Commit Graph

  • 07b37b4b74 feat(attack-paths): updated attack paths serializers Josema Camacho 2026-01-15 12:39:29 +01:00
  • c8bc0576ea feat: implement compliance watchlist (#9786) Alejandro Bailo 2026-01-15 12:37:16 +01:00
  • 76cda6d777 feat(ui): new findings view (#9794) Alejandro Bailo 2026-01-15 12:15:06 +01:00
  • 75cdf67277 fix(oci): pass provider UID to update credentials forms (#9799) v5.16 Prowler Bot 2026-01-15 11:50:18 +01:00
  • 28978f6db6 fix(oci): pass provider UID to update credentials forms (#9746) Andoni Alonso 2026-01-15 11:29:23 +01:00
  • c8e92ebfab feat(attack-paths): prevent attack paths scans task creation when not needed Josema Camacho 2026-01-15 10:59:54 +01:00
  • 751ee5867c feat(attack-paths): merge master but UI Josema Camacho 2026-01-15 09:53:33 +01:00
  • d4bc6d7531 feat(cloudflare): Add TLS/SSL, records and email security checks for zones (#9424) Hugo Pereira Brito 2026-01-15 09:31:27 +01:00
  • b105c3a6e1 feat(attack-paths): format attack paths queries comments Josema Camacho 2026-01-14 18:42:06 +01:00
  • 26cab3deb2 feat(attack-paths): add privilege escalation queries for EC2 and Glue PassRole (#9770) Andoni Alonso 2026-01-14 18:33:59 +01:00
  • e4ef4bfd4d feat(attack-paths): add filtered view for graph nodes (#9784) Andoni Alonso 2026-01-14 18:32:24 +01:00
  • b050c917c6 perf(attack-paths): optimize getPathEdges with O(1) adjacency maps attack-paths-demo-extras Andoni A. 2026-01-14 17:12:13 +01:00
  • 67933d7d2d Merge branch 'attack-paths-demo' into attack-paths-demo-extras Andoni A. 2026-01-14 17:06:33 +01:00
  • 39280c8b9b feat(attack-paths): add Bedrock and AttachRolePolicy privilege escalation queries (#9793) Andoni Alonso 2026-01-14 17:01:21 +01:00
  • 4bcaf29b32 feat(attack-paths): improve graph path highlighting (#9769) Andoni Alonso 2026-01-14 16:59:27 +01:00
  • e95be697ef Prowler 511 leaving one database per scan (#9795) Josema Camacho 2026-01-14 16:19:02 +01:00
  • bd099beb99 Remove unused scan task call PROWLER-511-solve-one-neo-4-j-database-per-provider Josema Camacho 2026-01-14 15:54:14 +01:00
  • 068efb3318 feat(attack-paths): fixing deletion of old graph before loading dump Josema Camacho 2026-01-14 14:52:40 +01:00
  • 1bf49747ad chore(entra): enhance performance for user_registration_details and user mfa evaluation (#9236) Hugo Pereira Brito 2026-01-14 14:01:51 +01:00
  • 2cde4c939d feat(gcp): add compute_snapshot_not_outdated check (#9774) lydiavilchez 2026-01-14 12:35:29 +01:00
  • 9844379d30 chore(cloudflare): rename zones service to zone (#9792) Hugo Pereira Brito 2026-01-14 11:00:51 +01:00
  • 6fa4565ebd fix(attack-paths): connect virtual nodes from principal instead of effective_principal Andoni A. 2026-01-14 09:18:18 +01:00
  • e426c29207 fix(attack-paths): remove duplicate path_target causing disconnected nodes Andoni A. 2026-01-14 09:11:27 +01:00
  • 1d8d4f9325 refactor(attack-paths): show target roles in PassRole escalation paths Andoni A. 2026-01-14 09:06:11 +01:00
  • 211b1b67f9 feat(ui): improve threatscore visualization per pillar (#9773) Pedro Martín 2026-01-14 09:05:54 +01:00
  • cad44a3510 fix(attack-paths): fix duplicate virtual nodes in priv escalation queries Andoni A. 2026-01-14 08:58:26 +01:00
  • 1a5acc8808 build(deps): bump azure-core from 1.35.0 to 1.38.0 in /api dependabot[bot] 2026-01-13 22:18:53 +00:00
  • fdc3b18542 feat(attack-paths): moved creation and loading of neo4j graph dump to scan task Josema Camacho 2026-01-13 19:23:30 +01:00
  • ee73e043f9 refactor(attack-paths): apply query improvements to remaining priv escalation queries Andoni A. 2026-01-13 16:39:32 +01:00
  • 864b2099c3 chore(aws): enhance metadata for cognito service (#8853) Rubén De la Torre Vico 2026-01-13 14:01:37 +01:00
  • 270266c906 fix(skills): formatting file (#9783) Andoni Alonso 2026-01-13 12:38:32 +01:00
  • 5218de00b7 fix(skills): apply black formatting to validate_compliance.py fix/black-formatting-validate-compliance Andoni A. 2026-01-13 12:24:18 +01:00
  • c8fab497fd feat(skills): sync AGENTS.md to AI-specific formats (#9751) Alan Buscaglia 2026-01-13 11:44:44 +01:00
  • b0eea61468 feat(cloudflare): Add Cloudflare provider with zones service and critical security checks (#9423) Hugo Pereira Brito 2026-01-13 11:09:54 +01:00
  • 463fc32fca chore(aws): enhance metadata for iam service (#9550) Rubén De la Torre Vico 2026-01-13 11:06:09 +01:00
  • 17f5633a8d feat(compliance): add CIS 1.12 for Kubernetes (#9778) Pedro Martín 2026-01-13 10:16:28 +01:00
  • 48274f1d54 feat(compliance): add CIS 6.0 for M365 (#9779) Pedro Martín 2026-01-13 10:07:12 +01:00
  • 9719f9ee86 feat(compliance): add CIS 5.0 for Azure (#9777) Pedro Martín 2026-01-13 09:39:24 +01:00
  • 996a429ba7 fix(skills): use consistent command style in prowler-compliance-review feat/prowler-compliance-review-skill Andoni A. 2026-01-13 09:31:54 +01:00
  • fcfe347db9 fix(skills): align prowler-compliance-review with repo patterns Andoni A. 2026-01-13 09:29:17 +01:00
  • 6997b3683f feat(skills): add prowler-compliance-review skill Andoni A. 2026-01-13 09:22:37 +01:00
  • 103d176a38 chore(aws): fixup AWS EC2 SG lib (#9775) Prowler Bot 2026-01-13 08:39:53 +01:00
  • 815797bc2b fix(attack-paths): hide findings completely in full view Andoni A. 2026-01-12 17:13:52 +01:00
  • 9cd249c561 fix(attack-paths): show findings at full opacity in filtered view Andoni A. 2026-01-12 16:59:47 +01:00
  • 00fe96a9f7 refactor(attack-paths): redraw graph with filtered data for optimal layout Andoni A. 2026-01-12 16:56:35 +01:00
  • 7c45ee1dbb refactor(attack-paths): use visibility-based filtering with D3 transitions Andoni A. 2026-01-12 16:50:25 +01:00
  • d19a23f829 feat(attack-paths): highlight selected node and show findings in filtered view Andoni A. 2026-01-12 16:41:09 +01:00
  • b071fffe57 feat(attack-paths): add filtered view when clicking on graph nodes Andoni A. 2026-01-12 16:33:30 +01:00
  • 422c55404b refactor(attack-paths): simplify legend by consolidating resource types Andoni A. 2026-01-12 16:26:20 +01:00
  • d38be934a3 feat(ui): add new findings table (#9699) Alejandro Bailo 2026-01-12 15:44:25 +01:00
  • 6c307385b0 fix(attack-paths): preserve aws variable in ECS query WITH clause Andoni A. 2026-01-12 14:47:12 +01:00
  • 0472eb74d2 chore(aws): enhance metadata for bedrock service (#8827) Rubén De la Torre Vico 2026-01-12 14:26:37 +01:00
  • e5b86da6e5 chore(aws): enhance metadata for rds service (#9551) Rubén De la Torre Vico 2026-01-12 13:52:29 +01:00
  • 429c591819 chore(aws): fixup AWS EC2 SG lib (#9216) Lee Trout 2026-01-12 07:47:37 -05:00
  • 13964ccb1c fix(attack-paths): merge ECS target roles into single virtual node per principal Andoni A. 2026-01-12 13:30:53 +01:00
  • 87c0747174 feat(aws): Update regions for AWS services (#9771) Prowler Bot 2026-01-12 13:00:39 +01:00
  • 62a8540169 feat(gcp): add check to detect Compute Engine configuration changes (#9698) lydiavilchez 2026-01-12 12:22:15 +01:00
  • 9ee77c2b97 chore(security): Remove safety check ignores as they are fixed (#9752) Pepe Fagoaga 2026-01-12 12:02:22 +01:00
  • 21642bb5f9 fix(github_actions): add Python 3.9 compatibility for type annotations Andoni A. 2026-01-12 11:53:36 +01:00
  • 5f2cb614ad feat(overviews): Compliance watchlist endpoint (#9596) Víctor Fernández Poyatos 2026-01-12 11:40:36 +01:00
  • 5c7660879b chore(changelog): update with latest changes PROWLER-663-improve-skill-md-and-correct-typos-for-the-compliance-part pedrooot 2026-01-12 11:07:49 +01:00
  • c659b4d8ee feat(ai): improve compliance skills pedrooot 2026-01-12 11:03:06 +01:00
  • 6c01151d78 docs(lighthouse): update lighthouse architecture docs (#9576) Chandrapal Badshah 2026-01-12 17:18:58 +08:00
  • 05466cff22 test: Add edge case test for s3_bucket_server_access_logging_enabled (#9725) mchennai 2026-01-12 10:06:34 +01:00
  • a57b6d78bf docs: add audit scope column to supported providers table (#9750) Rubén De la Torre Vico 2026-01-12 09:19:29 +01:00
  • d3eb30c066 chore: update API PR template (#9749) Adrián Peña 2026-01-09 15:13:48 +01:00
  • 64ed526e31 refactor(attack-paths): rename virtual nodes from Malicious to New Andoni A. 2026-01-09 15:05:12 +01:00
  • 7f2fa275c6 feat: add AI skills pack for Claude Code and OpenCode (#9728) Alan Buscaglia 2026-01-09 15:01:18 +01:00
  • 42ae5b6e3e chore(template): PR Community Checklist (#9748) Pepe Fagoaga 2026-01-09 14:42:07 +01:00
  • 7c1bcfc781 fix: typo in subscription error (#9745) Pepe Fagoaga 2026-01-09 11:32:10 +01:00
  • 38077e9a0a Merge branch 'master' into DEVREL-93-prowler-gha-poc Andoni A. 2026-01-09 08:30:14 +01:00
  • 68684b107a build(deps-dev): bump authlib from 1.6.5 to 1.6.6 in /api (#9742) dependabot[bot] 2026-01-09 08:25:25 +01:00
  • d04716ea95 build(deps): bump werkzeug from 3.1.4 to 3.1.5 in /api (#9743) dependabot[bot] 2026-01-09 08:23:58 +01:00
  • 8d8b7aad15 build(deps): bump werkzeug from 3.1.4 to 3.1.5 (#9744) dependabot[bot] 2026-01-09 08:22:37 +01:00
  • 2fedfab814 fix(oci): validate credentials before scanning (#9740) Prowler Bot 2026-01-08 18:26:26 +01:00
  • 2388a053ee fix(attack-paths): highlight single path upstream instead of all paths Andoni A. 2026-01-08 18:18:44 +01:00
  • 7bb5354275 feat(attack-paths): improve graph visualization and interactions Andoni A. 2026-01-08 17:57:24 +01:00
  • f3ba70dd6b docs: add warning about changes not complaining with roadmap (#9741) Pepe Fagoaga 2026-01-08 17:03:38 +01:00
  • 27492cbd42 fix(oci): validate credentials before scanning (#9738) Andoni Alonso 2026-01-08 15:47:26 +01:00
  • 03cae9895b wip Andoni A. 2026-01-08 15:43:59 +01:00
  • 795220e290 build(deps): bump werkzeug from 3.1.3 to 3.1.4 (#9399) dependabot[bot] 2026-01-08 15:41:48 +01:00
  • 64ab8e64b0 build(deps): bump urllib3 from 1.26.20 to 2.6.3 (#9734) dependabot[bot] 2026-01-08 15:41:39 +01:00
  • a0f9df07bd build(deps): bump pynacl from 1.5.0 to 1.6.2 (#9726) dependabot[bot] 2026-01-08 15:40:55 +01:00
  • 3d16c62f30 build(deps): bump fastmcp from 2.13.1 to 2.14.0 in /mcp_server (#9696) dependabot[bot] 2026-01-08 15:04:53 +01:00
  • fa2deef241 build(deps): bump aiohttp from 3.12.15 to 3.13.3 in /api (#9723) dependabot[bot] 2026-01-08 14:12:54 +01:00
  • 211639d849 build(deps-dev): bump marshmallow from 3.26.1 to 3.26.2 in /api (#9651) dependabot[bot] 2026-01-08 13:52:58 +01:00
  • 25c90f9f63 build(deps): bump urllib3 from 2.5.0 to 2.6.3 in /api (#9735) dependabot[bot] 2026-01-08 13:45:58 +01:00
  • bbdb230bb2 build(deps): bump filelock from 3.12.4 to 3.20.1 in /api (#9594) dependabot[bot] 2026-01-08 13:45:14 +01:00
  • 6e2ba66a5a build(deps): bump pynacl from 1.5.0 to 1.6.2 in /api (#9739) dependabot[bot] 2026-01-08 13:44:13 +01:00
  • 3332e5b891 build(deps): bump aiohttp from 3.12.14 to 3.13.3 (#9722) dependabot[bot] 2026-01-08 13:38:35 +01:00
  • 44d791dfe9 build(deps-dev): bump marshmallow from 3.26.1 to 3.26.2 (#9652) dependabot[bot] 2026-01-08 13:37:20 +01:00
  • 73375ee289 build(deps): bump tj-actions/changed-files from 47.0.0 to 47.0.1 (#9711) dependabot[bot] 2026-01-08 13:30:41 +01:00
  • 503b56188b chore(aws): enhance metadata for datasync service (#8854) Rubén De la Torre Vico 2026-01-08 13:22:59 +01:00
  • 7c9dd8fe89 build(deps): bump peter-evans/create-pull-request from 7.0.8 to 8.0.0 (#9705) dependabot[bot] 2026-01-08 13:19:35 +01:00
  • f407a24022 build(deps): bump actions/upload-artifact from 4.6.2 to 6.0.0 (#9712) dependabot[bot] 2026-01-08 13:16:15 +01:00
  • 8f5c43744f build(deps): bump softprops/action-gh-release from 2.4.1 to 2.5.0 (#9389) dependabot[bot] 2026-01-08 13:15:24 +01:00
  • 8d78831d29 chore(aws): enhance metadata for s3 service (#9552) Rubén De la Torre Vico 2026-01-08 13:13:32 +01:00
  • 858446c740 build(deps): bump actions/setup-node from 6.0.0 to 6.1.0 (#9707) dependabot[bot] 2026-01-08 13:00:44 +01:00
  • e9ca8bfda6 build(deps): bump trufflesecurity/trufflehog from 3.91.1 to 3.92.4 (#9710) dependabot[bot] 2026-01-08 12:56:15 +01:00
  • 5cd446c446 build(deps): bump codecov/codecov-action from 5.5.1 to 5.5.2 (#9708) dependabot[bot] 2026-01-08 12:56:04 +01:00