prowler
Compliance scanner
A security tool for assessing and improving cloud infrastructure compliance with various regulations and frameworks.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
11k stars
130 watching
2k forks
Language: Python
last commit: about 4 hours ago
Linked from 6 awesome lists
awsazurecis-benchmarkcloudcompliancedevsecopsforensicsgcpgdprhardeningiammulti-cloudpythonsecuritysecurity-auditsecurity-hardeningsecurity-toolswell-architected
Related projects:
Repository | Description | Stars |
---|---|---|
securityftw/cs-suite | An automated tool suite to assess and improve cloud security across multiple platforms | 1,144 |
t0pcyber/hawk | A PowerShell-based tool designed to facilitate forensic analysis in O365 environments by gathering and organizing relevant data. | 708 |
bishopfox/cloudfox | An open-source tool to help penetration testers gather information about cloud environments and identify potential vulnerabilities. | 1,953 |
jordanpotti/cloudscraper | A tool to spider and search cloud resources like AWS, Azure, and Digital Ocean for potential vulnerabilities. | 501 |
cloudina/hawk | An API-based antivirus scanning system for cloud storage services | 21 |
portswigger/aws-security-checks | A set of automated security checks for AWS services written in Python to identify potential vulnerabilities and configuration issues. | 36 |
toniblyx/my-arsenal-of-aws-security-tools | A curated list of open-source tools for assessing and improving AWS security posture | 8,983 |
eliasgranderubio/dagda | A tool to analyze and monitor Docker images and containers for security threats | 1,159 |
azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,546 |
azure/cloud-katana | Automates security assessment and research in cloud-native environments using event-driven serverless computing | 250 |
jonrau1/electriceye | A Python CLI tool for managing security and compliance in cloud and SaaS environments | 961 |
deepfence/threatmapper | An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. | 4,845 |
belane/cloudhunter | Tools for scanning and analyzing cloud storage bucket permissions | 120 |
openscanner/xguardian | A security scanner for OSX applications | 41 |
coinbase/salus | A tool for coordinating security scanning of software projects | 21 |