ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 15:25:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,733 Commits 1 Branch 0 Tags
6fb49a46bf9627017e224dffa68efb2e95e66c8e
Commit Graph

20 Commits

Author SHA1 Message Date
Toni de la Fuente
c09385976a Consolidated titles and outputs including resource ID in ASFF 2021-07-05 20:17:27 +02:00
Geoff
4961498562 Added parameter to report resource name 
Added a third parameter to checks textFail and textPass to identify resource name in finding.
 2021-06-16 22:25:44 -05:00
Pablo Pagani
35a22a71cd added risk remediation doc and epics to controls 1 to 741 2021-03-24 10:22:29 -03:00
Toni de la Fuente
f85845c26b Added service name to all checks 2021-01-22 00:19:45 +01:00
C.J
733c99c1e0 Add check for AccessDenied when calling GetBucetLocation 2021-01-12 15:38:47 -05:00
Toni de la Fuente
3d62aedf29 New RC6 including ENS as a new compliance type all formats 2020-12-01 10:03:59 +01:00
Joaquin Rinaudo
ecbe997084 severity+security_hub 2020-09-03 08:04:13 +02:00
Nimrod Kor
ef4d2d33be Fix extra734 - handle us-east-1 
(cherry picked from commit 5f2eb7f82e3814478b380ae5fbb6c8a69536e043)
 2020-06-04 23:15:21 +03:00
Toni de la Fuente
c7ed6a6693 Improved region handing for extra734 and extra764 2020-05-19 15:03:42 +02:00
Toni de la Fuente
dbb3ed9663 Improved extra734 for GovCloud 2020-04-22 22:19:21 +02:00
Marc Jay
5bab65c56d - Remove securityhub output mode and replace with '-S' flag to send findings to Security Hub 
- Move Security Hub related code to a dedicated include/securityhub_integration file
- Check that Security Hub is enabled in the target region before beginning checks when -S is specified
- Add error handling to the batch-import-findings call
- Add CHECK_ASFF_TYPE variables to all CIS checks to override the default
- Add support for CHECK_ASFF_RESOURCE_TYPE variables which override the default 'AwsAccount' value for the resource a finding relates to.
- Add CHECK_ASFF_RESOURCE_TYPE variables to all checks where there is a suitable value in the schema
- Remove json-asff output for info messages as they are not appropriate for possible submission to Security Hub
- Update the README to cover Security Hub integration
- Add an IAM policy JSON document that provides the necessary BatchImportFindings permission for Security Hub
- Remove trailing whitespace and periods in pass/fail messages to be consistent with the majority of messages, to prevent future tidy-up from changing the finding IDs
 2020-04-11 03:04:03 +01:00
root
4cc5cd1ab1 Try to make sure prowler cleans up its temporary files 2019-12-30 13:43:53 -05:00
zfLQ2qx2
669469e618 Update extra764 and extra734, add .gitignore rules for vim 2019-11-21 14:56:13 -05:00
zfLQ2qx2
3a893889b6 Misc prowler fixes 2019-11-13 22:49:32 -05:00
Toni de la Fuente
eecb272f93 Fixed output for PR #339 2019-08-17 11:01:30 +08:00
gabrielsoltz
76e6657e42 refactor check_extra734 2019-06-13 14:12:43 +02:00
soffensive
f5708d7db6 Separate default encryption and bucket policy encryption 
Default encryption (2017): https://aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features/
Bucket policy (2016): https://aws.amazon.com/blogs/security/how-to-prevent-uploads-of-unencrypted-objects-to-amazon-s3/
 2019-04-29 16:31:42 +02:00
Toni de la Fuente
0dc2b9a081 Improved extra734 checking enforce policy 2018-11-06 00:17:00 -05:00
Toni de la Fuente
29e142361b Improved extra734 checking enforce policy 2018-11-06 00:15:20 -05:00
Toni de la Fuente
883afa4959 Added extra734 check S3 bucket encryption 2018-11-05 23:30:00 -05:00