ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
995 Commits 1 Branch 0 Tags
92e1f17a8049f7d21b8f0d8ff8542c7d2ebf3ab3
Commit Graph

995 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marc Jay
92e1f17a80 Adds 'json-asff' and 'securityhub' output modes 
json-asff mode outputs JSON, similar to the standard 'json' mode with one check per line, but in AWS Security Finding Format - used by AWS Security Hub
Currently uses a generic Type, Resources and ProductArn value, but sets the Id to a unique value that includes the details of the message, in order to separate out checks that run against multiple resources and output one result per resource per check. This ensures that findings can be updated, should the resource move in or out of compliance

securityhub mode generates the ASFF JSON and then passes it to an 'aws securityhub batch-import-findings' call, once per resource per check. Output to the screen is similar to the standard mode, but prints whether or not the finding was submitted successfully

Fixes #524
 2020-04-07 16:08:07 +01:00
Toni de la Fuente
b5e1c9002a Improved policy handling on extra716 2020-04-03 17:54:55 +02:00
Toni de la Fuente
afb908f190 Improved policy handling on extra716 2020-04-03 17:54:25 +02:00
Toni de la Fuente
e567ccb828 v2.2.1 with new function and Improved extra779 and extra716 2020-04-02 15:31:43 +02:00
Toni de la Fuente
2c580dd750 Fix issue #488 only works if CloudWatchLog configuration 2020-04-02 00:19:43 +02:00
Toni de la Fuente
9dec4e6eb3 Fix issue #488 only works if IsMultiRegionTrail 2020-04-02 00:02:42 +02:00
Toni de la Fuente
2e2fe96ff5 Improved extra716 filters and auth check 2020-04-01 21:57:20 +02:00
Toni de la Fuente
2e2e9b85af Merge branch 'master' of https://github.com/toniblyx/prowler 2020-04-01 16:53:04 +02:00
Toni de la Fuente
1ae5d5d725 Added custom ports variable to extra779 2020-04-01 16:52:52 +02:00
Toni de la Fuente
71c9d12184 Merge pull request #526 from dhirajdatar/change-in-usage 
Updated extra in usage of extra for multiple checks
 2020-03-31 13:24:23 +02:00
dhirajdatar
059c701923 Update README.md 2020-03-31 16:46:38 +05:30
Toni de la Fuente
d24e824735 Merge pull request #522 from yumminhuang/master 
Ignore imported ACM Certificate in check_extra724
 2020-03-27 15:03:45 +01:00
Huang Yaming
1419d4887a Ignore imported ACM Certificate in check_extra724 2020-03-27 14:49:52 +08:00
Toni de la Fuente
ba75d89911 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:20:20 +01:00
Toni de la Fuente
8faf1f45c4 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:19:41 +01:00
Toni de la Fuente
eae4722499 Updated ES check titles and results 2020-03-25 17:25:38 +01:00
Toni de la Fuente
8c18533752 Updated check titles 2020-03-25 17:18:43 +01:00
Toni de la Fuente
ee82424869 Enhanced extra779 with better authentication test and TEST_ES_AUTHENTICATION disabled 2020-03-25 12:44:10 +01:00
Toni de la Fuente
b4aaf0b81e Added initial PCI group without checks yet, issue #296 2020-03-25 10:53:55 +01:00
Toni de la Fuente
f809f2fa1d Modify group names header to clarify what is CIS only 2020-03-25 10:53:05 +01:00
Toni de la Fuente
1615478444 Fixed query on extra779 2020-03-25 09:40:03 +01:00
Toni de la Fuente
568bba4c38 Add Elasticsearch checks issue #521 2020-03-24 23:46:11 +01:00
Toni de la Fuente
705d75606d Merge pull request #520 from bridgecrewio/bugfix/extra774_fixes 
extra774 requires credential report to run successfully
 2020-03-23 15:50:08 +01:00
Toni de la Fuente
3ff4acf648 Merge branch 'lanhhuyet510-patch-2' 2020-03-23 15:09:45 +01:00
Toni de la Fuente
e082ef05f0 Merge branch 'patch-2' of https://github.com/lanhhuyet510/prowler into lanhhuyet510-patch-2 2020-03-23 15:09:15 +01:00
Toni de la Fuente
2db9151939 Merge pull request #508 from renuez/checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 
Checks/find security groups with wide open non rfc1918 IPv4 addresses
 2020-03-23 14:50:05 +01:00
Toni de la Fuente
db3ac2361c Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c Added extra777 - Security Groups with too many rules @renuez 2020-03-23 14:39:23 +01:00
Nimrod Kor
25bc8699b3 check_extra774 - revert changes 
(cherry picked from commit 87fd299cdb46f23dd92f4bd2dc99dd0b0db103c2)
 2020-03-22 11:24:07 +02:00
Nimrod Kor
d62027440d extra774 - check correct date, consolidate files and fix report generation 
(cherry picked from commit 75d66df94061d5cbc738384e74f0a3f42d0d6b37)
 2020-03-22 11:24:07 +02:00
Ngọ Anh Đức
0979f421c3 Update check21 2020-03-09 13:00:43 +07:00
Ngọ Anh Đức
89514a1fa8 Update check21 2020-03-09 12:59:47 +07:00
Ngọ Anh Đức
ba13f25c9e Update check21 2020-03-09 12:57:49 +07:00
Ngọ Anh Đức
53ee538e0f add $PROFILE_OPT to the CLI 2020-03-09 12:57:00 +07:00
Ngọ Anh Đức
3116adf86e Update check21 2020-03-09 12:46:16 +07:00
Ngọ Anh Đức
263926a53b Improve check21 
- Add ISLOGGING_STATUS, INCLUDEMANAGEMENTEVENTS_STATUS, READWRITETYPE_STATUS to check
- Remove ` --no-include-shadow-trails ` from CLI
2.1 Ensure CloudTrail is enabled in all regions (Scored):
Via CLI
1. ` aws cloudtrail describe-trails `
Ensure `IsMultiRegionTrail` is set to true
2. `aws cloudtrail get-trail-status --name <trailname shown in describe-trails>`
Ensure `IsLogging` is set to true
3. `aws cloudtrail get-event-selectors --trail-name <trailname shown in describetrails>`
Ensure there is at least one Event Selector for a Trail with `IncludeManagementEvents` set to
`true` and `ReadWriteType` set to `All`
 2020-03-09 12:44:23 +07:00
Philipp Zeuner
cb5858d08a Updated check_extra778 to use PROFILE_OPT and AWSCLI 2020-03-08 09:56:52 +01:00
Philipp Zeuner
1b2b52e6a7 Fixed check_extra778 reference CHECK_ID 2020-03-08 09:22:11 +01:00
Philipp Zeuner
f5d083f781 Updated check_extra778 to exclude 0.0.0.0/0 edge case 2020-03-08 09:21:17 +01:00
Philipp Zeuner
f585ca54d1 Fixed check_extra788 logic bug related to SECURITY_GROUP and improved check_cidr() isolation 2020-03-08 09:20:05 +01:00
Philipp Zeuner
f149fb7535 Refactored check name to check_extra778 2020-03-08 08:15:20 +01:00
Toni de la Fuente
530bacac5b Merge pull request #510 from jonjozwiak/master 
Improve performance of check_extra742 by limiting to one AWS CLI call per region
 2020-03-05 21:33:26 +01:00
Toni de la Fuente
0b2c3c9f4f Merge pull request #509 from nexeck/new_check_ecr_findings 
fix: Enable check extra776 in extra group
 2020-03-05 21:26:34 +01:00
jonjozwiak
8173c20941 Improve performance of check_extra742 by limiting to one AWS CLI call 2020-03-04 16:46:28 +02:00
Marcel Beck
95cb26fb2b fix: Enable check extra776 in extra group 2020-03-04 07:27:40 +01:00
Toni de la Fuente
c0d8258283 [new check] Check if ECR image scan found vulnerabilities in the newest image version 
[new check] Check if ECR image scan found vulnerabilities in the newest image version
 2020-03-03 23:06:44 +01:00
Toni de la Fuente
4646dbcd0b Updated check_extra776 title 2020-03-03 23:04:09 +01:00
Marcel Beck
db260da8b0 feat: New check for ecr image scan findings 
This will check if there is any ecr image with findings.
 2020-03-03 22:53:26 +01:00
Philipp Zeuner
162ff05e42 Updated check_extra777 to fix CHECK_ALTERNATE variable 2020-03-02 22:53:32 +01:00
Philipp Zeuner
6ea863ac3b Initial commit 2020-03-01 20:26:51 +01:00