ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,560 Commits 1 Branch 0 Tags
324a1002a5ceb6a32658f42142cf001db18cb591
Commit Graph

141 Commits

Author SHA1 Message Date
Toni de la Fuente
78e5dc5dba Added new check extra7141 to detect secrets in SSM Documents 2021-05-18 18:28:15 +02:00
Toni de la Fuente
30442b2da7 Added new check extra7140 for public SSM Documents 2021-05-18 16:10:55 +02:00
Toni de la Fuente
8d9ca987b5 Added link to doc for check45 check46 extra7138 and extras 2021-05-18 15:41:45 +02:00
Pepe Fagoaga
625384ad6d feat(network-acls): include checks in networking and internetexposed checks 2021-04-24 13:38:36 +02:00
Pepe Fagoaga
cb60085779 New Networking checks for FTP, Telnet, SQL Server and Kafka (#2) 
* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21

* feat(aws-securitygroups): include extra control 7134 in extra group

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434

* feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups
 2021-04-22 18:29:12 +02:00
Toni de la Fuente
097ddbb957 Added extra7133 RDS multi-AZ 2021-03-04 20:29:40 +01:00
Toni de la Fuente
b633ec8bef Added more checks mappings to ISO27001 group and reordered the list @mario-platt 
Added more checks mappings to ISO27001 group and reordered the list @mario-platt
 2021-02-22 23:21:32 +01:00
Toni de la Fuente
3d834fae42 Fix typos and add to extras extra7132 2021-02-22 21:44:48 +01:00
Mario Platt
78c2cacfd9 added more checks mappings to ISO27001 group, and reordered the list of comment mappings to go from lower to highest requirements in ISO 2021-02-19 14:23:26 +00:00
Martina Rath
696a776e2e Move extra7132 to rd group and add CHECK_SERVICENAME to check 2021-02-05 08:32:06 +01:00
Martina Rath
073d2ab727 Add check if Enhanced monitoring is enabled on RDS instances 2021-02-05 08:12:11 +01:00
Toni de la Fuente
d77f1ea651 Add new check extra7131 RDS minor version upgrade 2021-01-13 12:58:23 +01:00
Toni de la Fuente
2bc3fcf7ee Add new check extra7131 RDS minor version upgrade 2021-01-13 12:57:08 +01:00
Toni de la Fuente
bcdd12bf84 Add new check extra7131 RDS minor version upgrade 2021-01-13 12:51:49 +01:00
Martina Rath
994abe8fa3 Add check7130 to group7_extras and fix some issues 2021-01-08 13:43:46 +01:00
Toni de la Fuente
e047dc8764 Added latest checks to extras group 2020-12-15 15:10:33 +01:00
Toni de la Fuente
30937c3275 Updated ENS group with new checks 2020-12-01 09:56:08 +01:00
Toni de la Fuente
a8fed14cea Fixed extra7116 extra7117 outputs and added to extras @ramondiez 
Fixed extra7116 extra7117 outputs and added to extras @ramondiez
 2020-11-18 13:41:12 +01:00
Toni de la Fuente
f3d4cc8514 Fixed extra7116 extra7117 outputs and added to extras 2020-11-18 13:31:20 +01:00
Toni de la Fuente
345a8d48c4 Added group for ENS - Spanish Esquema Nacional de Seguridad 2020-11-18 11:45:07 +01:00
Toni de la Fuente
c2a2e393cb Merge branch 'master' into dlpzx-master 2020-11-16 18:31:18 +01:00
Toni de la Fuente
7cd1413c93 Glue grup 2 corrections 2020-11-16 18:29:16 +01:00
Toni de la Fuente
6e604e1834 Some corrections for glue related checks 2020-11-16 17:51:53 +01:00
Toni de la Fuente
b32538b7e5 Glue review 2 2020-11-13 19:05:19 +01:00
Toni de la Fuente
8c9d843813 Glue review 1 2020-11-13 19:02:26 +01:00
Ramon Diez
954848c6e8 Glue checks part 1 2020-11-04 10:44:43 +01:00
gchib
23df3dd8d0 Add extra7113: Check RDS deletion protection 2020-10-08 17:21:26 +05:30
gchib
5994700c09 Add check extra7113 2020-10-08 17:19:58 +05:30
Toni de la Fuente
b512585d80 Added all new Sagemaker checks to extras 2020-10-06 16:43:21 +02:00
Toni de la Fuente
645ea25ddc New group for Sagemaker with 10 new controls 2020-10-06 16:40:19 +02:00
Toni de la Fuente
2fb9588883 Add extra7102 to groups extras and internetexposed 2020-10-02 19:14:37 +02:00
Toni de la Fuente
62a87d961c Add SOC2 compliance group @gchib297 
Add SOC2 compliance group @gchib297
 2020-09-30 22:59:51 +02:00
Toni de la Fuente
6aa8dd643d Add check extra798 to gdpr and pci groups @gchib297 
Add check extra798 to gdpr and pci groups @gchib297
 2020-09-30 22:58:28 +02:00
Toni de la Fuente
f674868dd9 Add check extra798 to iso27001 @gchib297 
Add check extra798 to iso27001 @gchib297
 2020-09-30 22:57:35 +02:00
gchib
a3a71f499c Add SOC2 compliance group 2020-09-30 17:44:19 +05:30
gchib
cf62f2bb05 Add check extra798 to PCI 2020-09-30 17:36:20 +05:30
gchib
dd05575508 Add check extra798 to GDPR 2020-09-30 17:33:41 +05:30
gchib
ff19182cf1 Add check extra798 to iso27001 2020-09-30 17:19:06 +05:30
gchib
58c4af98d1 Add FFIEC group 
Add FFIEC Cybersecurity assessment checks
 2020-09-30 17:10:56 +05:30
Toni de la Fuente
8e1fac1b7c Added checks about EKS to groups internet-exposed and forensics 2020-09-28 09:41:40 +02:00
Toni de la Fuente
d620754bae Added extra796 EKS control plane access to internet-exposed group 2020-09-28 09:36:04 +02:00
Toni de la Fuente
4d9473881f Fixed title id for eks-cis 2020-09-18 18:47:14 +02:00
Toni de la Fuente
0f84181d89 Added new check [extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled 2020-09-18 18:44:01 +02:00
Toni de la Fuente
7bfeebe2a2 Title adjustments for internetexposed iso27001 and eks-cis groups 2020-09-17 16:51:48 +02:00
Toni de la Fuente
0b9d3e39d4 Merge branch 'master' into master 2020-08-27 16:28:35 +02:00
Toni de la Fuente
1d4563f60d Added extra799 and extra7100 to group extras 
Added extra799 and extra7100 to group extras
 2020-08-27 16:23:08 +02:00
Toni de la Fuente
553faf72ec Added [extra736] Check exposed KMS keys to group internet-exposed 2020-08-26 16:57:20 +02:00
Toni de la Fuente
33a53663db Added [extra799] Check if Security Hub is enabled and its standard subscriptions 2020-08-25 19:54:57 +02:00
Toni de la Fuente
ca471700c2 Added [extra798] Check if Lambda functions have resource-based policy set as Public 2020-08-25 19:06:06 +02:00
Nick Malcolm
ba87f437d5 This check will identify IAM Policies which allow an IAM Principal (a Role or User) to escalate their privileges due to insecure STS permissions. It is AWS best practice to only use explicitly defined Resources (Role ARNs) for an sts:AssumeRole action. 
See more: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html#roles-usingrole-createpolicy
 2020-08-20 21:08:00 +12:00