Skip to content

Prowler 3.16.0 - Back in the Village

Compare
Choose a tag to compare
@jfagoagas jfagoagas released this 04 Apr 08:51
· 2152 commits to master since this release
3.16.0
fd912b2

Turn the spotlights on the people
Switch the dial and eat the worm
Take your chances, kill the engine
Drop your bombs and let it burn

Enjoy the last release of Prowler v3 🤘🏽🔥 with this Iron Maiden song!

New features to highlight in this version

💪🏼 17 New Azure checks

  • Prowler is improving its Azure coverage by including 17 new checks that appears in the CIS Benchmark v2.0.0 and v2.1.0.
    See all the new available checks with prowler azure --list-checks

🔒 Azure CIS v2.0 and v2.1 coverage

  • Prowler includes coverage for two new compliance frameworks for Azure CIS, v2.0.0 and v2.1.0. You can execute these new frameworks with prowler azure --compliance cis_2.1_azure

🔧 More fixes and updates for all the providers

Features

  • feat(azure): New check related with diagnostics settings in subscriptions by @Hugo966 in #3539
  • feat(azure): New check related with logging in Azure Key Vault by @Hugo966 in #3496
  • feat(azure):App check related with http logs by @Hugo966 in #3568
  • feat(entra): New 11 checks related with Microsoft Entra ID by @puchy22 in #3585
  • feat(azure): New check related with trusted launch in vm by @Hugo966 in #3616
  • feat(azure) New Microsoft Entra ID checks by @puchy22 in #3610
  • feat(entra): Manage 403 error for getting user authentication methods by @puchy22 in #3624
  • feat(azure): Check related with roles and vm access with mfa by @Hugo966 in #3638
  • feat(compliance): Add new CIS 2.0 / 2.1 compliance framework for Azure by @pedrooot in #3626

Fixes

  • fix(metadata): change ResourceType Type for AWS Inline Policy Check by @gabrielsoltz in #3599
  • fix(sts): handle China STS regions by @sergargar in #3613
  • fix(azure): fixed check vm_ensure_using_managed_disks metadata by @Hugo966 in #3617
  • fix(aws): break loop after FAIL in SQS and SNS checks by @kagahd in #3618
  • fix(azure): normalize tenant domain set in checks by @sergargar in #3641
  • fix(cis_2.0_azure): add remaining requirement with id 1.25 by @pedrooot in #3646
  • fix(azure): add DefaultValue to Azure CIS compliance by @pedrooot in #3652

Documentation

  • docs: Update number of Azure checks by @jfagoagas in #3639
  • docs(azure): Add new permissions necessary from Microsoft Entra ID by @puchy22 in #3648

Chores

Dependencies

  • build(deps): bump trufflesecurity/trufflehog from 3.70.2 to 3.71.0 by @dependabot in #3603
  • build(deps): bump crazy-max/ghaction-import-gpg from 4 to 6 by @dependabot in #3604
  • build(deps-dev): bump mkdocs-material from 9.5.14 to 9.5.15 by @dependabot in #3606
  • build(deps-dev): bump pytest-cov from 4.1.0 to 5.0.0 by @dependabot in #3607
  • build(deps): bump google-api-python-client from 2.122.0 to 2.123.0 by @dependabot in #3608
  • build(deps): bump tj-actions/changed-files from 43 to 44 by @dependabot in #3627
  • build(deps): bump trufflesecurity/trufflehog from 3.71.0 to 3.71.2 by @dependabot in #3628
  • build(deps): bump google-api-python-client from 2.123.0 to 2.124.0 by @dependabot in #3630
  • build(deps-dev): bump mkdocs-material from 9.5.15 to 9.5.17 by @dependabot in #3633
  • build(deps-dev): bump safety from 3.0.1 to 3.1.0 by @dependabot in #3632
  • build(deps-dev): bump moto from 5.0.3 to 5.0.4 by @dependabot in #3629

Full Changelog: 3.15.3...3.16.0