ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-01-25 02:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
8 Commits 354 Branches 170 Tags
47b79020b2f8fbb5ff624657b33f55974f8c5325
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Toni de la Fuente 47b79020b2 Updated README
2016-09-13 09:23:36 -04:00
LICENSE
Initial commit
2016-06-29 21:20:16 -04:00
prowler.sh
Updated README
2016-09-13 09:21:39 -04:00
README.md
Updated README
2016-09-13 09:23:36 -04:00

README.md

Prowler: AWS CIS Benchmark Tool

Description

Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark (https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf)

It covers hardening and security best practices for all regions related to:

  • Identity and Access Management (15 checks)
  • Logging (8 checks)
  • Monitoring (16 checks)
  • Neteworking (4 checks)

For a comprehesive list and resolution look at the guide on the link above.

Requirements

This script has been written in bash using AWS-CLI and is works in Linux and OSX.

  • Make sure your AWS-CLI is installed on your workstation, with Python pip already installed:
pip install awscli

Or install it using "brew", "apt", "yum" or manually from https://aws.amazon.com/cli/

  • Previous steps, from your workstation:
git clone https://github.com/Alfresco/aws-cis-security-benchmark
cd aws-cis-security-benchmark
  • Make sure you have properly configure your AWS-CLI with a valid Access Key and Region.
aws configure

How to create a report

1 - Run the prowler.sh command without options:

./prowler.sh

2 - For custom AWS-CLI profile and region use

./prowler.sh -p custom-profile -r us-east-1

3 - For help use:

./prowler.sh -h

USAGE:
      prowler.sh -p <profile> -r <region> [ -v ] [ -h ]
  Options:
      -p <profile>  specify your AWS profile to use (i.e.: default)
      -r <region>   specify a desired AWS region to use (i.e.: us-east-1)
      -h            this help

4 - Check your report and fix the issues following all specific guidelines per check in https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf

Reference in New Issue View Git Blame Copy Permalink
Description
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
awsazurecis-benchmarkcloudcompliancedevsecopsforensicsgcpgdprhardeningiammulti-cloudpythonsecuritysecurity-auditsecurity-hardeningsecurity-toolswell-architected
Readme Apache-2.0 274 MiB
Languages
Python 88.9%
TypeScript 10.3%
Shell 0.3%
HCL 0.3%