prowler

Compliance scanner

A security tool for assessing and improving cloud infrastructure compliance with various regulations and frameworks.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

GitHub

11k stars
130 watching
2k forks
Language: Python
last commit: about 4 hours ago
Linked from 6 awesome lists

awsazurecis-benchmarkcloudcompliancedevsecopsforensicsgcpgdprhardeningiammulti-cloudpythonsecuritysecurity-auditsecurity-hardeningsecurity-toolswell-architected

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
securityftw/cs-suite An automated tool suite to assess and improve cloud security across multiple platforms 1,144
t0pcyber/hawk A PowerShell-based tool designed to facilitate forensic analysis in O365 environments by gathering and organizing relevant data. 708
bishopfox/cloudfox An open-source tool to help penetration testers gather information about cloud environments and identify potential vulnerabilities. 1,953
jordanpotti/cloudscraper A tool to spider and search cloud resources like AWS, Azure, and Digital Ocean for potential vulnerabilities. 501
cloudina/hawk An API-based antivirus scanning system for cloud storage services 21
portswigger/aws-security-checks A set of automated security checks for AWS services written in Python to identify potential vulnerabilities and configuration issues. 36
toniblyx/my-arsenal-of-aws-security-tools A curated list of open-source tools for assessing and improving AWS security posture 8,983
eliasgranderubio/dagda A tool to analyze and monitor Docker images and containers for security threats 1,159
azure/stormspotter A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. 1,546
azure/cloud-katana Automates security assessment and research in cloud-native environments using event-driven serverless computing 250
jonrau1/electriceye A Python CLI tool for managing security and compliance in cloud and SaaS environments 961
deepfence/threatmapper An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. 4,845
belane/cloudhunter Tools for scanning and analyzing cloud storage bucket permissions 120
openscanner/xguardian A security scanner for OSX applications 41
coinbase/salus A tool for coordinating security scanning of software projects 21