Thiago Teixeira

EN | PT

PRO

Prowler

Prowler Project

Open-source multi-cloud security assessment tool (AWS, Azure, GCP, Kubernetes).

Identity, Cloud & Access Free & Open Source CLI Learning Cross-platform

Homepage Docs

Cyber Kill Chain & Defender Lifecycle

Attacker — Kill Chain

1 Reconnaissance

2 Weaponization

3 Delivery

4 Exploitation

5 Installation

6 Command & Control

7 Actions on Objectives

Defender — IR Lifecycle

8 Detection / Monitoring

9 Containment & Eradication

10 Post-incident Forensics

Description

Prowler is an open-source CSPM (Cloud Security Posture Management) and compliance assessment tool. Originally an AWS-only Bash script, version 3+ is a full Python framework supporting AWS, Azure, GCP, and Kubernetes with 300+ checks mapped to CIS, NIST, PCI, HIPAA, GDPR, FFIEC, ISO27001 and more.

Output formats include JSON, JSON-OCSF, CSV, HTML report, and direct integration with AWS Security Hub as findings.

Use cases

Quarterly CIS Benchmark audit of cloud accounts
Generating evidence for an external auditor
Adding cloud posture checks to a CI/CD pipeline

Example

# Run all AWS checks against the current profile
prowler aws --severity high critical --output-formats html json-ocsf