Prowler – CIS Based AWS Account Hardening Tool

Prowler is a command line tool for AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool.

It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has 40 additional checks including related to GDPR and HIPAA.

Prowler - CIS Based AWS Account  Hardening Tool
Prowler – CIS Based AWS Account Hardening Tool

The tool covers hardening and security best practices for all AWS regions related to the next groups:

  • Identity and Access Management (22 checks) [group1]
  • Logging (9 checks) [group2]
  • Monitoring (14 checks) [group3]
  • Networking (4 checks) [group4]
  • CIS Level 1 [cislevel1]
  • CIS Level 2 [cislevel2]
  • Extras (39 checks) see Extras section [extras]
  • Forensics related group of checks [forensics-ready]
  • GDPR [gdpr]
  • HIPAA [hipaa]

Some of the functionality:

  • get a colorful or monochrome report
  • a CSV format report for diff
  • run specific checks without having to run the entire report
  • check multiple AWS accounts in parallel

The tool add extra security controls for Forensics these are important controls that will help during responding to incident in AWS. With this group of checks, Prowler looks if each service with logging or audit capabilities has them enabled to ensure all needed evidences are recorded and collected for an eventual digital forensic investigation in case of incident.

You can read more and download the tool over here: https://github.com/toniblyx/prowler

Share