Marc Jay
24e691901e
Convert tabs to spaces within modified function
2020-04-12 17:17:46 +01:00
Marc Jay
57c15c2cc9
Avoid changing the execution order of checks when some checks are excluded
...
Replace the use of `sort -u` to remove duplicate checks, which has the side-effect of reordering checks alphabetically when one or more are excluded with awk, which preserves the check order
Adjust indentation and formatting to be more consistent with the rest of the file
Fixes #492
2020-04-12 17:12:54 +01:00
Toni de la Fuente
8f83da985a
PR #511
2020-04-08 18:00:54 +02:00
Toni de la Fuente
effc3eb14d
Added new checks to group extras
2020-04-08 14:06:11 +02:00
Toni de la Fuente
6ea37b05ca
Improvements and new checks for elasticsearch
2020-04-08 14:00:12 +02:00
Toni de la Fuente
9c4e629647
Fixed typo in extra786
2020-04-07 20:28:38 +02:00
Toni de la Fuente
bd432fed92
New check for Metadata Service Version 2 #413
2020-04-07 16:46:46 +02:00
Toni de la Fuente
b5e1c9002a
Improved policy handling on extra716
2020-04-03 17:54:55 +02:00
Toni de la Fuente
afb908f190
Improved policy handling on extra716
2020-04-03 17:54:25 +02:00
Toni de la Fuente
e567ccb828
v2.2.1 with new function and Improved extra779 and extra716
2020-04-02 15:31:43 +02:00
Toni de la Fuente
2c580dd750
Fix issue #488 only works if CloudWatchLog configuration
2020-04-02 00:19:43 +02:00
Toni de la Fuente
9dec4e6eb3
Fix issue #488 only works if IsMultiRegionTrail
2020-04-02 00:02:42 +02:00
Toni de la Fuente
2e2fe96ff5
Improved extra716 filters and auth check
2020-04-01 21:57:20 +02:00
Toni de la Fuente
2e2e9b85af
Merge branch 'master' of https://github.com/toniblyx/prowler
2020-04-01 16:53:04 +02:00
Toni de la Fuente
1ae5d5d725
Added custom ports variable to extra779
2020-04-01 16:52:52 +02:00
Toni de la Fuente
71c9d12184
Merge pull request #526 from dhirajdatar/change-in-usage
...
Updated extra in usage of extra for multiple checks
2020-03-31 13:24:23 +02:00
dhirajdatar
059c701923
Update README.md
2020-03-31 16:46:38 +05:30
Toni de la Fuente
d24e824735
Merge pull request #522 from yumminhuang/master
...
Ignore imported ACM Certificate in check_extra724
2020-03-27 15:03:45 +01:00
Huang Yaming
1419d4887a
Ignore imported ACM Certificate in check_extra724
2020-03-27 14:49:52 +08:00
Toni de la Fuente
ba75d89911
Added connection test for port 9300 in both linux and macosx on extra779
2020-03-25 18:20:20 +01:00
Toni de la Fuente
8faf1f45c4
Added connection test for port 9300 in both linux and macosx on extra779
2020-03-25 18:19:41 +01:00
Toni de la Fuente
eae4722499
Updated ES check titles and results
2020-03-25 17:25:38 +01:00
Toni de la Fuente
8c18533752
Updated check titles
2020-03-25 17:18:43 +01:00
Toni de la Fuente
ee82424869
Enhanced extra779 with better authentication test and TEST_ES_AUTHENTICATION disabled
2020-03-25 12:44:10 +01:00
Toni de la Fuente
b4aaf0b81e
Added initial PCI group without checks yet, issue #296
2020-03-25 10:53:55 +01:00
Toni de la Fuente
f809f2fa1d
Modify group names header to clarify what is CIS only
2020-03-25 10:53:05 +01:00
Toni de la Fuente
1615478444
Fixed query on extra779
2020-03-25 09:40:03 +01:00
Toni de la Fuente
568bba4c38
Add Elasticsearch checks issue #521
2020-03-24 23:46:11 +01:00
Toni de la Fuente
705d75606d
Merge pull request #520 from bridgecrewio/bugfix/extra774_fixes
...
extra774 requires credential report to run successfully
2020-03-23 15:50:08 +01:00
Toni de la Fuente
3ff4acf648
Merge branch 'lanhhuyet510-patch-2'
2020-03-23 15:09:45 +01:00
Toni de la Fuente
e082ef05f0
Merge branch 'patch-2' of https://github.com/lanhhuyet510/prowler into lanhhuyet510-patch-2
2020-03-23 15:09:15 +01:00
Toni de la Fuente
2db9151939
Merge pull request #508 from renuez/checks/find_security_groups_with_wide_open_non_RFC1918_IPv4
...
Checks/find security groups with wide open non rfc1918 IPv4 addresses
2020-03-23 14:50:05 +01:00
Toni de la Fuente
db3ac2361c
Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4
2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c
Added extra777 - Security Groups with too many rules @renuez
2020-03-23 14:39:23 +01:00
Nimrod Kor
25bc8699b3
check_extra774 - revert changes
...
(cherry picked from commit 87fd299cdb46f23dd92f4bd2dc99dd0b0db103c2)
2020-03-22 11:24:07 +02:00
Nimrod Kor
d62027440d
extra774 - check correct date, consolidate files and fix report generation
...
(cherry picked from commit 75d66df94061d5cbc738384e74f0a3f42d0d6b37)
2020-03-22 11:24:07 +02:00
Ngọ Anh Đức
0979f421c3
Update check21
2020-03-09 13:00:43 +07:00
Ngọ Anh Đức
89514a1fa8
Update check21
2020-03-09 12:59:47 +07:00
Ngọ Anh Đức
ba13f25c9e
Update check21
2020-03-09 12:57:49 +07:00
Ngọ Anh Đức
53ee538e0f
add $PROFILE_OPT to the CLI
2020-03-09 12:57:00 +07:00
Ngọ Anh Đức
3116adf86e
Update check21
2020-03-09 12:46:16 +07:00
Ngọ Anh Đức
263926a53b
Improve check21
...
- Add ISLOGGING_STATUS, INCLUDEMANAGEMENTEVENTS_STATUS, READWRITETYPE_STATUS to check
- Remove ` --no-include-shadow-trails ` from CLI
2.1 Ensure CloudTrail is enabled in all regions (Scored):
Via CLI
1. ` aws cloudtrail describe-trails `
Ensure `IsMultiRegionTrail` is set to true
2. `aws cloudtrail get-trail-status --name <trailname shown in describe-trails>`
Ensure `IsLogging` is set to true
3. `aws cloudtrail get-event-selectors --trail-name <trailname shown in describetrails>`
Ensure there is at least one Event Selector for a Trail with `IncludeManagementEvents` set to
`true` and `ReadWriteType` set to `All`
2020-03-09 12:44:23 +07:00
Philipp Zeuner
cb5858d08a
Updated check_extra778 to use PROFILE_OPT and AWSCLI
2020-03-08 09:56:52 +01:00
Philipp Zeuner
1b2b52e6a7
Fixed check_extra778 reference CHECK_ID
2020-03-08 09:22:11 +01:00
Philipp Zeuner
f5d083f781
Updated check_extra778 to exclude 0.0.0.0/0 edge case
2020-03-08 09:21:17 +01:00
Philipp Zeuner
f585ca54d1
Fixed check_extra788 logic bug related to SECURITY_GROUP and improved check_cidr() isolation
2020-03-08 09:20:05 +01:00
Philipp Zeuner
f149fb7535
Refactored check name to check_extra778
2020-03-08 08:15:20 +01:00
Toni de la Fuente
530bacac5b
Merge pull request #510 from jonjozwiak/master
...
Improve performance of check_extra742 by limiting to one AWS CLI call per region
2020-03-05 21:33:26 +01:00
Toni de la Fuente
0b2c3c9f4f
Merge pull request #509 from nexeck/new_check_ecr_findings
...
fix: Enable check extra776 in extra group
2020-03-05 21:26:34 +01:00
jonjozwiak
8173c20941
Improve performance of check_extra742 by limiting to one AWS CLI call
2020-03-04 16:46:28 +02:00
