings endpoints now require at least one date filter [(#6800)](https://github.com/prowler-cloud/prowler/pull/6800).
 - Findings metadata endpoint received a performance improvement [(#6863)](https://github.com/prowler-cloud/prowler/pull/6863).
- Increase the allowed length of the provider UID for Kubernetes providers [(#6869)](https://github.com/prowler-cloud/prowler/pull/6869).
+- Increased the allowed length of the provider UID for Kubernetes providers [(#6869)](https://github.com/prowler-cloud/prowler/pull/6869).

 ---
@@ -1,13 +1,33 @@
-FROM python:3.12.8-alpine3.20 AS build
+FROM python:3.12.10-slim-bookworm AS build

 LABEL maintainer="https://github.com/prowler-cloud/api"

-# hadolint ignore=DL3018
-RUN apk --no-cache add gcc python3-dev musl-dev linux-headers curl-dev
+ARG POWERSHELL_VERSION=7.5.0
+ENV POWERSHELL_VERSION=${POWERSHELL_VERSION}
+
+# hadolint ignore=DL3008
+RUN apt-get update && apt-get install -y --no-install-recommends wget libicu72 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install PowerShell
+RUN ARCH=$(uname -m) && \
+    if [ "$ARCH" = "x86_64" ]; then \
+        wget --progress=dot:giga https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-linux-x64.tar.gz -O /tmp/powershell.tar.gz ; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+        wget --progress=dot:giga https://github.com/PowerShell/PowerShell/releases/download/v${POWERSHELL_VERSION}/powershell-${POWERSHELL_VERSION}-linux-arm64.tar.gz -O /tmp/powershell.tar.gz ; \
+    else \
+        echo "Unsupported architecture: $ARCH" && exit 1 ; \
+    fi && \
+    mkdir -p /opt/microsoft/powershell/7 && \
+    tar zxf /tmp/powershell.tar.gz -C /opt/microsoft/powershell/7 && \
+    chmod +x /opt/microsoft/powershell/7/pwsh && \
+    ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh && \
+    rm /tmp/powershell.tar.gz
+
+# Add prowler user
+RUN addgroup --gid 1000 prowler && \
+    adduser --uid 1000 --gid 1000 --disabled-password --gecos "" prowler

-RUN apk --no-cache upgrade && \
-    addgroup -g 1000 prowler && \
-    adduser -D -u 1000 -G prowler prowler
 USER prowler

 WORKDIR /home/prowler
@@ -17,27 +37,23 @@ COPY pyproject.toml ./
 RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir poetry

-COPY src/backend/  ./backend/
+COPY src/backend/ ./backend/

 ENV PATH="/home/prowler/.local/bin:$PATH"

-RUN poetry install && \
+# Add `--no-root` to avoid installing the current project as a package
+RUN poetry install --no-root && \
    rm -rf ~/.cache/pip

 COPY docker-entrypoint.sh ./docker-entrypoint.sh

+RUN poetry run python "$(poetry env info --path)/src/prowler/prowler/providers/m365/lib/powershell/m365_powershell.py"
+
 WORKDIR /home/prowler/backend

 # Development image
-# hadolint ignore=DL3006
 FROM build AS dev

-USER 0
-# hadolint ignore=DL3018
-RUN apk --no-cache add curl vim
-
-USER prowler
-
 ENTRYPOINT ["../docker-entrypoint.sh", "dev"]

 # Production image
@@ -235,6 +235,7 @@ To view the logs for any component (e.g., Django, Celery worker), you can use th

 ```console
 docker logs -f $(docker ps --format "{{.Names}}" | grep 'api-')
+```

 ## Applying migrations

@@ -2,39 +2,43 @@
 build-backend = "poetry.core.masonry.api"
 requires = ["poetry-core"]

-[tool.poetry]
-authors = ["Prowler Team"]
+[project]
+authors = [{name = "Prowler Engineering", email = "engineering@prowler.com"}]
+dependencies = [
+  "celery[pytest] (>=5.4.0,<6.0.0)",
+  "dj-rest-auth[with_social,jwt] (==7.0.1)",
+  "django==5.1.7",
+  "django-allauth==65.4.1",
+  "django-celery-beat (>=2.7.0,<3.0.0)",
+  "django-celery-results (>=2.5.1,<3.0.0)",
+  "django-cors-headers==4.4.0",
+  "django-environ==0.11.2",
+  "django-filter==24.3",
+  "django-guid==3.5.0",
+  "django-postgres-extra (>=2.0.8,<3.0.0)",
+  "djangorestframework==3.15.2",
+  "djangorestframework-jsonapi==7.0.2",
+  "djangorestframework-simplejwt (>=5.3.1,<6.0.0)",
+  "drf-nested-routers (>=0.94.1,<1.0.0)",
+  "drf-spectacular==0.27.2",
+  "drf-spectacular-jsonapi==0.5.1",
+  "gunicorn==23.0.0",
+  "prowler @ git+https://github.com/prowler-cloud/prowler.git@master",
+  "psycopg2-binary==2.9.9",
+  "pytest-celery[redis] (>=1.0.1,<2.0.0)",
+  "sentry-sdk[django] (>=2.20.0,<3.0.0)",
+  "uuid6==2024.7.10"
+]
 description = "Prowler's API (Django/DRF)"
 license = "Apache-2.0"
 name = "prowler-api"
 package-mode = false
-version = "1.5.4"
+# Needed for the SDK compatibility
+requires-python = ">=3.11,<3.13"
+version = "1.7.0"

-[tool.poetry.dependencies]
-celery = {extras = ["pytest"], version = "^5.4.0"}
-dj-rest-auth = {extras = ["with_social", "jwt"], version = "7.0.1"}
-django = "5.1.5"
-django-celery-beat = "^2.7.0"
-django-celery-results = "^2.5.1"
-django-cors-headers = "4.4.0"
-django-environ = "0.11.2"
-django-filter = "24.3"
-django-guid = "3.5.0"
-django-postgres-extra = "^2.0.8"
-djangorestframework = "3.15.2"
-djangorestframework-jsonapi = "7.0.2"
-djangorestframework-simplejwt = "^5.3.1"
-drf-nested-routers = "^0.94.1"
-drf-spectacular = "0.27.2"
-drf-spectacular-jsonapi = "0.5.1"
-gunicorn = "23.0.0"
-prowler = {git = "https://github.com/prowler-cloud/prowler.git", branch = "v5.4"}
-psycopg2-binary = "2.9.9"
-pytest-celery = {extras = ["redis"], version = "^1.0.1"}
-# Needed for prowler compatibility
-python = ">=3.11,<3.13"
-sentry-sdk = {extras = ["django"], version = "^2.20.0"}
-uuid6 = "2024.7.10"
+[project.scripts]
+celery = "src.backend.config.settings.celery"

 [tool.poetry.group.dev.dependencies]
 bandit = "1.7.9"
@@ -42,6 +46,7 @@ coverage = "7.5.4"
 django-silk = "5.3.2"
 docker = "7.1.0"
 freezegun = "1.5.1"
+marshmallow = ">=3.15.0,<4.0.0"
 mypy = "1.10.1"
 pylint = "3.2.5"
 pytest = "8.2.2"
@@ -54,6 +59,3 @@ ruff = "0.5.0"
 safety = "3.2.9"
 tqdm = "4.67.1"
 vulture = "2.14"
-
-[tool.poetry.scripts]
-celery = "src.backend.config.settings.celery"
@@ -30,6 +30,10 @@ class ProwlerSocialAccountAdapter(DefaultSocialAccountAdapter):
        with transaction.atomic(using=MainRouter.admin_db):
            user = super().save_user(request, sociallogin, form)
            user.save(using=MainRouter.admin_db)
+            social_account_name = sociallogin.account.extra_data.get("name")
+            if social_account_name:
+                user.name = social_account_name
+                user.save(using=MainRouter.admin_db)

            tenant = Tenant.objects.using(MainRouter.admin_db).create(
                name=f"{user.email.split('@')[0]} default tenant"
@@ -333,3 +333,15 @@ class InvitationStateEnum(EnumType):
 class InvitationStateEnumField(PostgresEnumField):
    def __init__(self, *args, **kwargs):
        super().__init__("invitation_state", *args, **kwargs)
+
+
+# Postgres enum definition for Integration type
+
+
+class IntegrationTypeEnum(EnumType):
+    enum_type_name = "integration_type"
+
+
+class IntegrationTypeEnumField(PostgresEnumField):
+    def __init__(self, *args, **kwargs):
+        super().__init__("integration_type", *args, **kwargs)
@@ -24,6 +24,7 @@ from api.db_utils import (
 from api.models import (
    ComplianceOverview,
    Finding,
+    Integration,
    Invitation,
    Membership,
    PermissionChoices,
@@ -286,6 +287,9 @@ class FindingFilter(FilterSet):
    status = ChoiceFilter(choices=StatusChoices.choices)
    severity = ChoiceFilter(choices=SeverityChoices)
    impact = ChoiceFilter(choices=SeverityChoices)
+    muted = BooleanFilter(
+        help_text="If this filter is not provided, muted and non-muted findings will be returned."
+    )

    resources = UUIDInFilter(field_name="resource__id", lookup_expr="in")

@@ -613,12 +617,6 @@ class ScanSummaryFilter(FilterSet):
        field_name="scan__provider__provider", choices=Provider.ProviderChoices.choices
    )
    region = CharFilter(field_name="region")
-    muted_findings = BooleanFilter(method="filter_muted_findings")
-
-    def filter_muted_findings(self, queryset, name, value):
-        if not value:
-            return queryset.exclude(muted__gt=0)
-        return queryset

    class Meta:
        model = ScanSummary
@@ -629,8 +627,6 @@ class ScanSummaryFilter(FilterSet):


 class ServiceOverviewFilter(ScanSummaryFilter):
-    muted_findings = None
-
    def is_valid(self):
        # Check if at least one of the inserted_at filters is present
        inserted_at_filters = [
@@ -648,3 +644,19 @@ class ServiceOverviewFilter(ScanSummaryFilter):
                }
            )
        return super().is_valid()
+
+
+class IntegrationFilter(FilterSet):
+    inserted_at = DateFilter(field_name="inserted_at", lookup_expr="date")
+    integration_type = ChoiceFilter(choices=Integration.IntegrationChoices.choices)
+    integration_type__in = ChoiceInFilter(
+        choices=Integration.IntegrationChoices.choices,
+        field_name="integration_type",
+        lookup_expr="in",
+    )
+
+    class Meta:
+        model = Integration
+        fields = {
+            "inserted_at": ["date", "gte", "lte"],
+        }
@@ -0,0 +1,35 @@
+# Generated by Django 5.1.5 on 2025-03-03 15:46
+
+from functools import partial
+
+from django.db import migrations
+
+from api.db_utils import IntegrationTypeEnum, PostgresEnumMigration, register_enum
+from api.models import Integration
+
+IntegrationTypeEnumMigration = PostgresEnumMigration(
+    enum_name="integration_type",
+    enum_values=tuple(
+        integration_type[0]
+        for integration_type in Integration.IntegrationChoices.choices
+    ),
+)
+
+
+class Migration(migrations.Migration):
+    atomic = False
+
+    dependencies = [
+        ("api", "0012_scan_report_output"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            IntegrationTypeEnumMigration.create_enum_type,
+            reverse_code=IntegrationTypeEnumMigration.drop_enum_type,
+        ),
+        migrations.RunPython(
+            partial(register_enum, enum_class=IntegrationTypeEnum),
+            reverse_code=migrations.RunPython.noop,
+        ),
+    ]
@@ -0,0 +1,131 @@
+# Generated by Django 5.1.5 on 2025-03-03 15:46
+
+import uuid
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+import api.db_utils
+import api.rls
+from api.rls import RowLevelSecurityConstraint
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0013_integrations_enum"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="Integration",
+            fields=[
+                (
+                    "id",
+                    models.UUIDField(
+                        default=uuid.uuid4,
+                        editable=False,
+                        primary_key=True,
+                        serialize=False,
+                    ),
+                ),
+                ("inserted_at", models.DateTimeField(auto_now_add=True)),
+                ("updated_at", models.DateTimeField(auto_now=True)),
+                ("enabled", models.BooleanField(default=False)),
+                ("connected", models.BooleanField(blank=True, null=True)),
+                (
+                    "connection_last_checked_at",
+                    models.DateTimeField(blank=True, null=True),
+                ),
+                (
+                    "integration_type",
+                    api.db_utils.IntegrationTypeEnumField(
+                        choices=[
+                            ("amazon_s3", "Amazon S3"),
+                            ("saml", "SAML"),
+                            ("aws_security_hub", "AWS Security Hub"),
+                            ("jira", "JIRA"),
+                            ("slack", "Slack"),
+                        ]
+                    ),
+                ),
+                ("configuration", models.JSONField(default=dict)),
+                ("_credentials", models.BinaryField(db_column="credentials")),
+                (
+                    "tenant",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE, to="api.tenant"
+                    ),
+                ),
+            ],
+            options={"db_table": "integrations", "abstract": False},
+        ),
+        migrations.AddConstraint(
+            model_name="integration",
+            constraint=RowLevelSecurityConstraint(
+                "tenant_id",
+                name="rls_on_integration",
+                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
+            ),
+        ),
+        migrations.CreateModel(
+            name="IntegrationProviderRelationship",
+            fields=[
+                (
+                    "id",
+                    models.UUIDField(
+                        default=uuid.uuid4,
+                        editable=False,
+                        primary_key=True,
+                        serialize=False,
+                    ),
+                ),
+                ("inserted_at", models.DateTimeField(auto_now_add=True)),
+                (
+                    "integration",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to="api.integration",
+                    ),
+                ),
+                (
+                    "provider",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE, to="api.provider"
+                    ),
+                ),
+                (
+                    "tenant",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE, to="api.tenant"
+                    ),
+                ),
+            ],
+            options={
+                "db_table": "integration_provider_mappings",
+                "constraints": [
+                    models.UniqueConstraint(
+                        fields=("integration_id", "provider_id"),
+                        name="unique_integration_provider_rel",
+                    ),
+                ],
+            },
+        ),
+        migrations.AddConstraint(
+            model_name="IntegrationProviderRelationship",
+            constraint=RowLevelSecurityConstraint(
+                "tenant_id",
+                name="rls_on_integrationproviderrelationship",
+                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
+            ),
+        ),
+        migrations.AddField(
+            model_name="integration",
+            name="providers",
+            field=models.ManyToManyField(
+                blank=True,
+                related_name="integrations",
+                through="api.IntegrationProviderRelationship",
+                to="api.provider",
+            ),
+        ),
+    ]
@@ -0,0 +1,26 @@
+# Generated by Django 5.1.5 on 2025-03-25 11:29
+
+from django.db import migrations, models
+
+import api.db_utils
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0014_integrations"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="finding",
+            name="muted",
+            field=models.BooleanField(default=False),
+        ),
+        migrations.AlterField(
+            model_name="finding",
+            name="status",
+            field=api.db_utils.StatusEnumField(
+                choices=[("FAIL", "Fail"), ("PASS", "Pass"), ("MANUAL", "Manual")]
+            ),
+        ),
+    ]
@@ -0,0 +1,32 @@
+# Generated by Django 5.1.5 on 2025-03-31 10:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0015_finding_muted"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="finding",
+            name="compliance",
+            field=models.JSONField(blank=True, default=dict, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="details",
+            field=models.TextField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="metadata",
+            field=models.TextField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name="resource",
+            name="partition",
+            field=models.TextField(blank=True, null=True),
+        ),
+    ]
@@ -0,0 +1,32 @@
+# Generated by Django 5.1.7 on 2025-04-16 08:47
+
+from django.db import migrations
+
+import api.db_utils
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api", "0016_finding_compliance_resource_details_and_more"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="provider",
+            name="provider",
+            field=api.db_utils.ProviderEnumField(
+                choices=[
+                    ("aws", "AWS"),
+                    ("azure", "Azure"),
+                    ("gcp", "GCP"),
+                    ("kubernetes", "Kubernetes"),
+                    ("m365", "M365"),
+                ],
+                default="aws",
+            ),
+        ),
+        migrations.RunSQL(
+            "ALTER TYPE provider ADD VALUE IF NOT EXISTS 'm365';",
+            reverse_sql=migrations.RunSQL.noop,
+        ),
+    ]
@@ -21,6 +21,7 @@ from uuid6 import uuid7
 from api.db_utils import (
    CustomUserManager,
    FindingDeltaEnumField,
+    IntegrationTypeEnumField,
    InvitationStateEnumField,
    MemberRoleEnumField,
    ProviderEnumField,
@@ -58,7 +59,6 @@ class StatusChoices(models.TextChoices):
    FAIL = "FAIL", _("Fail")
    PASS = "PASS", _("Pass")
    MANUAL = "MANUAL", _("Manual")
-    MUTED = "MUTED", _("Muted")


 class StateChoices(models.TextChoices):
@@ -191,6 +191,7 @@ class Provider(RowLevelSecurityProtectedModel):
        AZURE = "azure", _("Azure")
        GCP = "gcp", _("GCP")
        KUBERNETES = "kubernetes", _("Kubernetes")
+        M365 = "m365", _("M365")

    @staticmethod
    def validate_aws_uid(value):
@@ -214,6 +215,15 @@ class Provider(RowLevelSecurityProtectedModel):
                pointer="/data/attributes/uid",
            )

+    @staticmethod
+    def validate_m365_uid(value):
+        if not re.match(r"^[a-zA-Z0-9-]+\.onmicrosoft\.com$", value):
+            raise ModelValidationError(
+                detail="M365 tenant ID must be a valid domain.",
+                code="m365-uid",
+                pointer="/data/attributes/uid",
+            )
+
    @staticmethod
    def validate_gcp_uid(value):
        if not re.match(r"^[a-z][a-z0-9-]{5,29}$", value):
@@ -518,6 +528,11 @@ class Resource(RowLevelSecurityProtectedModel):
        editable=False,
    )

+    metadata = models.TextField(blank=True, null=True)
+    details = models.TextField(blank=True, null=True)
+    partition = models.TextField(blank=True, null=True)
+
+    # Relationships
    tags = models.ManyToManyField(
        ResourceTag,
        verbose_name="Tags associated with the resource, by provider",
@@ -655,6 +670,8 @@ class Finding(PostgresPartitionedModel, RowLevelSecurityProtectedModel):
    tags = models.JSONField(default=dict, null=True, blank=True)
    check_id = models.CharField(max_length=100, blank=False, null=False)
    check_metadata = models.JSONField(default=dict, null=False)
+    muted = models.BooleanField(default=False, null=False)
+    compliance = models.JSONField(default=dict, null=True, blank=True)

    # Relationships
    scan = models.ForeignKey(to=Scan, related_name="findings", on_delete=models.CASCADE)
@@ -1138,3 +1155,80 @@ class ScanSummary(RowLevelSecurityProtectedModel):

    class JSONAPIMeta:
        resource_name = "scan-summaries"
+
+
+class Integration(RowLevelSecurityProtectedModel):
+    class IntegrationChoices(models.TextChoices):
+        S3 = "amazon_s3", _("Amazon S3")
+        SAML = "saml", _("SAML")
+        AWS_SECURITY_HUB = "aws_security_hub", _("AWS Security Hub")
+        JIRA = "jira", _("JIRA")
+        SLACK = "slack", _("Slack")
+
+    id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
+    inserted_at = models.DateTimeField(auto_now_add=True, editable=False)
+    updated_at = models.DateTimeField(auto_now=True, editable=False)
+    enabled = models.BooleanField(default=False)
+    connected = models.BooleanField(null=True, blank=True)
+    connection_last_checked_at = models.DateTimeField(null=True, blank=True)
+    integration_type = IntegrationTypeEnumField(choices=IntegrationChoices.choices)
+    configuration = models.JSONField(default=dict)
+    _credentials = models.BinaryField(db_column="credentials")
+
+    providers = models.ManyToManyField(
+        Provider,
+        related_name="integrations",
+        through="IntegrationProviderRelationship",
+        blank=True,
+    )
+
+    class Meta(RowLevelSecurityProtectedModel.Meta):
+        db_table = "integrations"
+
+        constraints = [
+            RowLevelSecurityConstraint(
+                field="tenant_id",
+                name="rls_on_%(class)s",
+                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
+            ),
+        ]
+
+    class JSONAPIMeta:
+        resource_name = "integrations"
+
+    @property
+    def credentials(self):
+        if isinstance(self._credentials, memoryview):
+            encrypted_bytes = self._credentials.tobytes()
+        elif isinstance(self._credentials, str):
+            encrypted_bytes = self._credentials.encode()
+        else:
+            encrypted_bytes = self._credentials
+        decrypted_data = fernet.decrypt(encrypted_bytes)
+        return json.loads(decrypted_data.decode())
+
+    @credentials.setter
+    def credentials(self, value):
+        encrypted_data = fernet.encrypt(json.dumps(value).encode())
+        self._credentials = encrypted_data
+
+
+class IntegrationProviderRelationship(RowLevelSecurityProtectedModel):
+    id = models.UUIDField(primary_key=True, default=uuid4, editable=False)
+    integration = models.ForeignKey(Integration, on_delete=models.CASCADE)
+    provider = models.ForeignKey(Provider, on_delete=models.CASCADE)
+    inserted_at = models.DateTimeField(auto_now_add=True)
+
+    class Meta:
+        db_table = "integration_provider_mappings"
+        constraints = [
+            models.UniqueConstraint(
+                fields=["integration_id", "provider_id"],
+                name="unique_integration_provider_rel",
+            ),
+            RowLevelSecurityConstraint(
+                field="tenant_id",
+                name="rls_on_%(class)s",
+                statements=["SELECT", "INSERT", "UPDATE", "DELETE"],
+            ),
+        ]
@@ -2,8 +2,7 @@ from typing import Any
 from uuid import uuid4

 from django.core.exceptions import ValidationError
-from django.db import DEFAULT_DB_ALIAS
-from django.db import models
+from django.db import DEFAULT_DB_ALIAS, models
 from django.db.backends.ddl_references import Statement, Table

 from api.db_utils import DB_USER, POSTGRES_TENANT_VAR
@@ -59,11 +58,11 @@ class RowLevelSecurityConstraint(models.BaseConstraint):
    drop_sql_query = """
        ALTER TABLE %(table_name)s NO FORCE ROW LEVEL SECURITY;
        ALTER TABLE %(table_name)s DISABLE ROW LEVEL SECURITY;
-        REVOKE ALL ON TABLE %(table_name) TO %(db_user)s;
+        REVOKE ALL ON TABLE %(table_name)s FROM %(db_user)s;
    """

    drop_policy_sql_query = """
-        DROP POLICY IF EXISTS %(db_user)s_%(table_name)s_{statement} on %(table_name)s;
+        DROP POLICY IF EXISTS %(db_user)s_%(raw_table_name)s_{statement} ON %(table_name)s;
    """

    def __init__(
@@ -88,9 +87,7 @@ class RowLevelSecurityConstraint(models.BaseConstraint):
                f"{grant_queries}{self.grant_sql_query.format(statement=statement)}"
            )

-        full_create_sql_query = (
-            f"{self.rls_sql_query}" f"{policy_queries}" f"{grant_queries}"
-        )
+        full_create_sql_query = f"{self.rls_sql_query}{policy_queries}{grant_queries}"

        table_name = model._meta.db_table
        if self.partition_name:
@@ -107,16 +104,20 @@ class RowLevelSecurityConstraint(models.BaseConstraint):

    def remove_sql(self, model: Any, schema_editor: Any) -> Any:
        field_column = schema_editor.quote_name(self.target_field)
+        raw_table_name = model._meta.db_table
+        table_name = raw_table_name
+        if self.partition_name:
+            raw_table_name = f"{raw_table_name}_{self.partition_name}"
+            table_name = raw_table_name
+
        full_drop_sql_query = (
            f"{self.drop_sql_query}"
-            f"{''.join([self.drop_policy_sql_query.format(statement) for statement in self.statements])}"
+            f"{''.join([self.drop_policy_sql_query.format(statement=statement) for statement in self.statements])}"
        )
-        table_name = model._meta.db_table
-        if self.partition_name:
-            table_name = f"{table_name}_{self.partition_name}"
        return Statement(
            full_drop_sql_query,
            table_name=Table(table_name, schema_editor.quote_name),
+            raw_table_name=raw_table_name,
            field_column=field_column,
            db_user=DB_USER,
            partition_name=self.partition_name,
@@ -92,3 +92,31 @@ class TestResourceModel:

        assert len(resource.tags.filter(tenant_id=tenant_id)) == 0
        assert resource.get_tags(tenant_id=tenant_id) == {}
+
+
+# @pytest.mark.django_db
+# class TestFindingModel:
+#     def test_add_finding_with_long_uid(
+#         self, providers_fixture, scans_fixture, resources_fixture
+#     ):
+#         provider, *_ = providers_fixture
+#         tenant_id = provider.tenant_id
+
+#         long_uid = "1" * 500
+#         _ = Finding.objects.create(
+#             tenant_id=tenant_id,
+#             uid=long_uid,
+#             delta=Finding.DeltaChoices.NEW,
+#             check_metadata={},
+#             status=StatusChoices.PASS,
+#             status_extended="",
+#             severity="high",
+#             impact="high",
+#             raw_result={},
+#             check_id="test_check",
+#             scan=scans_fixture[0],
+#             first_seen_at=None,
+#             muted=False,
+#             compliance={},
+#         )
+#         assert Finding.objects.filter(uid=long_uid).exists()
@@ -1,7 +1,19 @@
+from unittest.mock import ANY, Mock, patch
+
 import pytest
 from django.urls import reverse
 from rest_framework import status
-from unittest.mock import patch, ANY, Mock
+
+from api.models import (
+    Membership,
+    ProviderGroup,
+    ProviderGroupMembership,
+    Role,
+    RoleProviderGroupRelationship,
+    User,
+    UserRoleRelationship,
+)
+from api.v1.serializers import TokenSerializer


@pytest.mark.django_db
@@ -304,3 +316,96 @@ class TestProviderViewSet:
            reverse("provider-connection", kwargs={"pk": provider.id})
        )
        assert response.status_code == status.HTTP_403_FORBIDDEN
+
+
+@pytest.mark.django_db
+class TestLimitedVisibility:
+    TEST_EMAIL = "rbac@rbac.com"
+    TEST_PASSWORD = "thisisapassword123"
+
+    @pytest.fixture
+    def limited_admin_user(
+        self, django_db_setup, django_db_blocker, tenants_fixture, providers_fixture
+    ):
+        with django_db_blocker.unblock():
+            tenant = tenants_fixture[0]
+            provider = providers_fixture[0]
+            user = User.objects.create_user(
+                name="testing",
+                email=self.TEST_EMAIL,
+                password=self.TEST_PASSWORD,
+            )
+            Membership.objects.create(
+                user=user,
+                tenant=tenant,
+                role=Membership.RoleChoices.OWNER,
+            )
+
+            role = Role.objects.create(
+                name="limited_visibility",
+                tenant=tenant,
+                manage_users=True,
+                manage_account=True,
+                manage_billing=True,
+                manage_providers=True,
+                manage_integrations=True,
+                manage_scans=True,
+                unlimited_visibility=False,
+            )
+            UserRoleRelationship.objects.create(
+                user=user,
+                role=role,
+                tenant=tenant,
+            )
+
+            provider_group = ProviderGroup.objects.create(
+                name="limited_visibility_group",
+                tenant=tenant,
+            )
+            ProviderGroupMembership.objects.create(
+                tenant=tenant,
+                provider=provider,
+                provider_group=provider_group,
+            )
+
+            RoleProviderGroupRelationship.objects.create(
+                tenant=tenant, role=role, provider_group=provider_group
+            )
+
+        return user
+
+    @pytest.fixture
+    def authenticated_client_rbac_limited(
+        self, limited_admin_user, tenants_fixture, client
+    ):
+        client.user = limited_admin_user
+        tenant_id = tenants_fixture[0].id
+        serializer = TokenSerializer(
+            data={
+                "type": "tokens",
+                "email": self.TEST_EMAIL,
+                "password": self.TEST_PASSWORD,
+                "tenant_id": tenant_id,
+            }
+        )
+        serializer.is_valid(raise_exception=True)
+        access_token = serializer.validated_data["access"]
+        client.defaults["HTTP_AUTHORIZATION"] = f"Bearer {access_token}"
+        return client
+
+    def test_integrations(
+        self, authenticated_client_rbac_limited, integrations_fixture, providers_fixture
+    ):
+        # Integration 2 is related to provider1 and provider 2
+        # This user cannot see provider 2
+        integration = integrations_fixture[1]
+
+        response = authenticated_client_rbac_limited.get(
+            reverse("integration-detail", kwargs={"pk": integration.id})
+        )
+
+        assert response.status_code == status.HTTP_200_OK
+        assert integration.providers.count() == 2
+        assert (
+            response.json()["data"]["relationships"]["providers"]["meta"]["count"] == 1
+        )
@@ -19,6 +19,7 @@ from prowler.providers.aws.aws_provider import AwsProvider
 from prowler.providers.azure.azure_provider import AzureProvider
 from prowler.providers.gcp.gcp_provider import GcpProvider
 from prowler.providers.kubernetes.kubernetes_provider import KubernetesProvider
+from prowler.providers.m365.m365_provider import M365Provider


 class TestMergeDicts:
@@ -104,6 +105,7 @@ class TestReturnProwlerProvider:
            (Provider.ProviderChoices.GCP.value, GcpProvider),
            (Provider.ProviderChoices.AZURE.value, AzureProvider),
            (Provider.ProviderChoices.KUBERNETES.value, KubernetesProvider),
+            (Provider.ProviderChoices.M365.value, M365Provider),
        ],
    )
    def test_return_prowler_provider(self, provider_type, expected_provider):
@@ -176,6 +178,10 @@ class TestGetProwlerProviderKwargs:
                Provider.ProviderChoices.KUBERNETES.value,
                {"context": "provider_uid"},
            ),
+            (
+                Provider.ProviderChoices.M365.value,
+                {},
+            ),
        ],
    )
    def test_get_prowler_provider_kwargs(self, provider_type, expected_extra_kwargs):
@@ -14,6 +14,8 @@ from django.urls import reverse
 from rest_framework import status

 from api.models import (
+    ComplianceOverview,
+    Integration,
    Invitation,
    Membership,
    Provider,
@@ -39,6 +41,14 @@ def today_after_n_days(n_days: int) -> str:
    )


+class TestViewSet:
+    def test_security_headers(self, client):
+        response = client.get("/")
+        assert response.headers["X-Content-Type-Options"] == "nosniff"
+        assert response.headers["X-Frame-Options"] == "DENY"
+        assert response.headers["Referrer-Policy"] == "strict-origin-when-cross-origin"
+
+
@pytest.mark.django_db
 class TestUserViewSet:
    def test_users_list(self, authenticated_client, create_test_user):
@@ -2200,9 +2210,12 @@ class TestScanViewSet:
        dummy_task.id = "dummy-task-id"
        dummy_task_data = {"id": dummy_task.id, "state": StateChoices.EXECUTING}

-        with patch("api.v1.views.Task.objects.get", return_value=dummy_task), patch(
-            "api.v1.views.TaskSerializer",
-            return_value=type("DummySerializer", (), {"data": dummy_task_data}),
+        with (
+            patch("api.v1.views.Task.objects.get", return_value=dummy_task),
+            patch(
+                "api.v1.views.TaskSerializer",
+                return_value=type("DummySerializer", (), {"data": dummy_task_data}),
+            ),
        ):
            url = reverse("scan-report", kwargs={"pk": scan.id})
            response = authenticated_client.get(url)
@@ -2680,6 +2693,8 @@ class TestFindingViewSet:
                # ("resource_tags", "key:value", 2),
                # ("resource_tags", "not:exists", 0),
                # ("resource_tags", "not:exists,key:value", 2),
+                ("muted", True, 1),
+                ("muted", False, 1),
            ]
        ),
    )
@@ -4496,6 +4511,33 @@ class TestComplianceOverviewViewSet:
        assert len(response.json()["data"]) == 1
        assert response.json()["data"][0]["id"] == str(compliance_overview1.id)

+    def test_compliance_overview_metadata(
+        self, authenticated_client, compliance_overviews_fixture
+    ):
+        response = authenticated_client.get(
+            reverse("complianceoverview-metadata"),
+            {"filter[scan_id]": str(compliance_overviews_fixture[0].scan_id)},
+        )
+        data = response.json()
+
+        expected_regions = set(
+            ComplianceOverview.objects.all()
+            .values_list("region", flat=True)
+            .distinct("region")
+        )
+
+        assert response.status_code == status.HTTP_200_OK
+        assert data["data"]["type"] == "compliance-overviews-metadata"
+        assert data["data"]["id"] is None
+        assert set(data["data"]["attributes"]["regions"]) == expected_regions
+
+    def test_compliance_overview_metadata_missing_scan_id(self, authenticated_client):
+        # Attempt to list compliance overviews without providing filter[scan_id]
+        response = authenticated_client.get(reverse("complianceoverview-metadata"))
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
+        assert response.json()["errors"][0]["source"]["pointer"] == "filter[scan_id]"
+        assert response.json()["errors"][0]["code"] == "required"
+

@pytest.mark.django_db
 class TestOverviewViewSet:
@@ -4587,3 +4629,415 @@ class TestScheduleViewSet:
            reverse("schedule-daily"), data=json_payload, format="json"
        )
        assert response.status_code == status.HTTP_404_NOT_FOUND
+
+
+@pytest.mark.django_db
+class TestIntegrationViewSet:
+    def test_integrations_list(self, authenticated_client, integrations_fixture):
+        response = authenticated_client.get(reverse("integration-list"))
+        assert response.status_code == status.HTTP_200_OK
+        assert len(response.json()["data"]) == len(integrations_fixture)
+
+    def test_integrations_retrieve(self, authenticated_client, integrations_fixture):
+        integration1, *_ = integrations_fixture
+        response = authenticated_client.get(
+            reverse("integration-detail", kwargs={"pk": integration1.id}),
+        )
+        assert response.status_code == status.HTTP_200_OK
+        assert response.json()["data"]["id"] == str(integration1.id)
+        assert (
+            response.json()["data"]["attributes"]["configuration"]
+            == integration1.configuration
+        )
+
+    def test_integrations_invalid_retrieve(self, authenticated_client):
+        response = authenticated_client.get(
+            reverse(
+                "integration-detail",
+                kwargs={"pk": "f498b103-c760-4785-9a3e-e23fafbb7b02"},
+            )
+        )
+        assert response.status_code == status.HTTP_404_NOT_FOUND
+
+    @pytest.mark.parametrize(
+        "include_values, expected_resources",
+        [
+            ("providers", ["providers"]),
+        ],
+    )
+    def test_integrations_list_include(
+        self,
+        include_values,
+        expected_resources,
+        authenticated_client,
+        integrations_fixture,
+    ):
+        response = authenticated_client.get(
+            reverse("integration-list"), {"include": include_values}
+        )
+        assert response.status_code == status.HTTP_200_OK
+        assert len(response.json()["data"]) == len(integrations_fixture)
+        assert "included" in response.json()
+
+        included_data = response.json()["included"]
+        for expected_type in expected_resources:
+            assert any(
+                d.get("type") == expected_type for d in included_data
+            ), f"Expected type '{expected_type}' not found in included data"
+
+    @pytest.mark.parametrize(
+        "integration_type, configuration, credentials",
+        [
+            # Amazon S3 - AWS credentials
+            (
+                Integration.IntegrationChoices.S3,
+                {
+                    "bucket_name": "bucket-name",
+                    "output_directory": "output-directory",
+                },
+                {
+                    "role_arn": "arn:aws",
+                    "external_id": "external-id",
+                },
+            ),
+            # Amazon S3 - No credentials (AWS self-hosted)
+            (
+                Integration.IntegrationChoices.S3,
+                {
+                    "bucket_name": "bucket-name",
+                    "output_directory": "output-directory",
+                },
+                {},
+            ),
+        ],
+    )
+    def test_integrations_create_valid(
+        self,
+        authenticated_client,
+        providers_fixture,
+        integration_type,
+        configuration,
+        credentials,
+    ):
+        provider = Provider.objects.first()
+
+        data = {
+            "data": {
+                "type": "integrations",
+                "attributes": {
+                    "integration_type": integration_type,
+                    "configuration": configuration,
+                    "credentials": credentials,
+                },
+                "relationships": {
+                    "providers": {
+                        "data": [{"type": "providers", "id": str(provider.id)}]
+                    }
+                },
+            }
+        }
+        response = authenticated_client.post(
+            reverse("integration-list"),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_201_CREATED
+        assert Integration.objects.count() == 1
+        integration = Integration.objects.first()
+        assert integration.configuration == data["data"]["attributes"]["configuration"]
+        assert (
+            integration.integration_type
+            == data["data"]["attributes"]["integration_type"]
+        )
+        assert "credentials" not in response.json()["data"]["attributes"]
+        assert (
+            str(provider.id)
+            == data["data"]["relationships"]["providers"]["data"][0]["id"]
+        )
+
+    def test_integrations_create_valid_relationships(
+        self,
+        authenticated_client,
+        providers_fixture,
+    ):
+        provider1, provider2, *_ = providers_fixture
+
+        data = {
+            "data": {
+                "type": "integrations",
+                "attributes": {
+                    "integration_type": Integration.IntegrationChoices.S3,
+                    "configuration": {
+                        "bucket_name": "bucket-name",
+                        "output_directory": "output-directory",
+                    },
+                    "credentials": {
+                        "role_arn": "arn:aws",
+                        "external_id": "external-id",
+                    },
+                },
+                "relationships": {
+                    "providers": {
+                        "data": [
+                            {"type": "providers", "id": str(provider1.id)},
+                            {"type": "providers", "id": str(provider2.id)},
+                        ]
+                    }
+                },
+            }
+        }
+        response = authenticated_client.post(
+            reverse("integration-list"),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_201_CREATED
+        assert Integration.objects.first().providers.count() == 2
+
+    @pytest.mark.parametrize(
+        "attributes, error_code, error_pointer",
+        (
+            [
+                (
+                    {
+                        "integration_type": "whatever",
+                        "configuration": {
+                            "bucket_name": "bucket-name",
+                            "output_directory": "output-directory",
+                        },
+                        "credentials": {
+                            "role_arn": "arn:aws",
+                            "external_id": "external-id",
+                        },
+                    },
+                    "invalid_choice",
+                    "integration_type",
+                ),
+                (
+                    {
+                        "integration_type": "amazon_s3",
+                        "configuration": {},
+                        "credentials": {
+                            "role_arn": "arn:aws",
+                            "external_id": "external-id",
+                        },
+                    },
+                    "required",
+                    "bucket_name",
+                ),
+                (
+                    {
+                        "integration_type": "amazon_s3",
+                        "configuration": {
+                            "bucket_name": "bucket_name",
+                            "output_directory": "output_directory",
+                            "invalid_key": "invalid_value",
+                        },
+                        "credentials": {
+                            "role_arn": "arn:aws",
+                            "external_id": "external-id",
+                        },
+                    },
+                    "invalid",
+                    None,
+                ),
+                (
+                    {
+                        "integration_type": "amazon_s3",
+                        "configuration": {
+                            "bucket_name": "bucket_name",
+                            "output_directory": "output_directory",
+                        },
+                        "credentials": {"invalid_key": "invalid_key"},
+                    },
+                    "invalid",
+                    None,
+                ),
+            ]
+        ),
+    )
+    def test_integrations_invalid_create(
+        self,
+        authenticated_client,
+        attributes,
+        error_code,
+        error_pointer,
+    ):
+        data = {
+            "data": {
+                "type": "integrations",
+                "attributes": attributes,
+            }
+        }
+        response = authenticated_client.post(
+            reverse("integration-list"),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
+        assert response.json()["errors"][0]["code"] == error_code
+        assert (
+            response.json()["errors"][0]["source"]["pointer"]
+            == f"/data/attributes/{error_pointer}"
+            if error_pointer
+            else "/data"
+        )
+
+    def test_integrations_partial_update(
+        self, authenticated_client, integrations_fixture
+    ):
+        integration, *_ = integrations_fixture
+        data = {
+            "data": {
+                "type": "integrations",
+                "id": str(integration.id),
+                "attributes": {
+                    "credentials": {
+                        "aws_access_key_id": "new_value",
+                    },
+                    # integration_type is `amazon_s3`
+                    "configuration": {
+                        "bucket_name": "new_bucket_name",
+                        "output_directory": "new_output_directory",
+                    },
+                },
+            }
+        }
+        response = authenticated_client.patch(
+            reverse("integration-detail", kwargs={"pk": integration.id}),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_200_OK
+        integration.refresh_from_db()
+        assert integration.credentials["aws_access_key_id"] == "new_value"
+        assert integration.configuration["bucket_name"] == "new_bucket_name"
+        assert integration.configuration["output_directory"] == "new_output_directory"
+
+    def test_integrations_partial_update_relationships(
+        self, authenticated_client, integrations_fixture
+    ):
+        integration, *_ = integrations_fixture
+        data = {
+            "data": {
+                "type": "integrations",
+                "id": str(integration.id),
+                "attributes": {
+                    "credentials": {
+                        "aws_access_key_id": "new_value",
+                    },
+                    # integration_type is `amazon_s3`
+                    "configuration": {
+                        "bucket_name": "new_bucket_name",
+                        "output_directory": "new_output_directory",
+                    },
+                },
+                "relationships": {"providers": {"data": []}},
+            }
+        }
+
+        assert integration.providers.count() > 0
+        response = authenticated_client.patch(
+            reverse("integration-detail", kwargs={"pk": integration.id}),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_200_OK
+        integration.refresh_from_db()
+        assert integration.providers.count() == 0
+
+    def test_integrations_partial_update_invalid_content_type(
+        self, authenticated_client, integrations_fixture
+    ):
+        integration, *_ = integrations_fixture
+        response = authenticated_client.patch(
+            reverse("integration-detail", kwargs={"pk": integration.id}),
+            data={},
+        )
+        assert response.status_code == status.HTTP_415_UNSUPPORTED_MEDIA_TYPE
+
+    def test_integrations_partial_update_invalid_content(
+        self, authenticated_client, integrations_fixture
+    ):
+        integration, *_ = integrations_fixture
+        data = {
+            "data": {
+                "type": "integrations",
+                "id": str(integration.id),
+                "attributes": {"invalid_config": "value"},
+            }
+        }
+        response = authenticated_client.patch(
+            reverse("integration-detail", kwargs={"pk": integration.id}),
+            data=json.dumps(data),
+            content_type="application/vnd.api+json",
+        )
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
+
+    def test_integrations_delete(
+        self,
+        authenticated_client,
+        integrations_fixture,
+    ):
+        integration, *_ = integrations_fixture
+        response = authenticated_client.delete(
+            reverse("integration-detail", kwargs={"pk": integration.id})
+        )
+        assert response.status_code == status.HTTP_204_NO_CONTENT
+
+    def test_integrations_delete_invalid(self, authenticated_client):
+        response = authenticated_client.delete(
+            reverse(
+                "integration-detail",
+                kwargs={"pk": "e67d0283-440f-48d1-b5f8-38d0763474f4"},
+            )
+        )
+        assert response.status_code == status.HTTP_404_NOT_FOUND
+
+    @pytest.mark.parametrize(
+        "filter_name, filter_value, expected_count",
+        (
+            [
+                ("inserted_at", TODAY, 2),
+                ("inserted_at.gte", "2024-01-01", 2),
+                ("inserted_at.lte", "2024-01-01", 0),
+                ("integration_type", Integration.IntegrationChoices.S3, 2),
+                ("integration_type", Integration.IntegrationChoices.SLACK, 0),
+                (
+                    "integration_type__in",
+                    f"{Integration.IntegrationChoices.S3},{Integration.IntegrationChoices.SLACK}",
+                    2,
+                ),
+            ]
+        ),
+    )
+    def test_integrations_filters(
+        self,
+        authenticated_client,
+        integrations_fixture,
+        filter_name,
+        filter_value,
+        expected_count,
+    ):
+        response = authenticated_client.get(
+            reverse("integration-list"),
+            {f"filter[{filter_name}]": filter_value},
+        )
+
+        assert response.status_code == status.HTTP_200_OK
+        assert len(response.json()["data"]) == expected_count
+
+    @pytest.mark.parametrize(
+        "filter_name",
+        (
+            [
+                "invalid",
+            ]
+        ),
+    )
+    def test_integrations_filters_invalid(self, authenticated_client, filter_name):
+        response = authenticated_client.get(
+            reverse("integration-list"),
+            {f"filter[{filter_name}]": "whatever"},
+        )
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
@@ -11,6 +11,7 @@ from prowler.providers.azure.azure_provider import AzureProvider
 from prowler.providers.common.models import Connection
 from prowler.providers.gcp.gcp_provider import GcpProvider
 from prowler.providers.kubernetes.kubernetes_provider import KubernetesProvider
+from prowler.providers.m365.m365_provider import M365Provider


 class CustomOAuth2Client(OAuth2Client):
@@ -51,14 +52,14 @@ def merge_dicts(default_dict: dict, replacement_dict: dict) -> dict:

 def return_prowler_provider(
    provider: Provider,
-) -> [AwsProvider | AzureProvider | GcpProvider | KubernetesProvider]:
+) -> [AwsProvider | AzureProvider | GcpProvider | KubernetesProvider | M365Provider]:
    """Return the Prowler provider class based on the given provider type.

    Args:
        provider (Provider): The provider object containing the provider type and associated secrets.

    Returns:
-        AwsProvider | AzureProvider | GcpProvider | KubernetesProvider: The corresponding provider class.
+        AwsProvider | AzureProvider | GcpProvider | KubernetesProvider | M365Provider: The corresponding provider class.

    Raises:
        ValueError: If the provider type specified in `provider.provider` is not supported.
@@ -72,6 +73,8 @@ def return_prowler_provider(
            prowler_provider = AzureProvider
        case Provider.ProviderChoices.KUBERNETES.value:
            prowler_provider = KubernetesProvider
+        case Provider.ProviderChoices.M365.value:
+            prowler_provider = M365Provider
        case _:
            raise ValueError(f"Provider type {provider.provider} not supported")
    return prowler_provider
@@ -104,15 +107,15 @@ def get_prowler_provider_kwargs(provider: Provider) -> dict:

 def initialize_prowler_provider(
    provider: Provider,
-) -> AwsProvider | AzureProvider | GcpProvider | KubernetesProvider:
+) -> AwsProvider | AzureProvider | GcpProvider | KubernetesProvider | M365Provider:
    """Initialize a Prowler provider instance based on the given provider type.

    Args:
        provider (Provider): The provider object containing the provider type and associated secrets.

    Returns:
-        AwsProvider | AzureProvider | GcpProvider | KubernetesProvider: An instance of the corresponding provider class
-            (`AwsProvider`, `AzureProvider`, `GcpProvider`, or `KubernetesProvider`) initialized with the
+        AwsProvider | AzureProvider | GcpProvider | KubernetesProvider | M365Provider: An instance of the corresponding provider class
+            (`AwsProvider`, `AzureProvider`, `GcpProvider`, `KubernetesProvider` or `M365Provider`) initialized with the
            provider's secrets.
    """
    prowler_provider = return_prowler_provider(provider)
@@ -130,10 +133,12 @@ def prowler_provider_connection_test(provider: Provider) -> Connection:
        Connection: A connection object representing the result of the connection test for the specified provider.
    """
    prowler_provider = return_prowler_provider(provider)
+
    try:
        prowler_provider_kwargs = provider.secret.secret
    except Provider.secret.RelatedObjectDoesNotExist as secret_error:
        return Connection(is_connected=False, error=secret_error)
+
    return prowler_provider.test_connection(
        **prowler_provider_kwargs, provider_id=provider.uid, raise_on_exception=False
    )
@@ -0,0 +1,122 @@
+from drf_spectacular.utils import extend_schema_field
+from rest_framework_json_api import serializers
+from rest_framework_json_api.serializers import ValidationError
+
+
+class BaseValidateSerializer(serializers.Serializer):
+    def validate(self, data):
+        if hasattr(self, "initial_data"):
+            initial_data = set(self.initial_data.keys()) - {"id", "type"}
+            unknown_keys = initial_data - set(self.fields.keys())
+            if unknown_keys:
+                raise ValidationError(f"Invalid fields: {unknown_keys}")
+        return data
+
+
+# Integrations
+
+
+class S3ConfigSerializer(BaseValidateSerializer):
+    bucket_name = serializers.CharField()
+    output_directory = serializers.CharField()
+
+    class Meta:
+        resource_name = "integrations"
+
+
+class AWSCredentialSerializer(BaseValidateSerializer):
+    role_arn = serializers.CharField(required=False)
+    external_id = serializers.CharField(required=False)
+    role_session_name = serializers.CharField(required=False)
+    session_duration = serializers.IntegerField(
+        required=False, min_value=900, max_value=43200
+    )
+    aws_access_key_id = serializers.CharField(required=False)
+    aws_secret_access_key = serializers.CharField(required=False)
+    aws_session_token = serializers.CharField(required=False)
+
+    class Meta:
+        resource_name = "integrations"
+
+
+@extend_schema_field(
+    {
+        "oneOf": [
+            {
+                "type": "object",
+                "title": "AWS Credentials",
+                "properties": {
+                    "role_arn": {
+                        "type": "string",
+                        "description": "The Amazon Resource Name (ARN) of the role to assume. Required for AWS role "
+                        "assumption.",
+                    },
+                    "external_id": {
+                        "type": "string",
+                        "description": "An identifier to enhance security for role assumption.",
+                    },
+                    "aws_access_key_id": {
+                        "type": "string",
+                        "description": "The AWS access key ID. Only required if the environment lacks pre-configured "
+                        "AWS credentials.",
+                    },
+                    "aws_secret_access_key": {
+                        "type": "string",
+                        "description": "The AWS secret access key. Required if 'aws_access_key_id' is provided or if "
+                        "no AWS credentials are pre-configured.",
+                    },
+                    "aws_session_token": {
+                        "type": "string",
+                        "description": "The session token for temporary credentials, if applicable.",
+                    },
+                    "session_duration": {
+                        "type": "integer",
+                        "minimum": 900,
+                        "maximum": 43200,
+                        "default": 3600,
+                        "description": "The duration (in seconds) for the role session.",
+                    },
+                    "role_session_name": {
+                        "type": "string",
+                        "description": "An identifier for the role session, useful for tracking sessions in AWS logs. "
+                        "The regex used to validate this parameter is a string of characters consisting of "
+                        "upper- and lower-case alphanumeric characters with no spaces. You can also include "
+                        "underscores or any of the following characters: =,.@-\n\n"
+                        "Examples:\n"
+                        "- MySession123\n"
+                        "- User_Session-1\n"
+                        "- Test.Session@2",
+                        "pattern": "^[a-zA-Z0-9=,.@_-]+$",
+                    },
+                },
+            },
+        ]
+    }
+)
+class IntegrationCredentialField(serializers.JSONField):
+    pass
+
+
+@extend_schema_field(
+    {
+        "oneOf": [
+            {
+                "type": "object",
+                "title": "Amazon S3",
+                "properties": {
+                    "bucket_name": {
+                        "type": "string",
+                        "description": "The name of the S3 bucket where files will be stored.",
+                    },
+                    "output_directory": {
+                        "type": "string",
+                        "description": "The directory path within the bucket where files will be saved.",
+                    },
+                },
+                "required": ["bucket_name", "output_directory"],
+            },
+        ]
+    }
+)
+class IntegrationConfigField(serializers.JSONField):
+    pass
@@ -0,0 +1,172 @@
+from drf_spectacular.utils import extend_schema_field
+from rest_framework_json_api import serializers
+
+
+@extend_schema_field(
+    {
+        "oneOf": [
+            {
+                "type": "object",
+                "title": "AWS Static Credentials",
+                "properties": {
+                    "aws_access_key_id": {
+                        "type": "string",
+                        "description": "The AWS access key ID. Required for environments where no IAM role is being "
+                        "assumed and direct AWS access is needed.",
+                    },
+                    "aws_secret_access_key": {
+                        "type": "string",
+                        "description": "The AWS secret access key. Must accompany 'aws_access_key_id' to authorize "
+                        "access to AWS resources.",
+                    },
+                    "aws_session_token": {
+                        "type": "string",
+                        "description": "The session token associated with temporary credentials. Only needed for "
+                        "session-based or temporary AWS access.",
+                    },
+                },
+                "required": ["aws_access_key_id", "aws_secret_access_key"],
+            },
+            {
+                "type": "object",
+                "title": "AWS Assume Role",
+                "properties": {
+                    "role_arn": {
+                        "type": "string",
+                        "description": "The Amazon Resource Name (ARN) of the role to assume. Required for AWS role "
+                        "assumption.",
+                    },
+                    "external_id": {
+                        "type": "string",
+                        "description": "An identifier to enhance security for role assumption.",
+                    },
+                    "aws_access_key_id": {
+                        "type": "string",
+                        "description": "The AWS access key ID. Only required if the environment lacks pre-configured "
+                        "AWS credentials.",
+                    },
+                    "aws_secret_access_key": {
+                        "type": "string",
+                        "description": "The AWS secret access key. Required if 'aws_access_key_id' is provided or if "
+                        "no AWS credentials are pre-configured.",
+                    },
+                    "aws_session_token": {
+                        "type": "string",
+                        "description": "The session token for temporary credentials, if applicable.",
+                    },
+                    "session_duration": {
+                        "type": "integer",
+                        "minimum": 900,
+                        "maximum": 43200,
+                        "default": 3600,
+                        "description": "The duration (in seconds) for the role session.",
+                    },
+                    "role_session_name": {
+                        "type": "string",
+                        "description": "An identifier for the role session, useful for tracking sessions in AWS logs. "
+                        "The regex used to validate this parameter is a string of characters consisting of "
+                        "upper- and lower-case alphanumeric characters with no spaces. You can also include "
+                        "underscores or any of the following characters: =,.@-\n\n"
+                        "Examples:\n"
+                        "- MySession123\n"
+                        "- User_Session-1\n"
+                        "- Test.Session@2",
+                        "pattern": "^[a-zA-Z0-9=,.@_-]+$",
+                    },
+                },
+                "required": ["role_arn", "external_id"],
+            },
+            {
+                "type": "object",
+                "title": "Azure Static Credentials",
+                "properties": {
+                    "client_id": {
+                        "type": "string",
+                        "description": "The Azure application (client) ID for authentication in Azure AD.",
+                    },
+                    "client_secret": {
+                        "type": "string",
+                        "description": "The client secret associated with the application (client) ID, providing "
+                        "secure access.",
+                    },
+                    "tenant_id": {
+                        "type": "string",
+                        "description": "The Azure tenant ID, representing the directory where the application is "
+                        "registered.",
+                    },
+                },
+                "required": ["client_id", "client_secret", "tenant_id"],
+            },
+            {
+                "type": "object",
+                "title": "M365 Static Credentials",
+                "properties": {
+                    "client_id": {
+                        "type": "string",
+                        "description": "The Azure application (client) ID for authentication in Azure AD.",
+                    },
+                    "client_secret": {
+                        "type": "string",
+                        "description": "The client secret associated with the application (client) ID, providing "
+                        "secure access.",
+                    },
+                    "tenant_id": {
+                        "type": "string",
+                        "description": "The Azure tenant ID, representing the directory where the application is "
+                        "registered.",
+                    },
+                    "user": {
+                        "type": "email",
+                        "description": "User microsoft email address.",
+                    },
+                    "encrypted_password": {
+                        "type": "string",
+                        "description": "User encrypted password.",
+                    },
+                },
+                "required": [
+                    "client_id",
+                    "client_secret",
+                    "tenant_id",
+                    "user",
+                    "encrypted_password",
+                ],
+            },
+            {
+                "type": "object",
+                "title": "GCP Static Credentials",
+                "properties": {
+                    "client_id": {
+                        "type": "string",
+                        "description": "The client ID from Google Cloud, used to identify the application for GCP "
+                        "access.",
+                    },
+                    "client_secret": {
+                        "type": "string",
+                        "description": "The client secret associated with the GCP client ID, required for secure "
+                        "access.",
+                    },
+                    "refresh_token": {
+                        "type": "string",
+                        "description": "A refresh token that allows the application to obtain new access tokens for "
+                        "extended use.",
+                    },
+                },
+                "required": ["client_id", "client_secret", "refresh_token"],
+            },
+            {
+                "type": "object",
+                "title": "Kubernetes Static Credentials",
+                "properties": {
+                    "kubeconfig_content": {
+                        "type": "string",
+                        "description": "The content of the Kubernetes kubeconfig file, encoded as a string.",
+                    }
+                },
+                "required": ["kubeconfig_content"],
+            },
+        ]
+    }
+)
+class ProviderSecretField(serializers.JSONField):
+    pass
@@ -16,6 +16,8 @@ from rest_framework_simplejwt.tokens import RefreshToken
 from api.models import (
    ComplianceOverview,
    Finding,
+    Integration,
+    IntegrationProviderRelationship,
    Invitation,
    InvitationRoleRelationship,
    Membership,
@@ -34,6 +36,13 @@ from api.models import (
    UserRoleRelationship,
 )
 from api.rls import Tenant
+from api.v1.serializer_utils.integrations import (
+    AWSCredentialSerializer,
+    IntegrationConfigField,
+    IntegrationCredentialField,
+    S3ConfigSerializer,
+)
+from api.v1.serializer_utils.providers import ProviderSecretField

 # Tokens

@@ -843,6 +852,10 @@ class ScanSerializer(RLSSerializer):
            "url",
        ]

+    included_serializers = {
+        "provider": "api.v1.serializers.ProviderIncludeSerializer",
+    }
+

 class ScanIncludeSerializer(RLSSerializer):
    trigger = serializers.ChoiceField(
@@ -1079,6 +1092,7 @@ class FindingSerializer(RLSSerializer):
            "inserted_at",
            "updated_at",
            "first_seen_at",
+            "muted",
            "url",
            # Relationships
            "scan",
@@ -1128,6 +1142,8 @@ class BaseWriteProviderSecretSerializer(BaseWriteSerializer):
                serializer = GCPProviderSecret(data=secret)
            elif provider_type == Provider.ProviderChoices.KUBERNETES.value:
                serializer = KubernetesProviderSecret(data=secret)
+            elif provider_type == Provider.ProviderChoices.M365.value:
+                serializer = M365ProviderSecret(data=secret)
            else:
                raise serializers.ValidationError(
                    {"provider": f"Provider type not supported {provider_type}"}
@@ -1167,6 +1183,17 @@ class AzureProviderSecret(serializers.Serializer):
        resource_name = "provider-secrets"


+class M365ProviderSecret(serializers.Serializer):
+    client_id = serializers.CharField()
+    client_secret = serializers.CharField()
+    tenant_id = serializers.CharField()
+    user = serializers.EmailField()
+    encrypted_password = serializers.CharField()
+
+    class Meta:
+        resource_name = "provider-secrets"
+
+
 class GCPProviderSecret(serializers.Serializer):
    client_id = serializers.CharField()
    client_secret = serializers.CharField()
@@ -1198,141 +1225,6 @@ class AWSRoleAssumptionProviderSecret(serializers.Serializer):
        resource_name = "provider-secrets"


-@extend_schema_field(
-    {
-        "oneOf": [
-            {
-                "type": "object",
-                "title": "AWS Static Credentials",
-                "properties": {
-                    "aws_access_key_id": {
-                        "type": "string",
-                        "description": "The AWS access key ID. Required for environments where no IAM role is being "
-                        "assumed and direct AWS access is needed.",
-                    },
-                    "aws_secret_access_key": {
-                        "type": "string",
-                        "description": "The AWS secret access key. Must accompany 'aws_access_key_id' to authorize "
-                        "access to AWS resources.",
-                    },
-                    "aws_session_token": {
-                        "type": "string",
-                        "description": "The session token associated with temporary credentials. Only needed for "
-                        "session-based or temporary AWS access.",
-                    },
-                },
-                "required": ["aws_access_key_id", "aws_secret_access_key"],
-            },
-            {
-                "type": "object",
-                "title": "AWS Assume Role",
-                "properties": {
-                    "role_arn": {
-                        "type": "string",
-                        "description": "The Amazon Resource Name (ARN) of the role to assume. Required for AWS role "
-                        "assumption.",
-                    },
-                    "external_id": {
-                        "type": "string",
-                        "description": "An identifier to enhance security for role assumption.",
-                    },
-                    "aws_access_key_id": {
-                        "type": "string",
-                        "description": "The AWS access key ID. Only required if the environment lacks pre-configured "
-                        "AWS credentials.",
-                    },
-                    "aws_secret_access_key": {
-                        "type": "string",
-                        "description": "The AWS secret access key. Required if 'aws_access_key_id' is provided or if "
-                        "no AWS credentials are pre-configured.",
-                    },
-                    "aws_session_token": {
-                        "type": "string",
-                        "description": "The session token for temporary credentials, if applicable.",
-                    },
-                    "session_duration": {
-                        "type": "integer",
-                        "minimum": 900,
-                        "maximum": 43200,
-                        "default": 3600,
-                        "description": "The duration (in seconds) for the role session.",
-                    },
-                    "role_session_name": {
-                        "type": "string",
-                        "description": "An identifier for the role session, useful for tracking sessions in AWS logs. "
-                        "The regex used to validate this parameter is a string of characters consisting of "
-                        "upper- and lower-case alphanumeric characters with no spaces. You can also include "
-                        "underscores or any of the following characters: =,.@-\n\n"
-                        "Examples:\n"
-                        "- MySession123\n"
-                        "- User_Session-1\n"
-                        "- Test.Session@2",
-                        "pattern": "^[a-zA-Z0-9=,.@_-]+$",
-                    },
-                },
-                "required": ["role_arn", "external_id"],
-            },
-            {
-                "type": "object",
-                "title": "Azure Static Credentials",
-                "properties": {
-                    "client_id": {
-                        "type": "string",
-                        "description": "The Azure application (client) ID for authentication in Azure AD.",
-                    },
-                    "client_secret": {
-                        "type": "string",
-                        "description": "The client secret associated with the application (client) ID, providing "
-                        "secure access.",
-                    },
-                    "tenant_id": {
-                        "type": "string",
-                        "description": "The Azure tenant ID, representing the directory where the application is "
-                        "registered.",
-                    },
-                },
-                "required": ["client_id", "client_secret", "tenant_id"],
-            },
-            {
-                "type": "object",
-                "title": "GCP Static Credentials",
-                "properties": {
-                    "client_id": {
-                        "type": "string",
-                        "description": "The client ID from Google Cloud, used to identify the application for GCP "
-                        "access.",
-                    },
-                    "client_secret": {
-                        "type": "string",
-                        "description": "The client secret associated with the GCP client ID, required for secure "
-                        "access.",
-                    },
-                    "refresh_token": {
-                        "type": "string",
-                        "description": "A refresh token that allows the application to obtain new access tokens for "
-                        "extended use.",
-                    },
-                },
-                "required": ["client_id", "client_secret", "refresh_token"],
-            },
-            {
-                "type": "object",
-                "title": "Kubernetes Static Credentials",
-                "properties": {
-                    "kubeconfig_content": {
-                        "type": "string",
-                        "description": "The content of the Kubernetes kubeconfig file, encoded as a string.",
-                    }
-                },
-                "required": ["kubeconfig_content"],
-            },
-        ]
-    }
-)
-class ProviderSecretField(serializers.JSONField):
-    pass
-
-
 class ProviderSecretSerializer(RLSSerializer):
    """
    Serializer for the ProviderSecret model.
@@ -1606,8 +1498,8 @@ class RoleSerializer(RLSSerializer, BaseWriteSerializer):
            "manage_account",
            # Disable for the first release
            # "manage_billing",
-            # "manage_integrations",
            # /Disable for the first release
+            "manage_integrations",
            "manage_providers",
            "manage_scans",
            "permission_state",
@@ -1889,6 +1781,13 @@ class ComplianceOverviewFullSerializer(ComplianceOverviewSerializer):
        return obj.requirements


+class ComplianceOverviewMetadataSerializer(serializers.Serializer):
+    regions = serializers.ListField(child=serializers.CharField(), allow_empty=True)
+
+    class Meta:
+        resource_name = "compliance-overviews-metadata"
+
+
 # Overviews


@@ -2013,3 +1912,201 @@ class ScheduleDailyCreateSerializer(serializers.Serializer):
            if unknown_keys:
                raise ValidationError(f"Invalid fields: {unknown_keys}")
        return data
+
+
+# Integrations
+
+
+class BaseWriteIntegrationSerializer(BaseWriteSerializer):
+    @staticmethod
+    def validate_integration_data(
+        integration_type: str,
+        providers: list[Provider],  # noqa
+        configuration: dict,
+        credentials: dict,
+    ):
+        if integration_type == Integration.IntegrationChoices.S3:
+            config_serializer = S3ConfigSerializer
+            credentials_serializers = [AWSCredentialSerializer]
+            # TODO: This will be required for AWS Security Hub
+            # if providers and not all(
+            #     provider.provider == Provider.ProviderChoices.AWS
+            #     for provider in providers
+            # ):
+            #     raise serializers.ValidationError(
+            #         {"providers": "All providers must be AWS for the S3 integration."}
+            #     )
+        else:
+            raise serializers.ValidationError(
+                {
+                    "integration_type": f"Integration type not supported yet: {integration_type}"
+                }
+            )
+
+        config_serializer(data=configuration).is_valid(raise_exception=True)
+
+        for cred_serializer in credentials_serializers:
+            try:
+                cred_serializer(data=credentials).is_valid(raise_exception=True)
+                break
+            except ValidationError:
+                continue
+        else:
+            raise ValidationError(
+                {"credentials": "Invalid credentials for the integration type."}
+            )
+
+
+class IntegrationSerializer(RLSSerializer):
+    """
+    Serializer for the Integration model.
+    """
+
+    providers = serializers.ResourceRelatedField(
+        queryset=Provider.objects.all(), many=True
+    )
+
+    class Meta:
+        model = Integration
+        fields = [
+            "id",
+            "inserted_at",
+            "updated_at",
+            "enabled",
+            "connected",
+            "connection_last_checked_at",
+            "integration_type",
+            "configuration",
+            "providers",
+            "url",
+        ]
+
+    included_serializers = {
+        "providers": "api.v1.serializers.ProviderIncludeSerializer",
+    }
+
+    def to_representation(self, instance):
+        representation = super().to_representation(instance)
+        allowed_providers = self.context.get("allowed_providers")
+        if allowed_providers:
+            allowed_provider_ids = {str(provider.id) for provider in allowed_providers}
+            representation["providers"] = [
+                provider
+                for provider in representation["providers"]
+                if provider["id"] in allowed_provider_ids
+            ]
+        return representation
+
+
+class IntegrationCreateSerializer(BaseWriteIntegrationSerializer):
+    credentials = IntegrationCredentialField(write_only=True)
+    configuration = IntegrationConfigField()
+    providers = serializers.ResourceRelatedField(
+        queryset=Provider.objects.all(), many=True, required=False
+    )
+
+    class Meta:
+        model = Integration
+        fields = [
+            "inserted_at",
+            "updated_at",
+            "enabled",
+            "connected",
+            "connection_last_checked_at",
+            "integration_type",
+            "configuration",
+            "credentials",
+            "providers",
+        ]
+        extra_kwargs = {
+            "inserted_at": {"read_only": True},
+            "updated_at": {"read_only": True},
+            "connected": {"read_only": True},
+            "enabled": {"read_only": True},
+            "connection_last_checked_at": {"read_only": True},
+        }
+
+    def validate(self, attrs):
+        integration_type = attrs.get("integration_type")
+        providers = attrs.get("providers")
+        configuration = attrs.get("configuration")
+        credentials = attrs.get("credentials")
+
+        validated_attrs = super().validate(attrs)
+        self.validate_integration_data(
+            integration_type, providers, configuration, credentials
+        )
+        return validated_attrs
+
+    def create(self, validated_data):
+        tenant_id = self.context.get("tenant_id")
+
+        providers = validated_data.pop("providers", [])
+        integration = Integration.objects.create(tenant_id=tenant_id, **validated_data)
+
+        through_model_instances = [
+            IntegrationProviderRelationship(
+                integration=integration,
+                provider=provider,
+                tenant_id=tenant_id,
+            )
+            for provider in providers
+        ]
+        IntegrationProviderRelationship.objects.bulk_create(through_model_instances)
+
+        return integration
+
+
+class IntegrationUpdateSerializer(BaseWriteIntegrationSerializer):
+    credentials = IntegrationCredentialField(write_only=True, required=False)
+    configuration = IntegrationConfigField(required=False)
+    providers = serializers.ResourceRelatedField(
+        queryset=Provider.objects.all(), many=True, required=False
+    )
+
+    class Meta:
+        model = Integration
+        fields = [
+            "inserted_at",
+            "updated_at",
+            "enabled",
+            "connected",
+            "connection_last_checked_at",
+            "integration_type",
+            "configuration",
+            "credentials",
+            "providers",
+        ]
+        extra_kwargs = {
+            "inserted_at": {"read_only": True},
+            "updated_at": {"read_only": True},
+            "connected": {"read_only": True},
+            "connection_last_checked_at": {"read_only": True},
+            "integration_type": {"read_only": True},
+        }
+
+    def validate(self, attrs):
+        integration_type = self.instance.integration_type
+        providers = attrs.get("providers")
+        configuration = attrs.get("configuration") or self.instance.configuration
+        credentials = attrs.get("credentials") or self.instance.credentials
+
+        validated_attrs = super().validate(attrs)
+        self.validate_integration_data(
+            integration_type, providers, configuration, credentials
+        )
+        return validated_attrs
+
+    def update(self, instance, validated_data):
+        tenant_id = self.context.get("tenant_id")
+        if validated_data.get("providers") is not None:
+            instance.providers.clear()
+            new_relationships = [
+                IntegrationProviderRelationship(
+                    integration=instance, provider=provider, tenant_id=tenant_id
+                )
+                for provider in validated_data["providers"]
+            ]
+            IntegrationProviderRelationship.objects.bulk_create(new_relationships)
+
+        return super().update(instance, validated_data)
@@ -10,6 +10,7 @@ from api.v1.views import (
    FindingViewSet,
    GithubSocialLoginView,
    GoogleSocialLoginView,
+    IntegrationViewSet,
    InvitationAcceptViewSet,
    InvitationViewSet,
    MembershipViewSet,
@@ -47,6 +48,7 @@ router.register(
 )
 router.register(r"overviews", OverviewViewSet, basename="overview")
 router.register(r"schedules", ScheduleViewSet, basename="schedule")
+router.register(r"integrations", IntegrationViewSet, basename="integration")

 tenants_router = routers.NestedSimpleRouter(router, r"tenants", lookup="tenant")
 tenants_router.register(
@@ -59,6 +59,7 @@ from api.db_router import MainRouter
 from api.filters import (
    ComplianceOverviewFilter,
    FindingFilter,
+    IntegrationFilter,
    InvitationFilter,
    MembershipFilter,
    ProviderFilter,
@@ -76,6 +77,7 @@ from api.filters import (
 from api.models import (
    ComplianceOverview,
    Finding,
+    Integration,
    Invitation,
    Membership,
    Provider,
@@ -100,10 +102,14 @@ from api.rls import Tenant
 from api.utils import CustomOAuth2Client, validate_invitation
 from api.v1.serializers import (
    ComplianceOverviewFullSerializer,
+    ComplianceOverviewMetadataSerializer,
    ComplianceOverviewSerializer,
    FindingDynamicFilterSerializer,
    FindingMetadataSerializer,
    FindingSerializer,
+    IntegrationCreateSerializer,
+    IntegrationSerializer,
+    IntegrationUpdateSerializer,
    InvitationAcceptSerializer,
    InvitationCreateSerializer,
    InvitationSerializer,
@@ -241,7 +247,7 @@ class SchemaView(SpectacularAPIView):

    def get(self, request, *args, **kwargs):
        spectacular_settings.TITLE = "Prowler API"
-        spectacular_settings.VERSION = "1.5.4"
+        spectacular_settings.VERSION = "1.7.0"
        spectacular_settings.DESCRIPTION = (
            "Prowler API specification.\n\nThis file is auto-generated."
        )
@@ -297,6 +303,11 @@ class SchemaView(SpectacularAPIView):
                "description": "Endpoints for task management, allowing retrieval of task status and "
                "revoking tasks that have not started.",
            },
+            {
+                "name": "Integration",
+                "description": "Endpoints for managing third-party integrations, including registration, configuration,"
+                " retrieval, and deletion of integrations such as S3, JIRA, or other services.",
+            },
        ]
        return super().get(request, *args, **kwargs)

@@ -2047,6 +2058,21 @@ class RoleProviderGroupRelationshipView(RelationshipView, BaseRLSViewSet):
        description="Fetch detailed information about a specific compliance overview by its ID, including detailed "
        "requirement information and check's status.",
    ),
+    metadata=extend_schema(
+        tags=["Compliance Overview"],
+        summary="Retrieve metadata values from compliance overviews",
+        description="Fetch unique metadata values from a set of compliance overviews. This is useful for dynamic "
+        "filtering.",
+        parameters=[
+            OpenApiParameter(
+                name="filter[scan_id]",
+                required=True,
+                type=OpenApiTypes.UUID,
+                location=OpenApiParameter.QUERY,
+                description="Related scan ID.",
+            ),
+        ],
+    ),
 )
@method_decorator(CACHE_DECORATOR, name="list")
@method_decorator(CACHE_DECORATOR, name="retrieve")
@@ -2108,6 +2134,8 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):
    def get_serializer_class(self):
        if self.action == "retrieve":
            return ComplianceOverviewFullSerializer
+        elif self.action == "metadata":
+            return ComplianceOverviewMetadataSerializer
        return super().get_serializer_class()

    def list(self, request, *args, **kwargs):
@@ -2124,6 +2152,35 @@ class ComplianceOverviewViewSet(BaseRLSViewSet):
            )
        return super().list(request, *args, **kwargs)

+    @action(detail=False, methods=["get"], url_name="metadata")
+    def metadata(self, request):
+        scan_id = request.query_params.get("filter[scan_id]")
+        if not scan_id:
+            raise ValidationError(
+                [
+                    {
+                        "detail": "This query parameter is required.",
+                        "status": 400,
+                        "source": {"pointer": "filter[scan_id]"},
+                        "code": "required",
+                    }
+                ]
+            )
+
+        tenant_id = self.request.tenant_id
+
+        regions = list(
+            ComplianceOverview.objects.filter(tenant_id=tenant_id, scan_id=scan_id)
+            .values_list("region", flat=True)
+            .order_by("region")
+            .distinct()
+        )
+        result = {"regions": regions}
+
+        serializer = self.get_serializer(data=result)
+        serializer.is_valid(raise_exception=True)
+        return Response(serializer.data, status=status.HTTP_200_OK)
+

@extend_schema(tags=["Overview"])
@extend_schema_view(
@@ -2444,3 +2501,67 @@ class ScheduleViewSet(BaseRLSViewSet):
                )
            },
        )
+
+
+@extend_schema_view(
+    list=extend_schema(
+        tags=["Integration"],
+        summary="List all integrations",
+        description="Retrieve a list of all configured integrations with options for filtering by various criteria.",
+    ),
+    retrieve=extend_schema(
+        tags=["Integration"],
+        summary="Retrieve integration details",
+        description="Fetch detailed information about a specific integration by its ID.",
+    ),
+    create=extend_schema(
+        tags=["Integration"],
+        summary="Create a new integration",
+        description="Register a new integration with the system, providing necessary configuration details.",
+    ),
+    partial_update=extend_schema(
+        tags=["Integration"],
+        summary="Partially update an integration",
+        description="Modify certain fields of an existing integration without affecting other settings.",
+    ),
+    destroy=extend_schema(
+        tags=["Integration"],
+        summary="Delete an integration",
+        description="Remove an integration from the system by its ID.",
+    ),
+)
+@method_decorator(CACHE_DECORATOR, name="list")
+@method_decorator(CACHE_DECORATOR, name="retrieve")
+class IntegrationViewSet(BaseRLSViewSet):
+    queryset = Integration.objects.all()
+    serializer_class = IntegrationSerializer
+    http_method_names = ["get", "post", "patch", "delete"]
+    filterset_class = IntegrationFilter
+    ordering = ["integration_type", "-inserted_at"]
+    # RBAC required permissions
+    required_permissions = [Permissions.MANAGE_INTEGRATIONS]
+    allowed_providers = None
+
+    def get_queryset(self):
+        user_roles = get_role(self.request.user)
+        if user_roles.unlimited_visibility:
+            # User has unlimited visibility, return all integrations
+            queryset = Integration.objects.filter(tenant_id=self.request.tenant_id)
+        else:
+            # User lacks permission, filter providers based on provider groups associated with the role
+            allowed_providers = get_providers(user_roles)
+            queryset = Integration.objects.filter(providers__in=allowed_providers)
+            self.allowed_providers = allowed_providers
+        return queryset
+
+    def get_serializer_class(self):
+        if self.action == "create":
+            return IntegrationCreateSerializer
+        elif self.action == "partial_update":
+            return IntegrationUpdateSerializer
+        return super().get_serializer_class()
+
+    def get_serializer_context(self):
+        context = super().get_serializer_context()
+        context["allowed_providers"] = self.allowed_providers
+        return context
@@ -2,9 +2,8 @@ import json
 import logging
 from enum import StrEnum

-from django_guid.log_filters import CorrelationId
-
 from config.env import env
+from django_guid.log_filters import CorrelationId


 class BackendLogger(StrEnum):
@@ -39,9 +38,9 @@ class NDJSONFormatter(logging.Formatter):
            "funcName": record.funcName,
            "process": record.process,
            "thread": record.thread,
-            "transaction_id": record.transaction_id
-            if hasattr(record, "transaction_id")
-            else None,
+            "transaction_id": (
+                record.transaction_id if hasattr(record, "transaction_id") else None
+            ),
        }

        # Add REST API extra fields
@@ -237,4 +237,9 @@ DJANGO_OUTPUT_S3_AWS_SECRET_ACCESS_KEY = env.str(
 DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN = env.str("DJANGO_OUTPUT_S3_AWS_SESSION_TOKEN", "")
 DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION = env.str("DJANGO_OUTPUT_S3_AWS_DEFAULT_REGION", "")

+# HTTP Security Headers
+SECURE_CONTENT_TYPE_NOSNIFF = True
+X_FRAME_OPTIONS = "DENY"
+SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin"
+
 DJANGO_DELETION_BATCH_SIZE = env.int("DJANGO_DELETION_BATCH_SIZE", 5000)
@@ -12,6 +12,8 @@ IGNORED_EXCEPTIONS = [
    "UnauthorizedOperation",
    "AuthFailure",
    "InvalidClientTokenId",
+    "AWSInvalidProviderIdError",
+    "InternalServerErrorException",
    "AccessDenied",
    "No Shodan API Key",  # Shodan Check
    "RequestLimitExceeded",  # For now we don't want to log the RequestLimitExceeded errors
@@ -36,7 +38,10 @@ IGNORED_EXCEPTIONS = [
    "InvalidRequestException",
    "RequestExpired",
    "ConnectionClosedError",
-    "HTTPSConnectionPool",
+    "MaxRetryError",
+    "AWSAccessKeyIDInvalidError",
+    "AWSSessionTokenExpiredError",
+    "EndpointConnectionError",  # AWS Service is not available in a region
    "Pool is closed",  # The following comes from urllib3: eu-west-1 -- HTTPClientError[126]: An HTTP Client raised an unhandled exception: AWSHTTPSConnectionPool(host='hostname.s3.eu-west-1.amazonaws.com', port=443): Pool is closed.
    # Authentication Errors from GCP
    "ClientAuthenticationError",
@@ -55,13 +60,12 @@ IGNORED_EXCEPTIONS = [
    "AzureNotValidClientIdError",
    "AzureNotValidClientSecretError",
    "AzureNotValidTenantIdError",
+    "AzureInvalidProviderIdError",
    "AzureTenantIdAndClientSecretNotBelongingToClientIdError",
    "AzureTenantIdAndClientIdNotBelongingToClientSecretError",
    "AzureClientIdAndClientSecretNotBelongingToTenantIdError",
    "AzureHTTPResponseError",
    "Error with credentials provided",
-    # AWS Service is not available in a region
-    "EndpointConnectionError",
 ]


@@ -93,4 +97,6 @@ sentry_sdk.init(
        # possible.
        "continuous_profiling_auto_start": True,
    },
+    attach_stacktrace=True,
+    ignore_errors=IGNORED_EXCEPTIONS,
 )
@@ -1,13 +1,13 @@
 from config.env import env

-# Google Oauth settings
-GOOGLE_OAUTH_CLIENT_ID = env("DJANGO_GOOGLE_OAUTH_CLIENT_ID", default="")
-GOOGLE_OAUTH_CLIENT_SECRET = env("DJANGO_GOOGLE_OAUTH_CLIENT_SECRET", default="")
-GOOGLE_OAUTH_CALLBACK_URL = env("DJANGO_GOOGLE_OAUTH_CALLBACK_URL", default="")
+# Provider Oauth settings
+GOOGLE_OAUTH_CLIENT_ID = env("SOCIAL_GOOGLE_OAUTH_CLIENT_ID", default="")
+GOOGLE_OAUTH_CLIENT_SECRET = env("SOCIAL_GOOGLE_OAUTH_CLIENT_SECRET", default="")
+GOOGLE_OAUTH_CALLBACK_URL = env("SOCIAL_GOOGLE_OAUTH_CALLBACK_URL", default="")

-GITHUB_OAUTH_CLIENT_ID = env("DJANGO_GITHUB_OAUTH_CLIENT_ID", default="")
-GITHUB_OAUTH_CLIENT_SECRET = env("DJANGO_GITHUB_OAUTH_CLIENT_SECRET", default="")
-GITHUB_OAUTH_CALLBACK_URL = env("DJANGO_GITHUB_OAUTH_CALLBACK_URL", default="")
+GITHUB_OAUTH_CLIENT_ID = env("SOCIAL_GITHUB_OAUTH_CLIENT_ID", default="")
+GITHUB_OAUTH_CLIENT_SECRET = env("SOCIAL_GITHUB_OAUTH_CLIENT_SECRET", default="")
+GITHUB_OAUTH_CALLBACK_URL = env("SOCIAL_GITHUB_OAUTH_CALLBACK_URL", default="")

 # Allauth settings
 ACCOUNT_LOGIN_METHODS = {"email"}  # Use Email / Password authentication
@@ -15,6 +15,8 @@ from api.db_utils import rls_transaction
 from api.models import (
    ComplianceOverview,
    Finding,
+    Integration,
+    IntegrationProviderRelationship,
    Invitation,
    Membership,
    Provider,
@@ -653,6 +655,7 @@ def findings_fixture(scans_fixture, resources_fixture):
            "Description": "test description orange juice",
        },
        first_seen_at="2024-01-02T00:00:00Z",
+        muted=True,
    )

    finding2.add_resources([resource2])
@@ -877,6 +880,46 @@ def scan_summaries_fixture(tenants_fixture, providers_fixture):
    )


+@pytest.fixture
+def integrations_fixture(providers_fixture):
+    provider1, provider2, *_ = providers_fixture
+    tenant_id = provider1.tenant_id
+    integration1 = Integration.objects.create(
+        tenant_id=tenant_id,
+        enabled=True,
+        connected=True,
+        integration_type="amazon_s3",
+        configuration={"key": "value"},
+        credentials={"psswd": "1234"},
+    )
+    IntegrationProviderRelationship.objects.create(
+        tenant_id=tenant_id,
+        integration=integration1,
+        provider=provider1,
+    )
+
+    integration2 = Integration.objects.create(
+        tenant_id=tenant_id,
+        enabled=True,
+        connected=True,
+        integration_type="amazon_s3",
+        configuration={"key": "value"},
+        credentials={"psswd": "1234"},
+    )
+    IntegrationProviderRelationship.objects.create(
+        tenant_id=tenant_id,
+        integration=integration2,
+        provider=provider1,
+    )
+    IntegrationProviderRelationship.objects.create(
+        tenant_id=tenant_id,
+        integration=integration2,
+        provider=provider2,
+    )
+
+    return integration1, integration2
+
+
 def get_authorization_header(access_token: str) -> dict:
    return {"Authorization": f"Bearer {access_token}"}

@@ -1,3 +1,4 @@
+import json
 import time
 from copy import deepcopy
 from datetime import datetime, timezone
@@ -6,6 +7,7 @@ from celery.utils.log import get_task_logger
 from config.settings.celery import CELERY_DEADLOCK_ATTEMPTS
 from django.db import IntegrityError, OperationalError
 from django.db.models import Case, Count, IntegerField, Sum, When
+from tasks.utils import CustomEncoder

 from api.compliance import (
    PROWLER_COMPLIANCE_OVERVIEW_TEMPLATE,
@@ -191,6 +193,17 @@ def perform_prowler_scan(
                        if resource_instance.type != finding.resource_type:
                            resource_instance.type = finding.resource_type
                            updated_fields.append("type")
+                        if resource_instance.metadata != finding.resource_metadata:
+                            resource_instance.metadata = json.dumps(
+                                finding.resource_metadata, cls=CustomEncoder
+                            )
+                            updated_fields.append("metadata")
+                        if resource_instance.details != finding.resource_details:
+                            resource_instance.details = finding.resource_details
+                            updated_fields.append("details")
+                        if resource_instance.partition != finding.partition:
+                            resource_instance.partition = finding.partition
+                            updated_fields.append("partition")
                        if updated_fields:
                            with rls_transaction(tenant_id):
                                resource_instance.save(update_fields=updated_fields)
@@ -267,6 +280,8 @@ def perform_prowler_scan(
                        check_id=finding.check_id,
                        scan=scan_instance,
                        first_seen_at=last_first_seen_at,
+                        muted=finding.muted,
+                        compliance=finding.compliance,
                    )
                    finding_instance.add_resources([resource_instance])

@@ -402,21 +417,21 @@ def aggregate_findings(tenant_id: str, scan_id: str):
        ).annotate(
            fail=Sum(
                Case(
-                    When(status="FAIL", then=1),
+                    When(status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            _pass=Sum(
                Case(
-                    When(status="PASS", then=1),
+                    When(status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
-            muted=Sum(
+            muted_count=Sum(
                Case(
-                    When(status="MUTED", then=1),
+                    When(muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
@@ -424,63 +439,63 @@ def aggregate_findings(tenant_id: str, scan_id: str):
            total=Count("id"),
            new=Sum(
                Case(
-                    When(delta="new", then=1),
+                    When(delta="new", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            changed=Sum(
                Case(
-                    When(delta="changed", then=1),
+                    When(delta="changed", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            unchanged=Sum(
                Case(
-                    When(delta__isnull=True, then=1),
+                    When(delta__isnull=True, muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            fail_new=Sum(
                Case(
-                    When(delta="new", status="FAIL", then=1),
+                    When(delta="new", status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            fail_changed=Sum(
                Case(
-                    When(delta="changed", status="FAIL", then=1),
+                    When(delta="changed", status="FAIL", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            pass_new=Sum(
                Case(
-                    When(delta="new", status="PASS", then=1),
+                    When(delta="new", status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            pass_changed=Sum(
                Case(
-                    When(delta="changed", status="PASS", then=1),
+                    When(delta="changed", status="PASS", muted=False, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            muted_new=Sum(
                Case(
-                    When(delta="new", status="MUTED", then=1),
+                    When(delta="new", muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
            ),
            muted_changed=Sum(
                Case(
-                    When(delta="changed", status="MUTED", then=1),
+                    When(delta="changed", muted=True, then=1),
                    default=0,
                    output_field=IntegerField(),
                )
@@ -498,7 +513,7 @@ def aggregate_findings(tenant_id: str, scan_id: str):
                region=agg["resources__region"],
                fail=agg["fail"],
                _pass=agg["_pass"],
-                muted=agg["muted"],
+                muted=agg["muted_count"],
                total=agg["total"],
                new=agg["new"],
                changed=agg["changed"],
@@ -246,6 +246,11 @@ def generate_outputs(scan_id: str, provider_id: str, tenant_id: str):
        scan_id (str): The scan identifier.
        provider_id (str): The provider_id id to be used in generating outputs.
    """
+    # Check if the scan has findings
+    if not ScanSummary.objects.filter(scan_id=scan_id).exists():
+        logger.info(f"No findings found for scan {scan_id}")
+        return {"upload": False}
+
    # Initialize the prowler provider
    prowler_provider = initialize_prowler_provider(Provider.objects.get(id=provider_id))

@@ -1,3 +1,4 @@
+import json
 import uuid
 from unittest.mock import MagicMock, patch

@@ -7,6 +8,7 @@ from tasks.jobs.scan import (
    _store_resources,
    perform_prowler_scan,
 )
+from tasks.utils import CustomEncoder

 from api.models import (
    Finding,
@@ -107,7 +109,13 @@ class TestPerformScan:
            finding.service_name = "service_name"
            finding.resource_type = "resource_type"
            finding.resource_tags = {"tag1": "value1", "tag2": "value2"}
+            finding.muted = False
            finding.raw = {}
+            finding.resource_metadata = {"test": "metadata"}
+            finding.resource_details = {"details": "test"}
+            finding.partition = "partition"
+            finding.muted = True
+            finding.compliance = {"compliance1": "PASS"}

            # Mock the ProwlerScan instance
            mock_prowler_scan_instance = MagicMock()
@@ -145,6 +153,8 @@ class TestPerformScan:
        assert scan_finding.severity == finding.severity
        assert scan_finding.check_id == finding.check_id
        assert scan_finding.raw_result == finding.raw
+        assert scan_finding.muted
+        assert scan_finding.compliance == finding.compliance

        assert scan_resource.tenant == tenant
        assert scan_resource.uid == finding.resource_uid
@@ -152,6 +162,11 @@ class TestPerformScan:
        assert scan_resource.service == finding.service_name
        assert scan_resource.type == finding.resource_type
        assert scan_resource.name == finding.resource_name
+        assert scan_resource.metadata == json.dumps(
+            finding.resource_metadata, cls=CustomEncoder
+        )
+        assert scan_resource.details == f"{finding.resource_details}"
+        assert scan_resource.partition == finding.partition

        # Assert that the resource tags have been created and associated
        tags = scan_resource.tags.all()
@@ -1,9 +1,32 @@
+import json
 from datetime import datetime, timedelta, timezone
+from enum import Enum

 from django_celery_beat.models import PeriodicTask
 from django_celery_results.models import TaskResult


+class CustomEncoder(json.JSONEncoder):
+    def default(self, o):
+        # Enum serialization
+        if isinstance(o, Enum):
+            return o.value
+        # Datetime and timedelta serialization
+        if isinstance(o, datetime):
+            return o.isoformat(timespec="seconds")
+        if isinstance(o, timedelta):
+            return o.total_seconds()
+
+        # Custom object serialization
+        try:
+            return super().default(o)
+        except TypeError:
+            try:
+                return o.__dict__
+            except AttributeError:
+                return str(o)
+
+
 def get_next_execution_datetime(task_id: int, provider_id: str) -> datetime:
    task_instance = TaskResult.objects.get(task_id=task_id)
    try:
@@ -0,0 +1,156 @@
+#!/usr/bin/env python3
+import argparse
+import re
+import subprocess
+import sys
+from pathlib import Path
+
+import matplotlib.pyplot as plt
+import pandas as pd
+
+plt.style.use("ggplot")
+
+
+def run_locust(
+    locust_file: str,
+    host: str,
+    users: int,
+    hatch_rate: int,
+    run_time: str,
+    csv_prefix: Path,
+) -> Path:
+    artifacts_dir = Path("artifacts")
+    artifacts_dir.mkdir(parents=True, exist_ok=True)
+
+    cmd = [
+        "locust",
+        "-f",
+        f"scenarios/{locust_file}",
+        "--headless",
+        "-u",
+        str(users),
+        "-r",
+        str(hatch_rate),
+        "-t",
+        run_time,
+        "--host",
+        host,
+        "--csv",
+        str(artifacts_dir / csv_prefix.name),
+    ]
+    print(f"Running Locust: {' '.join(cmd)}")
+    process = subprocess.run(cmd)
+    if process.returncode:
+        sys.exit("Locust execution failed")
+
+    stats_file = artifacts_dir / f"{csv_prefix.stem}_stats.csv"
+    if not stats_file.exists():
+        sys.exit(f"Stats CSV not found: {stats_file}")
+    return stats_file
+
+
+def load_percentiles(csv_path: Path) -> pd.DataFrame:
+    df = pd.read_csv(csv_path)
+    mapping = {"50%": "p50", "75%": "p75", "90%": "p90", "95%": "p95"}
+    available = [col for col in mapping if col in df.columns]
+    renamed = {col: mapping[col] for col in available}
+    df = df.rename(columns=renamed).set_index("Name")[renamed.values()]
+    return df.drop(index=["Aggregated"], errors="ignore")
+
+
+def sanitize_label(label: str) -> str:
+    text = re.sub(r"[^\w]+", "_", label.strip().lower())
+    return text.strip("_")
+
+
+def plot_multi_comparison(metrics: dict[str, pd.DataFrame]) -> None:
+    common = sorted(set.intersection(*(set(df.index) for df in metrics.values())))
+    percentiles = list(next(iter(metrics.values())).columns)
+    groups = len(metrics)
+    width = 0.8 / groups
+
+    for endpoint in common:
+        fig, ax = plt.subplots(figsize=(10, 5), dpi=100)
+        for idx, (label, df) in enumerate(metrics.items()):
+            series = df.loc[endpoint]
+            positions = [
+                i + (idx - groups / 2) * width + width / 2
+                for i in range(len(percentiles))
+            ]
+            bars = ax.bar(positions, series.values, width, label=label)
+            for bar in bars:
+                height = bar.get_height()
+                ax.annotate(
+                    f"{int(height)}",
+                    xy=(bar.get_x() + bar.get_width() / 2, height),
+                    xytext=(0, 3),
+                    textcoords="offset points",
+                    ha="center",
+                    va="bottom",
+                    fontsize=8,
+                )
+
+        ax.set_xticks(range(len(percentiles)))
+        ax.set_xticklabels(percentiles)
+        ax.set_ylabel("Latency (ms)")
+        ax.set_title(endpoint, fontsize=12)
+        ax.grid(True, axis="y", linestyle="--", alpha=0.7)
+
+        fig.tight_layout()
+        fig.subplots_adjust(right=0.75)
+        ax.legend(loc="center left", bbox_to_anchor=(1, 0.5), framealpha=0.9)
+
+        output = Path("artifacts") / f"comparison_{sanitize_label(endpoint)}.png"
+        plt.savefig(output)
+        plt.close(fig)
+        print(f"Saved chart: {output}")
+
+
+def main() -> None:
+    parser = argparse.ArgumentParser(description="Run Locust and compare metrics")
+    parser.add_argument("--locustfile", required=True, help="Locust file in scenarios/")
+    parser.add_argument("--host", required=True, help="Target host URL")
+    parser.add_argument(
+        "--users", type=int, default=10, help="Number of simulated users"
+    )
+    parser.add_argument("--rate", type=int, default=1, help="Hatch rate per second")
+    parser.add_argument("--time", default="1m", help="Test duration (e.g. 30s, 1m)")
+    parser.add_argument(
+        "--metrics-dir", default="baselines", help="Directory with CSV baselines"
+    )
+    parser.add_argument("--version", default="current", help="Test version")
+    args = parser.parse_args()
+
+    metrics_dir = Path(args.metrics_dir)
+    if not metrics_dir.is_dir():
+        sys.exit(f"Metrics directory not found: {metrics_dir}")
+
+    metrics_data: dict[str, pd.DataFrame] = {}
+    for csv_file in sorted(metrics_dir.glob("*.csv")):
+        metrics_data[csv_file.stem] = load_percentiles(csv_file)
+
+    current_prefix = Path(args.version)
+    current_csv = run_locust(
+        locust_file=args.locustfile,
+        host=args.host,
+        users=args.users,
+        hatch_rate=args.rate,
+        run_time=args.time,
+        csv_prefix=current_prefix,
+    )
+    metrics_data[args.version] = load_percentiles(current_csv)
+
+    for endpoint in sorted(
+        set.intersection(*(set(df.index) for df in metrics_data.values()))
+    ):
+        parts = [endpoint]
+        for label, df in metrics_data.items():
+            s = df.loc[endpoint]
+            parts.append(f"{label}: p50 {s.p50}, p75 {s.p75}, p90 {s.p90}, p95 {s.p95}")
+        print(" | ".join(parts))
+
+    plot_multi_comparison(metrics_data)
+
+
+if __name__ == "__main__":
+    main()
@@ -0,0 +1,2 @@
+locust==2.34.1
+matplotlib==3.10.1
@@ -0,0 +1,202 @@
+from locust import events, task
+from utils.config import (
+    FINDINGS_UI_SORT_VALUES,
+    L_PROVIDER_NAME,
+    M_PROVIDER_NAME,
+    S_PROVIDER_NAME,
+    TARGET_INSERTED_AT,
+)
+from utils.helpers import (
+    APIUserBase,
+    get_api_token,
+    get_auth_headers,
+    get_next_resource_filter,
+    get_resource_filters_pairs,
+    get_scan_id_from_provider_name,
+    get_sort_value,
+)
+
+GLOBAL = {
+    "token": None,
+    "scan_ids": {},
+    "resource_filters": None,
+    "large_resource_filters": None,
+}
+
+
+@events.test_start.add_listener
+def on_test_start(environment, **kwargs):
+    GLOBAL["token"] = get_api_token(environment.host)
+
+    GLOBAL["scan_ids"]["small"] = get_scan_id_from_provider_name(
+        environment.host, GLOBAL["token"], S_PROVIDER_NAME
+    )
+    GLOBAL["scan_ids"]["medium"] = get_scan_id_from_provider_name(
+        environment.host, GLOBAL["token"], M_PROVIDER_NAME
+    )
+    GLOBAL["scan_ids"]["large"] = get_scan_id_from_provider_name(
+        environment.host, GLOBAL["token"], L_PROVIDER_NAME
+    )
+
+    GLOBAL["resource_filters"] = get_resource_filters_pairs(
+        environment.host, GLOBAL["token"]
+    )
+    GLOBAL["large_resource_filters"] = get_resource_filters_pairs(
+        environment.host, GLOBAL["token"], GLOBAL["scan_ids"]["large"]
+    )
+
+
+class APIUser(APIUserBase):
+    def on_start(self):
+        self.token = GLOBAL["token"]
+        self.s_scan_id = GLOBAL["scan_ids"]["small"]
+        self.m_scan_id = GLOBAL["scan_ids"]["medium"]
+        self.l_scan_id = GLOBAL["scan_ids"]["large"]
+        self.available_resource_filters = GLOBAL["resource_filters"]
+        self.available_resource_filters_large_scan = GLOBAL["large_resource_filters"]
+
+    @task
+    def findings_default(self):
+        name = "/findings"
+        page_number = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page_number}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[inserted_at]={TARGET_INSERTED_AT}"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task(3)
+    def findings_default_include(self):
+        name = "/findings?include"
+        page = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[inserted_at]={TARGET_INSERTED_AT}"
+            f"&include=scan.provider,resources"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task(3)
+    def findings_metadata(self):
+        endpoint = f"/findings/metadata?" f"filter[inserted_at]={TARGET_INSERTED_AT}"
+        self.client.get(
+            endpoint, headers=get_auth_headers(self.token), name="/findings/metadata"
+        )
+
+    @task
+    def findings_scan_small(self):
+        name = "/findings?filter[scan_id] - 50k"
+        page_number = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page_number}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[scan]={self.s_scan_id}"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task
+    def findings_metadata_scan_small(self):
+        endpoint = f"/findings/metadata?" f"&filter[scan]={self.s_scan_id}"
+        self.client.get(
+            endpoint,
+            headers=get_auth_headers(self.token),
+            name="/findings/metadata?filter[scan_id] - 50k",
+        )
+
+    @task(2)
+    def findings_scan_medium(self):
+        name = "/findings?filter[scan_id] - 250k"
+        page_number = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page_number}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[scan]={self.m_scan_id}"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task
+    def findings_metadata_scan_medium(self):
+        endpoint = f"/findings/metadata?" f"&filter[scan]={self.m_scan_id}"
+        self.client.get(
+            endpoint,
+            headers=get_auth_headers(self.token),
+            name="/findings/metadata?filter[scan_id] - 250k",
+        )
+
+    @task
+    def findings_scan_large(self):
+        name = "/findings?filter[scan_id] - 500k"
+        page_number = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page_number}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[scan]={self.l_scan_id}"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task
+    def findings_scan_large_include(self):
+        name = "/findings?filter[scan_id]&include - 500k"
+        page_number = self._next_page(name)
+        endpoint = (
+            f"/findings?page[number]={page_number}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[scan]={self.l_scan_id}"
+            f"&include=scan.provider,resources"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task
+    def findings_metadata_scan_large(self):
+        endpoint = f"/findings/metadata?" f"&filter[scan]={self.l_scan_id}"
+        self.client.get(
+            endpoint,
+            headers=get_auth_headers(self.token),
+            name="/findings/metadata?filter[scan_id] - 500k",
+        )
+
+    @task(2)
+    def findings_resource_filter(self):
+        name = "/findings?filter[resource_filter]&include"
+        filter_name, filter_value = get_next_resource_filter(
+            self.available_resource_filters
+        )
+
+        endpoint = (
+            f"/findings?filter[{filter_name}]={filter_value}"
+            f"&filter[inserted_at]={TARGET_INSERTED_AT}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&include=scan.provider,resources"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task(3)
+    def findings_metadata_resource_filter(self):
+        name = "/findings/metadata?filter[resource_filter]"
+        filter_name, filter_value = get_next_resource_filter(
+            self.available_resource_filters
+        )
+
+        endpoint = (
+            f"/findings?filter[{filter_name}]={filter_value}"
+            f"&filter[inserted_at]={TARGET_INSERTED_AT}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
+
+    @task
+    def findings_resource_filter_large_scan_include(self):
+        name = "/findings?filter[resource_filter][scan]&include - 500k"
+        filter_name, filter_value = get_next_resource_filter(
+            self.available_resource_filters
+        )
+
+        endpoint = (
+            f"/findings?filter[{filter_name}]={filter_value}"
+            f"&{get_sort_value(FINDINGS_UI_SORT_VALUES)}"
+            f"&filter[scan]={self.l_scan_id}"
+            f"&include=scan.provider,resources"
+        )
+        self.client.get(endpoint, headers=get_auth_headers(self.token), name=name)
@@ -0,0 +1,19 @@
+import os
+
+USER_EMAIL = os.environ.get("USER_EMAIL")
+USER_PASSWORD = os.environ.get("USER_PASSWORD")
+
+BASE_HEADERS = {"Content-Type": "application/vnd.api+json"}
+
+FINDINGS_UI_SORT_VALUES = ["severity", "status", "-inserted_at"]
+TARGET_INSERTED_AT = os.environ.get("TARGET_INSERTED_AT", "2025-04-22")
+
+FINDINGS_RESOURCE_METADATA = {
+    "regions": "region",
+    "resource_types": "resource_type",
+    "services": "service",
+}
+
+S_PROVIDER_NAME = "provider-50k"
+M_PROVIDER_NAME = "provider-250k"
+L_PROVIDER_NAME = "provider-500k"
@@ -0,0 +1,168 @@
+import random
+from collections import defaultdict
+from threading import Lock
+
+import requests
+from locust import HttpUser, between
+from utils.config import (
+    BASE_HEADERS,
+    FINDINGS_RESOURCE_METADATA,
+    TARGET_INSERTED_AT,
+    USER_EMAIL,
+    USER_PASSWORD,
+)
+
+_global_page_counters = defaultdict(int)
+_page_lock = Lock()
+
+
+class APIUserBase(HttpUser):
+    """
+    Base class for API user simulation in Locust performance tests.
+
+    Attributes:
+        abstract (bool): Indicates this is an abstract user class.
+        wait_time: Time between task executions, randomized between 1 and 5 seconds.
+    """
+
+    abstract = True
+    wait_time = between(1, 5)
+
+    def _next_page(self, endpoint_name: str) -> int:
+        """
+        Returns the next page number for a given endpoint. Thread-safe.
+
+        Args:
+            endpoint_name (str): Name of the API endpoint being paginated.
+
+        Returns:
+            int: The next page number for the given endpoint.
+        """
+        with _page_lock:
+            _global_page_counters[endpoint_name] += 1
+            return _global_page_counters[endpoint_name]
+
+
+def get_next_resource_filter(available_values: dict) -> tuple:
+    """
+    Randomly selects a filter type and value from available options.
+
+    Args:
+        available_values (dict): Dictionary with filter types as keys and list of possible values.
+
+    Returns:
+        tuple: A (filter_type, filter_value) pair randomly selected.
+    """
+    filter_type = random.choice(list(available_values.keys()))
+    filter_value = random.choice(available_values[filter_type])
+    return filter_type, filter_value
+
+
+def get_auth_headers(token: str) -> dict:
+    """
+    Returns the headers for the API requests.
+
+    Args:
+        token (str): The token to be included in the headers.
+
+    Returns:
+        dict: The headers for the API requests.
+    """
+    return {
+        "Authorization": f"Bearer {token}",
+        **BASE_HEADERS,
+    }
+
+
+def get_api_token(host: str) -> str:
+    """
+    Authenticates with the API and retrieves a bearer token.
+
+    Args:
+        host (str): The host URL of the API.
+
+    Returns:
+        str: The access token for authenticated requests.
+
+    Raises:
+        AssertionError: If the request fails or does not return a 200 status code.
+    """
+    login_payload = {
+        "data": {
+            "type": "tokens",
+            "attributes": {"email": USER_EMAIL, "password": USER_PASSWORD},
+        }
+    }
+    response = requests.post(f"{host}/tokens", json=login_payload, headers=BASE_HEADERS)
+    assert response.status_code == 200, f"Failed to get token: {response.text}"
+    return response.json()["data"]["attributes"]["access"]
+
+
+def get_scan_id_from_provider_name(host: str, token: str, provider_name: str) -> str:
+    """
+    Retrieves the scan ID associated with a specific provider name.
+
+    Args:
+        host (str): The host URL of the API.
+        token (str): Bearer token for authentication.
+        provider_name (str): Name of the provider to filter scans by.
+
+    Returns:
+        str: The ID of the scan.
+
+    Raises:
+        AssertionError: If the request fails or does not return a 200 status code.
+    """
+    response = requests.get(
+        f"{host}/scans?fields[scans]=id&filter[provider_alias]={provider_name}",
+        headers=get_auth_headers(token),
+    )
+    assert response.status_code == 200, f"Failed to get scan: {response.text}"
+    return response.json()["data"][0]["id"]
+
+
+def get_resource_filters_pairs(host: str, token: str, scan_id: str = "") -> dict:
+    """
+    Retrieves and maps resource metadata filter values from the findings endpoint.
+
+    Args:
+        host (str): The host URL of the API.
+        token (str): Bearer token for authentication.
+        scan_id (str, optional): Optional scan ID to filter metadata. Defaults to using inserted_at timestamp.
+
+    Returns:
+        dict: A dictionary of resource filter metadata.
+
+    Raises:
+        AssertionError: If the request fails or does not return a 200 status code.
+    """
+    metadata_filters = (
+        f"filter[scan]={scan_id}"
+        if scan_id
+        else f"filter[inserted_at]={TARGET_INSERTED_AT}"
+    )
+    response = requests.get(
+        f"{host}/findings/metadata?{metadata_filters}", headers=get_auth_headers(token)
+    )
+    assert (
+        response.status_code == 200
+    ), f"Failed to get resource filters values: {response.text}"
+    attributes = response.json()["data"]["attributes"]
+    return {
+        FINDINGS_RESOURCE_METADATA[key]: values
+        for key, values in attributes.items()
+        if key in FINDINGS_RESOURCE_METADATA.keys()
+    }
+
+
+def get_sort_value(sort_values: list) -> str:
+    """
+    Constructs a sort query string from a list of sort keys.
+
+    Args:
+        sort_values (list): The list of sort values to include in the query.
+
+    Returns:
+        str: A formatted sort query string (e.g., "sort=created_at,-severity").
+    """
+    return f"sort={','.join(sort_values)}"
@@ -1,6 +1,9 @@
 #!/bin/bash
 # Run Prowler against All AWS Accounts in an AWS Organization

+# Activate Poetry Environment
+eval "$(poetry env activate)"
+
 # Show Prowler Version
 prowler -v

@@ -89,7 +89,7 @@ for accountId in $ACCOUNTS_IN_ORGS; do
        # Run Prowler
        echo -e "Assessing AWS Account: $accountId, using Role: $ROLE on $(date)"
        # remove -g cislevel for a full report and add other formats if needed
-        ./prowler/prowler.py --role arn:"$PARTITION":iam::"$accountId":role/"$ROLE" --compliance cis_1.5_aws -M html
+        ./prowler/prowler-cli.py --role arn:"$PARTITION":iam::"$accountId":role/"$ROLE" --compliance cis_1.5_aws -M html
        echo "Report stored locally at: prowler/output/ directory"
        TOTAL_SEC=$((SECONDS - START_TIME))
        echo -e "Completed AWS Account: $accountId, using Role: $ROLE on $(date)"
@@ -17,7 +17,7 @@ spec:
            image: toniblyx/prowler:latest
            imagePullPolicy: Always
            command:
-            - "./prowler.py"
+            - "./prowler-cli.py"
            args: [ "-B", "$(awsS3Bucket)" ]
            env:
            - name: AWS_ACCESS_KEY_ID
@@ -399,7 +399,6 @@ mainConfig:
      [
        "RSA-1024",
        "P-192",
-        "SHA-1",
      ]

    # AWS EKS Configuration
@@ -16,7 +16,6 @@ spec:
          containers:
          - name: prowler
            image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
-            command: ["prowler"]
            args: ["kubernetes", "-z", "-b"]
            imagePullPolicy: {{ .Values.image.pullPolicy }}
            volumeMounts:
@@ -1361,6 +1361,9 @@ video {
  .lg\:grid-cols-4 {
    grid-template-columns: repeat(4, minmax(0, 1fr));
  }
+  .lg\:grid-cols-5 {
+    grid-template-columns: repeat(5, minmax(0, 1fr));
+  }

  .lg\:justify-normal {
    justify-content: normal;
@@ -1403,4 +1406,4 @@ video {
  .\32xl\:w-\[9\%\] {
    width: 9%;
  }
-}
+}
@@ -562,8 +562,11 @@ def get_section_containers_format1(data, section_1, section_2):

            direct_internal_items.append(internal_section_container)

+        # Cut the title if it's too long
+        tittle_external = section[:70] + " ..." if len(section) > 70 else section
+
        accordion_item = dbc.AccordionItem(
-            title=f"{section}", children=direct_internal_items
+            title=f"{tittle_external}", children=direct_internal_items
        )
        section_container = html.Div(
            [
@@ -2225,13 +2228,356 @@ def get_section_containers_ens(data, section_1, section_2, section_3, section_4)
    return html.Div(section_containers, className="compliance-data-layout")


+def get_section_containers_3_levels(data, section_1, section_2, section_3):
+    data["STATUS"] = data["STATUS"].apply(map_status_to_icon)
+    findings_counts_marco = (
+        data.groupby([section_1, "STATUS"]).size().unstack(fill_value=0)
+    )
+    section_containers = []
+    data[section_1] = data[section_1].astype(str)
+    data[section_2] = data[section_2].astype(str)
+    data[section_3] = data[section_3].astype(str)
+
+    data.sort_values(
+        by=section_3,
+        key=lambda x: x.map(extract_numeric_values),
+        ascending=True,
+        inplace=True,
+    )
+
+    for marco in data[section_1].unique():
+        success_marco = findings_counts_marco.loc[marco].get(pass_emoji, 0)
+        failed_marco = findings_counts_marco.loc[marco].get(fail_emoji, 0)
+
+        fig_name = go.Figure(
+            [
+                go.Bar(
+                    name="Failed",
+                    x=[failed_marco],
+                    y=[""],
+                    orientation="h",
+                    marker=dict(color="#e77676"),
+                    width=[0.8],
+                ),
+                go.Bar(
+                    name="Success",
+                    x=[success_marco],
+                    y=[""],
+                    orientation="h",
+                    marker=dict(color="#45cc6e"),
+                    width=[0.8],
+                ),
+            ]
+        )
+        fig_name.update_layout(
+            barmode="stack",
+            margin=dict(l=10, r=10, t=10, b=10),
+            paper_bgcolor="rgba(0,0,0,0)",
+            plot_bgcolor="rgba(0,0,0,0)",
+            showlegend=False,
+            width=350,
+            height=30,
+            xaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+            yaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+            annotations=[
+                dict(
+                    x=success_marco + failed_marco,
+                    y=0,
+                    xref="x",
+                    yref="y",
+                    text=str(success_marco),
+                    showarrow=False,
+                    font=dict(color="#45cc6e", size=14),
+                    xanchor="left",
+                    yanchor="middle",
+                ),
+                dict(
+                    x=0,
+                    y=0,
+                    xref="x",
+                    yref="y",
+                    text=str(failed_marco),
+                    showarrow=False,
+                    font=dict(color="#e77676", size=14),
+                    xanchor="right",
+                    yanchor="middle",
+                ),
+            ],
+        )
+        fig_name.add_annotation(
+            x=failed_marco,
+            y=0.3,
+            text="|",
+            showarrow=False,
+            font=dict(size=20),
+            xanchor="center",
+            yanchor="middle",
+        )
+
+        graph_div = html.Div(
+            dcc.Graph(
+                figure=fig_name, config={"staticPlot": True}, className="info-bar"
+            ),
+            className="graph-section",
+        )
+        direct_internal_items = []
+
+        for categoria in data[data[section_1] == marco][section_2].unique():
+            specific_data = data[
+                (data[section_1] == marco) & (data[section_2] == categoria)
+            ]
+            findings_counts_categoria = (
+                specific_data.groupby([section_2, "STATUS"])
+                .size()
+                .unstack(fill_value=0)
+            )
+            success_categoria = findings_counts_categoria.loc[categoria].get(
+                pass_emoji, 0
+            )
+            failed_categoria = findings_counts_categoria.loc[categoria].get(
+                fail_emoji, 0
+            )
+
+            fig_section = go.Figure(
+                [
+                    go.Bar(
+                        name="Failed",
+                        x=[failed_categoria],
+                        y=[""],
+                        orientation="h",
+                        marker=dict(color="#e77676"),
+                        width=[0.8],
+                    ),
+                    go.Bar(
+                        name="Success",
+                        x=[success_categoria],
+                        y=[""],
+                        orientation="h",
+                        marker=dict(color="#45cc6e"),
+                        width=[0.8],
+                    ),
+                ]
+            )
+            fig_section.update_layout(
+                barmode="stack",
+                margin=dict(l=10, r=10, t=10, b=10),
+                paper_bgcolor="rgba(0,0,0,0)",
+                plot_bgcolor="rgba(0,0,0,0)",
+                showlegend=False,
+                width=350,
+                height=30,
+                xaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+                yaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+                annotations=[
+                    dict(
+                        x=success_categoria + failed_categoria,
+                        y=0,
+                        xref="x",
+                        yref="y",
+                        text=str(success_categoria),
+                        showarrow=False,
+                        font=dict(color="#45cc6e", size=14),
+                        xanchor="left",
+                        yanchor="middle",
+                    ),
+                    dict(
+                        x=0,
+                        y=0,
+                        xref="x",
+                        yref="y",
+                        text=str(failed_categoria),
+                        showarrow=False,
+                        font=dict(color="#e77676", size=14),
+                        xanchor="right",
+                        yanchor="middle",
+                    ),
+                ],
+            )
+            fig_section.add_annotation(
+                x=failed_categoria,
+                y=0.3,
+                text="|",
+                showarrow=False,
+                font=dict(size=20),
+                xanchor="center",
+                yanchor="middle",
+            )
+
+            graph_div_section = html.Div(
+                dcc.Graph(
+                    figure=fig_section,
+                    config={"staticPlot": True},
+                    className="info-bar-child",
+                ),
+                className="graph-section-req",
+            )
+            direct_internal_items_idgrupocontrol = []
+
+            for idgrupocontrol in specific_data[section_3].unique():
+                specific_data2 = specific_data[
+                    specific_data[section_3] == idgrupocontrol
+                ]
+                findings_counts_idgrupocontrol = (
+                    specific_data2.groupby([section_3, "STATUS"])
+                    .size()
+                    .unstack(fill_value=0)
+                )
+                success_idgrupocontrol = findings_counts_idgrupocontrol.loc[
+                    idgrupocontrol
+                ].get(pass_emoji, 0)
+                failed_idgrupocontrol = findings_counts_idgrupocontrol.loc[
+                    idgrupocontrol
+                ].get(fail_emoji, 0)
+
+                fig_idgrupocontrol = go.Figure(
+                    [
+                        go.Bar(
+                            name="Failed",
+                            x=[failed_idgrupocontrol],
+                            y=[""],
+                            orientation="h",
+                            marker=dict(color="#e77676"),
+                            width=[0.8],
+                        ),
+                        go.Bar(
+                            name="Success",
+                            x=[success_idgrupocontrol],
+                            y=[""],
+                            orientation="h",
+                            marker=dict(color="#45cc6e"),
+                            width=[0.8],
+                        ),
+                    ]
+                )
+                fig_idgrupocontrol.update_layout(
+                    barmode="stack",
+                    margin=dict(l=10, r=10, t=10, b=10),
+                    paper_bgcolor="rgba(0,0,0,0)",
+                    plot_bgcolor="rgba(0,0,0,0)",
+                    showlegend=False,
+                    width=350,
+                    height=30,
+                    xaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+                    yaxis=dict(showticklabels=False, showgrid=False, zeroline=False),
+                    annotations=[
+                        dict(
+                            x=success_idgrupocontrol + failed_idgrupocontrol,
+                            y=0,
+                            xref="x",
+                            yref="y",
+                            text=str(success_idgrupocontrol),
+                            showarrow=False,
+                            font=dict(color="#45cc6e", size=14),
+                            xanchor="left",
+                            yanchor="middle",
+                        ),
+                        dict(
+                            x=0,
+                            y=0,
+                            xref="x",
+                            yref="y",
+                            text=str(failed_idgrupocontrol),
+                            showarrow=False,
+                            font=dict(color="#e77676", size=14),
+                            xanchor="right",
+                            yanchor="middle",
+                        ),
+                    ],
+                )
+                fig_idgrupocontrol.add_annotation(
+                    x=failed_idgrupocontrol,
+                    y=0.3,
+                    text="|",
+                    showarrow=False,
+                    font=dict(size=20),
+                    xanchor="center",
+                    yanchor="middle",
+                )
+
+                graph_div_idgrupocontrol = html.Div(
+                    dcc.Graph(
+                        figure=fig_idgrupocontrol,
+                        config={"staticPlot": True},
+                        className="info-bar-child",
+                    ),
+                    className="graph-section-req",
+                )
+
+                data_table = dash_table.DataTable(
+                    data=specific_data2.to_dict("records"),
+                    columns=[
+                        {"name": i, "id": i}
+                        for i in [
+                            "CHECKID",
+                            "STATUS",
+                            "REGION",
+                            "ACCOUNTID",
+                            "RESOURCEID",
+                        ]
+                    ],
+                    style_table={"overflowX": "auto"},
+                    style_as_list_view=True,
+                    style_cell={"textAlign": "left", "padding": "5px"},
+                )
+
+                internal_accordion_item_2 = dbc.AccordionItem(
+                    title=idgrupocontrol,
+                    children=[
+                        graph_div_idgrupocontrol,
+                        html.Div([data_table], className="inner-accordion-content"),
+                    ],
+                )
+                direct_internal_items_idgrupocontrol.append(
+                    html.Div(
+                        [
+                            graph_div_idgrupocontrol,
+                            dbc.Accordion(
+                                [internal_accordion_item_2],
+                                start_collapsed=True,
+                                flush=True,
+                            ),
+                        ],
+                        className="accordion-inner--child",
+                    )
+                )
+
+            internal_accordion_item = dbc.AccordionItem(
+                title=categoria,
+                children=direct_internal_items_idgrupocontrol,
+            )
+            internal_section_container = html.Div(
+                [
+                    graph_div_section,
+                    dbc.Accordion(
+                        [internal_accordion_item], start_collapsed=True, flush=True
+                    ),
+                ],
+                className="accordion-inner--child",
+            )
+            direct_internal_items.append(internal_section_container)
+
+        accordion_item = dbc.AccordionItem(title=marco, children=direct_internal_items)
+        section_container = html.Div(
+            [
+                graph_div,
+                dbc.Accordion([accordion_item], start_collapsed=True, flush=True),
+            ],
+            className="accordion-inner",
+        )
+        section_containers.append(section_container)
+
+    return html.Div(section_containers, className="compliance-data-layout")
+
+
 # This function extracts and compares up to two numeric values, ensuring correct sorting for version-like strings.
 def extract_numeric_values(value):
    numbers = re.findall(r"\d+", str(value))
-    if len(numbers) >= 2:
+    if len(numbers) == 3:
+        return int(numbers[0]), int(numbers[1]), int(numbers[2])
+    elif len(numbers) == 2:
        return int(numbers[0]), int(numbers[1])
    elif len(numbers) == 1:
-        return int(numbers[0]), 0
+        return int(numbers[0])
    return 0, 0


@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_format2
+from dashboard.common_methods import get_section_containers_3_levels

 warnings.filterwarnings("ignore")

@@ -10,6 +10,7 @@ def get_table(data):
        [
            "REQUIREMENTS_ATTRIBUTES_NAME",
            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "REQUIREMENTS_ATTRIBUTES_SUBSECTION",
            "CHECKID",
            "STATUS",
            "REGION",
@@ -17,6 +18,10 @@ def get_table(data):
            "RESOURCEID",
        ]
    ]
-    return get_section_containers_format2(
-        aux, "REQUIREMENTS_ATTRIBUTES_NAME", "REQUIREMENTS_ATTRIBUTES_SECTION"
+
+    return get_section_containers_3_levels(
+        aux,
+        "REQUIREMENTS_ATTRIBUTES_SECTION",
+        "REQUIREMENTS_ATTRIBUTES_SUBSECTION",
+        "REQUIREMENTS_ATTRIBUTES_NAME",
    )
@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_format2
+from dashboard.common_methods import get_section_containers_3_levels

 warnings.filterwarnings("ignore")

@@ -10,6 +10,7 @@ def get_table(data):
        [
            "REQUIREMENTS_ATTRIBUTES_NAME",
            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "REQUIREMENTS_ATTRIBUTES_SUBSECTION",
            "CHECKID",
            "STATUS",
            "REGION",
@@ -18,6 +19,9 @@ def get_table(data):
        ]
    ]

-    return get_section_containers_format2(
-        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ATTRIBUTES_NAME"
+    return get_section_containers_3_levels(
+        aux,
+        "REQUIREMENTS_ATTRIBUTES_SECTION",
+        "REQUIREMENTS_ATTRIBUTES_SUBSECTION",
+        "REQUIREMENTS_ATTRIBUTES_NAME",
    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,23 @@
+import warnings
+
+from dashboard.common_methods import get_section_container_iso
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ]
+    return get_section_container_iso(
+        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
+    )
@@ -0,0 +1,23 @@
+import warnings
+
+from dashboard.common_methods import get_section_container_iso
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ]
+    return get_section_container_iso(
+        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
+    )
@@ -0,0 +1,23 @@
+import warnings
+
+from dashboard.common_methods import get_section_container_iso
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ATTRIBUTES_CATEGORY",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID",
+            "REQUIREMENTS_ATTRIBUTES_OBJETIVE_NAME",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ]
+    return get_section_container_iso(
+        aux, "REQUIREMENTS_ATTRIBUTES_CATEGORY", "REQUIREMENTS_ATTRIBUTES_OBJETIVE_ID"
+    )
@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_kisa_ismsp
+from dashboard.common_methods import get_section_containers_3_levels

 warnings.filterwarnings("ignore")

@@ -8,7 +8,7 @@ warnings.filterwarnings("ignore")
 def get_table(data):
    aux = data[
        [
-            "REQUIREMENTS_ID",
+            "REQUIREMENTS_ATTRIBUTES_DOMAIN",
            "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN",
            "REQUIREMENTS_ATTRIBUTES_SECTION",
            # "REQUIREMENTS_DESCRIPTION",
@@ -20,6 +20,9 @@ def get_table(data):
        ]
    ].copy()

-    return get_section_containers_kisa_ismsp(
-        aux, "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    return get_section_containers_3_levels(
+        aux,
+        "REQUIREMENTS_ATTRIBUTES_DOMAIN",
+        "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN",
+        "REQUIREMENTS_ATTRIBUTES_SECTION",
    )
@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_kisa_ismsp
+from dashboard.common_methods import get_section_containers_3_levels

 warnings.filterwarnings("ignore")

@@ -8,7 +8,7 @@ warnings.filterwarnings("ignore")
 def get_table(data):
    aux = data[
        [
-            "REQUIREMENTS_ID",
+            "REQUIREMENTS_ATTRIBUTES_DOMAIN",
            "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN",
            "REQUIREMENTS_ATTRIBUTES_SECTION",
            # "REQUIREMENTS_DESCRIPTION",
@@ -20,6 +20,9 @@ def get_table(data):
        ]
    ].copy()

-    return get_section_containers_kisa_ismsp(
-        aux, "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    return get_section_containers_3_levels(
+        aux,
+        "REQUIREMENTS_ATTRIBUTES_DOMAIN",
+        "REQUIREMENTS_ATTRIBUTES_SUBDOMAIN",
+        "REQUIREMENTS_ATTRIBUTES_SECTION",
    )
@@ -1,6 +1,6 @@
 import warnings

-from dashboard.common_methods import get_section_containers_format4
+from dashboard.common_methods import get_section_containers_format1

 warnings.filterwarnings("ignore")

@@ -9,12 +9,15 @@ def get_table(data):
    aux = data[
        [
            "REQUIREMENTS_ID",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
            "CHECKID",
            "STATUS",
            "REGION",
            "ACCOUNTID",
            "RESOURCEID",
        ]
-    ]
+    ].copy()

-    return get_section_containers_format4(aux, "REQUIREMENTS_ID")
+    return get_section_containers_format1(
+        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
+    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_format3
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_format3(
+        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
+    )
@@ -0,0 +1,24 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_format3
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    return get_section_containers_format3(
+        aux, "REQUIREMENTS_ATTRIBUTES_SECTION", "REQUIREMENTS_ID"
+    )
@@ -57,8 +57,9 @@ def create_layout_overview(
                    html.Div(className="flex", id="azure_card", n_clicks=0),
                    html.Div(className="flex", id="gcp_card", n_clicks=0),
                    html.Div(className="flex", id="k8s_card", n_clicks=0),
+                    html.Div(className="flex", id="m365_card", n_clicks=0),
                ],
-                className="grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-4",
+                className="grid gap-x-4 mb-[30px] sm:grid-cols-2 lg:grid-cols-5",
            ),
            html.H4(
                "Count of Findings by severity",
@@ -76,6 +76,8 @@ def load_csv_files(csv_files):
                result = result.replace("_AZURE", " - AZURE")
            if "KUBERNETES" in result:
                result = result.replace("_KUBERNETES", " - KUBERNETES")
+            if "M65" in result:
+                result = result.replace("_M65", " - M65")
            results.append(result)

    unique_results = set(results)
@@ -267,6 +269,15 @@ def display_data(
            data["REQUIREMENTS_ATTRIBUTES_PROFILE"] = data[
                "REQUIREMENTS_ATTRIBUTES_PROFILE"
            ].apply(lambda x: x.split(" - ")[0])
+
+    # Add the column ACCOUNTID to the data if the provider is m65
+    if "m365" in analytics_input:
+        data.rename(columns={"TENANTID": "ACCOUNTID"}, inplace=True)
+        data.rename(columns={"LOCATION": "REGION"}, inplace=True)
+        if "REQUIREMENTS_ATTRIBUTES_PROFILE" in data.columns:
+            data["REQUIREMENTS_ATTRIBUTES_PROFILE"] = data[
+                "REQUIREMENTS_ATTRIBUTES_PROFILE"
+            ].apply(lambda x: x.split(" - ")[0])
    # Filter the chosen level of the CIS
    if is_level_1:
        data = data[data["REQUIREMENTS_ATTRIBUTES_PROFILE"] == "Level 1"]
@@ -398,6 +409,10 @@ def display_data(
                f"dashboard.compliance.{current}"
            )
            data.drop_duplicates(keep="first", inplace=True)
+
+            if "threatscore" in analytics_input:
+                data = get_threatscore_mean_by_pillar(data)
+
            table = compliance_module.get_table(data)
        except ModuleNotFoundError:
            table = html.Div(
@@ -430,6 +445,9 @@ def display_data(
        if "pci" in analytics_input:
            pie_2 = get_bar_graph(df, "REQUIREMENTS_ID")
            current_filter = "req_id"
+        elif "threatscore" in analytics_input:
+            pie_2 = get_table_prowler_threatscore(df)
+            current_filter = "threatscore"
        elif (
            "REQUIREMENTS_ATTRIBUTES_SECTION" in df.columns
            and not df["REQUIREMENTS_ATTRIBUTES_SECTION"].isnull().values.any()
@@ -488,6 +506,13 @@ def display_data(
        pie_2, f"Top 5 failed {current_filter} by requirements"
    )

+    if "threatscore" in analytics_input:
+        security_level_graph = get_graph(
+            pie_2,
+            "Pillar Score by requirements (1 = Lowest Risk, 5 = Highest Risk)",
+            margin_top=0,
+        )
+
    return (
        table_output,
        overall_status_result_graph,
@@ -501,7 +526,7 @@ def display_data(
    )


-def get_graph(pie, title):
+def get_graph(pie, title, margin_top=7):
    return [
        html.Span(
            title,
@@ -514,7 +539,7 @@ def get_graph(pie, title):
                "display": "flex",
                "justify-content": "center",
                "align-items": "center",
-                "margin-top": "7%",
+                "margin-top": f"{margin_top}%",
            },
        ),
    ]
@@ -618,3 +643,87 @@ def get_table(current_compliance, table):
            className="relative flex flex-col bg-white shadow-provider rounded-xl px-4 py-3 flex-wrap w-full",
        ),
    ]
+
+
+def get_threatscore_mean_by_pillar(df):
+    modified_df = df[df["STATUS"] == "FAIL"]
+
+    modified_df["REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"] = pd.to_numeric(
+        modified_df["REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"], errors="coerce"
+    )
+
+    pillar_means = (
+        modified_df.groupby("REQUIREMENTS_ATTRIBUTES_SECTION")[
+            "REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"
+        ]
+        .mean()
+        .round(2)
+    )
+
+    output = []
+    for pillar, mean in pillar_means.items():
+        output.append(f"{pillar} - [{mean}]")
+
+    for value in output:
+        if value.split(" - ")[0] in df["REQUIREMENTS_ATTRIBUTES_SECTION"].values:
+            df.loc[
+                df["REQUIREMENTS_ATTRIBUTES_SECTION"] == value.split(" - ")[0],
+                "REQUIREMENTS_ATTRIBUTES_SECTION",
+            ] = value
+    return df
+
+
+def get_table_prowler_threatscore(df):
+    df = df[df["STATUS"] == "FAIL"]
+
+    # Delete " - " from the column REQUIREMENTS_ATTRIBUTES_SECTION
+    df["REQUIREMENTS_ATTRIBUTES_SECTION"] = (
+        df["REQUIREMENTS_ATTRIBUTES_SECTION"].str.split(" - ").str[0]
+    )
+
+    df["REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"] = pd.to_numeric(
+        df["REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"], errors="coerce"
+    )
+
+    score_df = (
+        df.groupby("REQUIREMENTS_ATTRIBUTES_SECTION")[
+            "REQUIREMENTS_ATTRIBUTES_LEVELOFRISK"
+        ]
+        .mean()
+        .reset_index()
+        .rename(
+            columns={
+                "REQUIREMENTS_ATTRIBUTES_SECTION": "Pillar",
+                "REQUIREMENTS_ATTRIBUTES_LEVELOFRISK": "Score",
+            }
+        )
+    )
+
+    fig = px.bar(
+        score_df,
+        x="Pillar",
+        y="Score",
+        color="Score",
+        color_continuous_scale=[
+            "#45cc6e",
+            "#f4d44d",
+            "#e77676",
+        ],  # verde → amarillo → rojo
+        hover_data={"Score": True, "Pillar": True},
+        labels={"Score": "Average Risk Score", "Pillar": "Section"},
+        height=400,
+    )
+
+    fig.update_layout(
+        xaxis_title="Pillar",
+        yaxis_title="Level of Risk",
+        margin=dict(l=20, r=20, t=30, b=20),
+        plot_bgcolor="rgba(0,0,0,0)",
+        paper_bgcolor="rgba(0,0,0,0)",
+        coloraxis_colorbar=dict(title="Risk"),
+    )
+
+    return dcc.Graph(
+        figure=fig,
+        style={"height": "25rem", "width": "40rem"},
+    )
@@ -74,6 +74,9 @@ gcp_provider_logo = html.Img(
 ks8_provider_logo = html.Img(
    src="assets/images/providers/k8s_provider.png", alt="k8s provider"
 )
+m365_provider_logo = html.Img(
+    src="assets/images/providers/m365_provider.png", alt="m365 provider"
+)


 def load_csv_files(csv_files):
@@ -223,6 +226,8 @@ else:
                accounts.append(account + " - AZURE")
            if "gcp" in list(data[data["ACCOUNT_NAME"] == account]["PROVIDER"]):
                accounts.append(account + " - GCP")
+            if "m365" in list(data[data["ACCOUNT_NAME"] == account]["PROVIDER"]):
+                accounts.append(account + " - M365")

    if "ACCOUNT_UID" in data.columns:
        for account in data["ACCOUNT_UID"].unique():
@@ -273,6 +278,8 @@ else:
            services.append(service + " - AZURE")
        if "gcp" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
            services.append(service + " - GCP")
+        if "m365" in list(data[data["SERVICE_NAME"] == service]["PROVIDER"]):
+            services.append(service + " - M365")

    services = ["All"] + services
    services = [
@@ -485,6 +492,7 @@ else:
        Output("azure_card", "children"),
        Output("gcp_card", "children"),
        Output("k8s_card", "children"),
+        Output("m365_card", "children"),
        Output("subscribe_card", "children"),
        Output("info-file-over", "title"),
        Output("severity-filter", "value"),
@@ -499,6 +507,7 @@ else:
        Output("azure_card", "n_clicks"),
        Output("gcp_card", "n_clicks"),
        Output("k8s_card", "n_clicks"),
+        Output("m365_card", "n_clicks"),
    ],
    Input("cloud-account-filter", "value"),
    Input("region-filter", "value"),
@@ -513,6 +522,7 @@ else:
    Input("azure_card", "n_clicks"),
    Input("gcp_card", "n_clicks"),
    Input("k8s_card", "n_clicks"),
+    Input("m365_card", "n_clicks"),
    Input("sort_button_check_name", "n_clicks"),
    Input("sort_button_severity", "n_clicks"),
    Input("sort_button_status", "n_clicks"),
@@ -534,6 +544,7 @@ def filter_data(
    azure_clicks,
    gcp_clicks,
    k8s_clicks,
+    m365_clicks,
    sort_button_check_name,
    sort_button_severity,
    sort_button_status,
@@ -554,6 +565,7 @@ def filter_data(
            azure_clicks = 0
            gcp_clicks = 0
            k8s_clicks = 0
+            m365_clicks = 0
    if azure_clicks > 0:
        filtered_data = data.copy()
        if azure_clicks % 2 != 0 and "azure" in list(data["PROVIDER"]):
@@ -561,6 +573,7 @@ def filter_data(
            aws_clicks = 0
            gcp_clicks = 0
            k8s_clicks = 0
+            m365_clicks = 0
    if gcp_clicks > 0:
        filtered_data = data.copy()
        if gcp_clicks % 2 != 0 and "gcp" in list(data["PROVIDER"]):
@@ -568,6 +581,7 @@ def filter_data(
            aws_clicks = 0
            azure_clicks = 0
            k8s_clicks = 0
+            m365_clicks = 0
    if k8s_clicks > 0:
        filtered_data = data.copy()
        if k8s_clicks % 2 != 0 and "kubernetes" in list(data["PROVIDER"]):
@@ -575,6 +589,15 @@ def filter_data(
            aws_clicks = 0
            azure_clicks = 0
            gcp_clicks = 0
+            m365_clicks = 0
+    if m365_clicks > 0:
+        filtered_data = data.copy()
+        if m365_clicks % 2 != 0 and "m365" in list(data["PROVIDER"]):
+            filtered_data = filtered_data[filtered_data["PROVIDER"] == "m365"]
+            aws_clicks = 0
+            azure_clicks = 0
+            gcp_clicks = 0
+            k8s_clicks = 0

    # For all the data, we will add to the status column the value 'MUTED (FAIL)' and 'MUTED (PASS)' depending on the value of the column 'STATUS' and 'MUTED'
    if "MUTED" in filtered_data.columns:
@@ -675,6 +698,8 @@ def filter_data(
                all_account_names.append(account)
            if "gcp" in list(data[data["ACCOUNT_NAME"] == account]["PROVIDER"]):
                all_account_names.append(account)
+            if "m365" in list(data[data["ACCOUNT_NAME"] == account]["PROVIDER"]):
+                all_account_names.append(account)

    all_items = all_account_ids + all_account_names + ["All"]

@@ -692,6 +717,8 @@ def filter_data(
                    cloud_accounts_options.append(item + " - AZURE")
                if "gcp" in list(data[data["ACCOUNT_NAME"] == item]["PROVIDER"]):
                    cloud_accounts_options.append(item + " - GCP")
+                if "m365" in list(data[data["ACCOUNT_NAME"] == item]["PROVIDER"]):
+                    cloud_accounts_options.append(item + " - M365")

    # Filter ACCOUNT
    if cloud_account_values == ["All"]:
@@ -790,6 +817,7 @@ def filter_data(
    service_filter_options = ["All"]

    all_items = filtered_data["SERVICE_NAME"].unique()
+
    for item in all_items:
        if item not in service_filter_options and item.__class__.__name__ == "str":
            if "aws" in list(
@@ -808,6 +836,10 @@ def filter_data(
                filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
            ):
                service_filter_options.append(item + " - GCP")
+            if "m365" in list(
+                filtered_data[filtered_data["SERVICE_NAME"] == item]["PROVIDER"]
+            ):
+                service_filter_options.append(item + " - M365")

    # Filter Service
    if service_values == ["All"]:
@@ -1235,6 +1267,10 @@ def filter_data(
                    filtered_data.loc[
                        filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
                    ] = (account + " - GCP")
+                if "m365" in list(data[data["ACCOUNT_UID"] == account]["PROVIDER"]):
+                    filtered_data.loc[
+                        filtered_data["ACCOUNT_UID"] == account, "ACCOUNT_UID"
+                    ] = (account + " - M365")

        table_collapsible = []
        for item in filtered_data.to_dict("records"):
@@ -1302,6 +1338,9 @@ def filter_data(
    k8s_card = create_provider_card(
        "kubernetes", ks8_provider_logo, "Clusters", full_filtered_data
    )
+    m365_card = create_provider_card(
+        "m365", m365_provider_logo, "Accounts", full_filtered_data
+    )

    # Subscribe to prowler SaaS card
    subscribe_card = [
@@ -1346,6 +1385,7 @@ def filter_data(
            azure_card,
            gcp_card,
            k8s_card,
+            m365_card,
            subscribe_card,
            list_files,
            severity_values,
@@ -1360,6 +1400,7 @@ def filter_data(
            azure_clicks,
            gcp_clicks,
            k8s_clicks,
+            m365_clicks,
        )
    else:
        return (
@@ -1377,6 +1418,7 @@ def filter_data(
            azure_card,
            gcp_card,
            k8s_card,
+            m365_card,
            subscribe_card,
            list_files,
            severity_values,
@@ -1391,6 +1433,7 @@ def filter_data(
            azure_clicks,
            gcp_clicks,
            k8s_clicks,
+            m365_clicks,
        )


@@ -294,7 +294,7 @@ Each Prowler check has metadata associated which is stored at the same level of
    # Code holds different methods to remediate the FAIL finding
    "Code": {
      # CLI holds the command in the provider native CLI to remediate it
-      "CLI": "https://docs.prowler.com/checks/public_8#cli-command",
+      "CLI": "aws ec2 modify-image-attribute --region <REGION> --image-id <EC2_AMI_ID> --launch-permission {\"Remove\":[{\"Group\":\"all\"}]}",
      # NativeIaC holds the native IaC code to remediate it, use "https://docs.bridgecrew.io/docs"
      "NativeIaC": "",
      # Other holds the other commands, scripts or code to remediate it, use "https://www.trendmicro.com/cloudoneconformity"
@@ -18,7 +18,7 @@ This file should inside the *.vscode* folder and its name has to be *launch.json
            "name": "Debug AWS Check",
            "type": "debugpy",
            "request": "launch",
-            "program": "prowler.py",
+            "program": "prowler-cli.py",
            "args": [
                "aws",
                "--log-level",
@@ -33,7 +33,7 @@ This file should inside the *.vscode* folder and its name has to be *launch.json
            "name": "Debug Azure Check",
            "type": "debugpy",
            "request": "launch",
-            "program": "prowler.py",
+            "program": "prowler-cli.py",
            "args": [
                "azure",
                "--sp-env-auth",
@@ -49,7 +49,7 @@ This file should inside the *.vscode* folder and its name has to be *launch.json
            "name": "Debug GCP Check",
            "type": "debugpy",
            "request": "launch",
-            "program": "prowler.py",
+            "program": "prowler-cli.py",
            "args": [
                "gcp",
                "--log-level",
@@ -64,7 +64,7 @@ This file should inside the *.vscode* folder and its name has to be *launch.json
            "name": "Debug K8s Check",
            "type": "debugpy",
            "request": "launch",
-            "program": "prowler.py",
+            "program": "prowler-cli.py",
            "args": [
                "kubernetes",
                "--log-level",
@@ -175,7 +175,7 @@ Due to the complexity and differences of each provider use the rest of the provi
 - [GCP](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/gcp/gcp_provider.py)
 - [Azure](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/azure/azure_provider.py)
 - [Kubernetes](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/kubernetes/kubernetes_provider.py)
- [Microsoft365](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/microsoft365/microsoft365_provider.py)
+- [M365](https://github.com/prowler-cloud/prowler/blob/master/prowler/providers/m365/m365_provider.py)

 To facilitate understanding here is a pseudocode of how the most basic provider could be with examples.

@@ -237,4 +237,4 @@ It is really important to check if the current Prowler's permissions for each pr
 - AWS: https://docs.prowler.cloud/en/latest/getting-started/requirements/#aws-authentication
 - Azure: https://docs.prowler.cloud/en/latest/getting-started/requirements/#permissions
 - GCP: https://docs.prowler.cloud/en/latest/getting-started/requirements/#gcp-authentication
- Microsoft365: https://docs.prowler.cloud/en/latest/getting-started/requirements/#microsoft365-authentication
+- M365: https://docs.prowler.cloud/en/latest/getting-started/requirements/#m365-authentication
@@ -40,8 +40,8 @@ If your IAM entity enforces MFA you can use `--mfa` and Prowler will ask you to

 Prowler for Azure supports the following authentication types. To use each one you need to pass the proper flag to the execution:

- [Service principal application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object) (recommended).
- Current az cli credentials stored.
+- [Service Principal Application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object) (recommended).
+- Current AZ CLI credentials stored.
 - Interactive browser authentication.
 - [Managed identity](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview) authentication.

@@ -59,7 +59,7 @@ export AZURE_CLIENT_SECRET="XXXXXXX"
 ```

 If you try to execute Prowler with the `--sp-env-auth` flag and those variables are empty or not exported, the execution is going to fail.
-Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md#how-to-create-prowler-service-principal) section to create a service principal.
+Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md#how-to-create-prowler-service-principal-application) section to create a service principal.

 ### AZ CLI / Browser / Managed Identity authentication

@@ -79,7 +79,7 @@ Prowler for Azure needs two types of permission scopes to be set:
    ???+ note
        Please, notice that the field `assignableScopes` in the JSON custom role file must be changed to be the subscription or management group where the role is going to be assigned. The valid formats for the field are `/subscriptions/<subscription-id>` or `/providers/Microsoft.Management/managementGroups/<management-group-id>`.

-To assign the permissions, follow the instructions in the [Microsoft Entra ID permissions](../tutorials/azure/create-prowler-service-principal.md#assigning-the-proper-permissions) section and the [Azure subscriptions permissions](../tutorials/azure/subscriptions.md#assigning-proper-permissions) section, respectively.
+To assign the permissions, follow the instructions in the [Microsoft Entra ID permissions](../tutorials/azure/create-prowler-service-principal.md#assigning-the-proper-permissions) section and the [Azure subscriptions permissions](../tutorials/azure/subscriptions.md#assign-the-appropriate-permissions-to-the-identity-that-is-going-to-be-assumed-by-prowler) section, respectively.

 #### Checks that require ProwlerRole

@@ -98,25 +98,44 @@ Prowler will follow the same credentials search as [Google authentication librar
 2. [User credentials set up by using the Google Cloud CLI](https://cloud.google.com/docs/authentication/application-default-credentials#personal)
 3. [The attached service account, returned by the metadata server](https://cloud.google.com/docs/authentication/application-default-credentials#attached-sa)

-Those credentials must be associated to a user or service account with proper permissions to do all checks. To make sure, add the `Viewer` role to the member associated with the credentials.
+### Needed permissions
+
+Prowler for Google Cloud needs the following permissions to be set:
+
+- **Viewer (`roles/viewer`) IAM role**: granted at the project / folder / org level in order to scan the target projects
+
+- **Project level settings**: you need to have at least one project with the below settings:
+    - Identity and Access Management (IAM) API (`iam.googleapis.com`) enabled by either using the
+    [Google Cloud API UI](https://console.cloud.google.com/apis/api/iam.googleapis.com/metrics) or
+    by using the gcloud CLI `gcloud services enable iam.googleapis.com --project <your-project-id>` command
+    - Service Usage Consumer (`roles/serviceusage.serviceUsageConsumer`) IAM role
+    - Set the quota project to be this project by either running `gcloud auth application-default set-quota-project <project-id>` or by setting an environment variable:
+    `export GOOGLE_CLOUD_QUOTA_PROJECT=<project-id>`
+
+
+The above settings must be associated to a user or service account.
+

 ???+ note
    By default, `prowler` will scan all accessible GCP Projects, use flag `--project-ids` to specify the projects to be scanned.

-## Microsoft365
+## Microsoft 365

-Prowler for Microsoft365 currently supports the following authentication types:
+Prowler for M365 currently supports the following authentication types:

- [Service principal application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object) (recommended).
- Current az cli credentials stored.
+- [Service Principal Application](https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals?tabs=browser#service-principal-object).
+- Service Principal Application and Microsoft User Credentials (**recommended**).
+- Current AZ CLI credentials stored.
 - Interactive browser authentication.


 ???+ warning
-    For Prowler App only the Service Principal with an application authentication method is supported.
+    For Prowler App only the Service Principal with User Credentials authentication method is supported.

 ### Service Principal authentication

+Authentication flag: `--sp-env-auth`
+
 To allow Prowler assume the service principal identity to start the scan it is needed to configure the following environment variables:

 ```console
@@ -126,8 +145,324 @@ export AZURE_TENANT_ID="XXXXXXXXX"
 ```

 If you try to execute Prowler with the `--sp-env-auth` flag and those variables are empty or not exported, the execution is going to fail.
-Follow the instructions in the [Create Prowler Service Principal](../tutorials/azure/create-prowler-service-principal.md) section to create a service principal.
+Follow the instructions in the [Create Prowler Service Principal](../tutorials/microsoft365/getting-started-m365.md#create-the-service-principal-app) section to create a service principal.
+
+With this credentials you will only be able to run the checks that work through MS Graph, this means that you won't run all the provider. If you want to scan all the checks from M365 you will need to use the recommended authentication method.
+
+### Service Principal and User Credentials authentication (recommended)
+
+Authentication flag: `--env-auth`
+
+This authentication method follows the same approach as the service principal method but introduces two additional environment variables for user credentials:  `M365_USER` and `M365_ENCRYPTED_PASSWORD`.
+
+```console
+export AZURE_CLIENT_ID="XXXXXXXXX"
+export AZURE_CLIENT_SECRET="XXXXXXXXX"
+export AZURE_TENANT_ID="XXXXXXXXX"
+export M365_USER="your_email@example.com"
+export M365_ENCRYPTED_PASSWORD="6500780061006d0070006c006500700061007300730077006f0072006400" # replace this to yours
+```
+
+These two new environment variables are **required** to execute the PowerShell modules needed to retrieve information from M365 services. Prowler uses Service Principal authentication to access Microsoft Graph and user credentials to authenticate to Microsoft PowerShell modules.
+
+- `M365_USER` should be your Microsoft account email using the default domain. This means it must look like `example@YourCompany.onmicrosoft.com`.
+
+    To ensure that you are using the default domain you can see how to verify it [here](../tutorials/microsoft365/getting-started-m365.md#step-1-obtain-your-domain).
+
+    If you don't have a user created with that domain, Prowler will not work as it will not be able to ensure both app an user belong to the same tenant. To proceed, you can either create a new user with that domain or modify the domain of an existing user.
+
+    ![User Domains](../tutorials/microsoft365/img/user-domains.png)
+
+- `M365_ENCRYPTED_PASSWORD` must be an encrypted SecureString. To convert your password into a valid encrypted string, you need to use PowerShell.
+
+    ???+ warning
+        Passwords encrypted using ConvertTo-SecureString can only be decrypted on the same OS/user context. If you generate an encrypted password on macOS or Linux (both UNIX), it should fail on Windows and vice versa. As Prowler Cloud runs on UNIX if you generate your password using Windows it won't work so you'll need to generate a new password using any UNIX distro (example above)
+
+    If you are working from Windows and you will use your encrypted password in a different system (like for example executing Prowler in macOS or adding your password to Prowler Cloud), you will need to generate a "UNIX compatible" version of your encrypted password. This can be done using WSL which is so easy to install on Windows.
+
+    === "UNIX"
+
+        Open a PowerShell cmd with a [supported version](requirements.md#supported-powershell-versions) and then run the following command:
+
+        ```console
+        $securePassword = ConvertTo-SecureString "examplepassword" -AsPlainText -Force
+        $encryptedPassword = $securePassword | ConvertFrom-SecureString
+        Write-Output $encryptedPassword
+        6500780061006d0070006c006500700061007300730077006f0072006400
+        ```
+
+        If everything is done correctly, you will see the encrypted string that you need to set as the `M365_ENCRYPTED_PASSWORD` environment variable.
+
+    === "Windows"
+
+
+        How to install WSL and PowerShell on it to generate that password (you can use a different distro but this one will work for sure):
+
+        ```console
+        wsl --install -d Ubuntu-22.04
+        ```
+
+        Then, open the Ubuntu terminal and run the following commands:
+
+        ```console
+        sudo apt update && sudo apt install -y wget apt-transport-https software-properties-common
+        wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb"
+        sudo dpkg -i packages-microsoft-prod.deb
+        sudo apt update
+        sudo apt install -y powershell
+        pwsh
+        ```
+
+        With this done you will see now that a prompt running PowerShell with the latest version is open so here you will be able to generate your encrypted password:
+
+        ```console
+        $securePassword = ConvertTo-SecureString "examplepassword" -AsPlainText -Force
+        $encryptedPassword = $securePassword | ConvertFrom-SecureString
+        Write-Output $encryptedPassword
+        6500780061006d0070006c006500700061007300730077006f0072006400
+        ```
+
+        If everything is done correctly, you will see the encrypted string that you need to set as the `M365_ENCRYPTED_PASSWORD` environment variable.
+
+

 ### Interactive Browser authentication

-To use `--browser-auth`  the user needs to authenticate against Azure using the default browser to start the scan, also `--tenant-id` flag is required.
+Authentication flag: `--browser-auth`
+
+This authentication method requires the user to authenticate against Azure using the default browser to start the scan, also `--tenant-id` flag is required.
+
+With this credentials you will only be able to run the checks that work through MS Graph, this means that you won't run all the provider. If you want to scan all the checks from M365 you will need to use the recommended authentication method.
+
+Since this is a delegated permission authentication method, necessary permissions should be given to the user, not the app.
+
+
+### Needed permissions
+
+Prowler for M365 requires two types of permission scopes to be set (if you want to run the full provider including PowerShell checks). Both must be configured using Microsoft Entra ID:
+
+- **Service Principal Application Permissions**: These are set at the **application** level and are used to retrieve data from the identity being assessed:
+    - `Directory.Read.All`: Required for all services.
+    - `Policy.Read.All`: Required for all services.
+    - `User.Read` (IMPORTANT: this must be set as **delegated**): Required for the sign-in.
+    - `Sites.Read.All`: Required for SharePoint service.
+    - `SharePointTenantSettings.Read.All`: Required for SharePoint service.
+
+- **Powershell Modules Permissions**: These are set at the `M365_USER` level, so the user used to run Prowler must have one of the following roles:
+    - `Global Reader` (recommended): this allows you to read all roles needed.
+    - `Exchange Administrator` and `Teams Administrator`: user needs both roles but with this [roles](https://learn.microsoft.com/en-us/exchange/permissions-exo/permissions-exo#microsoft-365-permissions-in-exchange-online) you can access to the same information as a Global Reader (since only read access is needed, Global Reader is recommended).
+
+In order to know how to assign those permissions and roles follow the instructions in the Microsoft Entra ID [permissions](../tutorials/microsoft365/getting-started-m365.md#grant-required-api-permissions) and [roles](../tutorials/microsoft365/getting-started-m365.md#assign-required-roles-to-your-user) section.
+
+
+### Supported PowerShell versions
+
+You must have PowerShell installed to run certain M365 checks.
+Currently, we support **PowerShell version 7.4 or higher** (7.5 is recommended).
+
+This requirement exists because **PowerShell 5.1** (the version that comes by default on some Windows systems) does not support several cmdlets needed to run the checks properly.
+Additionally, earlier [PowerShell Cross-Platform versions](https://learn.microsoft.com/en-us/powershell/scripting/install/powershell-support-lifecycle?view=powershell-7.5) are no longer under technical support, which may cause unexpected errors.
+
+
+???+ note
+    Installing powershell will be only needed if you install prowler from pip or other sources, these means that the SDK and API containers contain PowerShell installed by default.
+
+Installing PowerShell is different depending on your OS.
+
+- [Windows](https://learn.microsoft.com/es-es/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.5#install-powershell-using-winget-recommended): you will need to update PowerShell to +7.4 to be able to run prowler, if not some checks will not show findings and the provider could not work as expected. This version of PowerShell is [supported](https://learn.microsoft.com/es-es/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.4#supported-versions-of-windows) on Windows 10, Windows 11, Windows Server 2016 and higher versions.
+
+```console
+winget install --id Microsoft.PowerShell --source winget
+```
+
+
+- [MacOS](https://learn.microsoft.com/es-es/powershell/scripting/install/installing-powershell-on-macos?view=powershell-7.5#install-the-latest-stable-release-of-powershell): installing PowerShell on MacOS needs to have installed [brew](https://brew.sh/), once you have it is just running the command above, Pwsh is only supported in macOS 15 (Sequoia) x64 and Arm64, macOS 14 (Sonoma) x64 and Arm64, macOS 13 (Ventura) x64 and Arm64
+
+```console
+brew install powershell/tap/powershell
+```
+
+Once it's installed run `pwsh` on your terminal to verify it's working.
+
+- Linux: installing PowerShell on Linux depends on the distro you are using:
+
+    - [Ubuntu](https://learn.microsoft.com/es-es/powershell/scripting/install/install-ubuntu?view=powershell-7.5#installation-via-package-repository-the-package-repository): The required version for installing PowerShell +7.4 on Ubuntu are Ubuntu 22.04 and Ubuntu 24.04. The recommended way to install it is downloading the package available on PMC. You just need to follow the following steps:
+
+    ```console
+    ###################################
+    # Prerequisites
+
+    # Update the list of packages
+    sudo apt-get update
+
+    # Install pre-requisite packages.
+    sudo apt-get install -y wget apt-transport-https software-properties-common
+
+    # Get the version of Ubuntu
+    source /etc/os-release
+
+    # Download the Microsoft repository keys
+    wget -q https://packages.microsoft.com/config/ubuntu/$VERSION_ID/packages-microsoft-prod.deb
+
+    # Register the Microsoft repository keys
+    sudo dpkg -i packages-microsoft-prod.deb
+
+    # Delete the Microsoft repository keys file
+    rm packages-microsoft-prod.deb
+
+    # Update the list of packages after we added packages.microsoft.com
+    sudo apt-get update
+
+    ###################################
+    # Install PowerShell
+    sudo apt-get install -y powershell
+
+    # Start PowerShell
+    pwsh
+    ```
+
+    - [Alpine](https://learn.microsoft.com/es-es/powershell/scripting/install/install-alpine?view=powershell-7.5#installation-steps): The only supported version for installing PowerShell +7.4 on Alpine is Alpine 3.20. The unique way to install it is downloading the tar.gz package available on [PowerShell github](https://github.com/PowerShell/PowerShell/releases/download/v7.5.0/powershell-7.5.0-linux-musl-x64.tar.gz). You just need to follow the following steps:
+
+    ```console
+    # Install the requirements
+    sudo apk add --no-cache \
+        ca-certificates \
+        less \
+        ncurses-terminfo-base \
+        krb5-libs \
+        libgcc \
+        libintl \
+        libssl3 \
+        libstdc++ \
+        tzdata \
+        userspace-rcu \
+        zlib \
+        icu-libs \
+        curl
+
+    apk -X https://dl-cdn.alpinelinux.org/alpine/edge/main add --no-cache \
+        lttng-ust \
+        openssh-client \
+
+    # Download the powershell '.tar.gz' archive
+    curl -L https://github.com/PowerShell/PowerShell/releases/download/v7.5.0/powershell-7.5.0-linux-musl-x64.tar.gz -o /tmp/powershell.tar.gz
+
+    # Create the target folder where powershell will be placed
+    sudo mkdir -p /opt/microsoft/powershell/7
+
+    # Expand powershell to the target folder
+    sudo tar zxf /tmp/powershell.tar.gz -C /opt/microsoft/powershell/7
+
+    # Set execute permissions
+    sudo chmod +x /opt/microsoft/powershell/7/pwsh
+
+    # Create the symbolic link that points to pwsh
+    sudo ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh
+
+    # Start PowerShell
+    pwsh
+    ```
+
+    - [Debian](https://learn.microsoft.com/es-es/powershell/scripting/install/install-debian?view=powershell-7.5#installation-on-debian-11-or-12-via-the-package-repository): The required version for installing PowerShell +7.4 on Debian are Debian 11 and Debian 12. The recommended way to install it is downloading the package available on PMC. You just need to follow the following steps:
+
+    ```console
+    ###################################
+    # Prerequisites
+
+    # Update the list of packages
+    sudo apt-get update
+
+    # Install pre-requisite packages.
+    sudo apt-get install -y wget
+
+    # Get the version of Debian
+    source /etc/os-release
+
+    # Download the Microsoft repository GPG keys
+    wget -q https://packages.microsoft.com/config/debian/$VERSION_ID/packages-microsoft-prod.deb
+
+    # Register the Microsoft repository GPG keys
+    sudo dpkg -i packages-microsoft-prod.deb
+
+    # Delete the Microsoft repository GPG keys file
+    rm packages-microsoft-prod.deb
+
+    # Update the list of packages after we added packages.microsoft.com
+    sudo apt-get update
+
+    ###################################
+    # Install PowerShell
+    sudo apt-get install -y powershell
+
+    # Start PowerShell
+    pwsh
+    ```
+
+    - [Rhel](https://learn.microsoft.com/es-es/powershell/scripting/install/install-rhel?view=powershell-7.5#installation-via-the-package-repository): The required version for installing PowerShell +7.4 on Red Hat are RHEL 8 and RHEL 9. The recommended way to install it is downloading the package available on PMC. You just need to follow the following steps:
+
+    ```console
+    ###################################
+    # Prerequisites
+
+    # Get version of RHEL
+    source /etc/os-release
+    if [ ${VERSION_ID%.*} -lt 8 ]
+    then majorver=7
+    elif [ ${VERSION_ID%.*} -lt 9 ]
+    then majorver=8
+    else majorver=9
+    fi
+
+    # Download the Microsoft RedHat repository package
+    curl -sSL -O https://packages.microsoft.com/config/rhel/$majorver/packages-microsoft-prod.rpm
+
+    # Register the Microsoft RedHat repository
+    sudo rpm -i packages-microsoft-prod.rpm
+
+    # Delete the downloaded package after installing
+    rm packages-microsoft-prod.rpm
+
+    # Update package index files
+    sudo dnf update
+    # Install PowerShell
+    sudo dnf install powershell -y
+    ```
+
+- [Docker](https://learn.microsoft.com/es-es/powershell/scripting/install/powershell-in-docker?view=powershell-7.5#use-powershell-in-a-container): The following command download the latest stable versions of PowerShell:
+
+    ```console
+    docker pull mcr.microsoft.com/dotnet/sdk:9.0
+    ```
+
+    To start an interactive shell of Pwsh you just need to run:
+
+    ```console
+    docker run -it mcr.microsoft.com/dotnet/sdk:9.0 pwsh
+    ```
+
+
+### Needed PowerShell modules
+
+To obtain the required data for this provider, we use several PowerShell cmdlets.
+These cmdlets come from different modules that must be installed.
+
+The installation of these modules will be performed automatically if you run Prowler with the flag `--init-modules`. This an example way of running Prowler and installing the modules:
+
+```console
+python3 prowler-cli.py m365 --verbose --log-level ERROR --env-auth --init-modules
+```
+
+If you already have them installed, there is no problem even if you use the flag because it will automatically check if the needed modules are already installed.
+
+???+ note
+    Prowler installs the modules using `-Scope CurrentUser`.
+    If you encounter any issues with services not working after the automatic installation, try installing the modules manually using `-Scope AllUsers` (administrator permissions are required for this).
+    The command needed to install a module manually is:
+    ```powershell
+    Install-Module -Name "ModuleName" -Scope AllUsers -Force
+    ```
+
+The required modules are:
+
+- [ExchangeOnlineManagement](https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.6.0): Minimum version 3.6.0. Required for several checks across Exchange, Defender, and Purview.
+- [MicrosoftTeams](https://www.powershellgallery.com/packages/MicrosoftTeams/6.6.0): Minimum version 6.6.0. Required for all Teams checks.
--- a/Show More
+++ b/Show More