# prowler-cloud/prowler

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/prowler-cloud-prowler).**

13,049 stars · 2,002 forks · Python · apache-2.0

## Links

- GitHub: https://github.com/prowler-cloud/prowler
- Homepage: https://prowler.com
- awesome-repositories: https://awesome-repositories.com/repository/prowler-cloud-prowler.md

## Topics

`aws` `azure` `cis-benchmark` `cloud` `cloudsecurity` `compliance` `cspm` `devsecops` `forensics` `gcp` `gdpr` `hacktoberfest` `hardening` `iam` `multi-cloud` `python` `security` `security-audit` `security-hardening` `security-tools`

## Description

Prowler is an automated cloud infrastructure security scanner and posture management tool. It evaluates cloud environments and infrastructure-as-code templates against security benchmarks to identify misconfigurations, vulnerabilities, and compliance gaps that could compromise system integrity.

The platform distinguishes itself through graph-based attack path analysis, which identifies chains of misconfigurations that create exploitable routes for unauthorized access. It utilizes a plugin-based execution model to perform state-based assessments of live environments and static analysis of configuration files, ensuring security coverage across the entire development lifecycle.

The tool provides comprehensive capabilities for continuous security integration, allowing teams to automate compliance reporting by mapping findings to regulatory frameworks. It supports risk prioritization and provides actionable remediation guidance, while enabling the integration of security data into external incident management and monitoring systems through automated reporting pipelines.

## Tags

### Development Tools & Productivity

- [Vulnerability Dependency Graphs](https://awesome-repositories.com/f/development-tools-productivity/dependency-graph-runners/vulnerability-dependency-graphs.md) — Identifies complex chains of misconfigurations using graph-based analysis to uncover exploitable security vulnerabilities.

### Security & Cryptography

- [Cloud Auditing Tools](https://awesome-repositories.com/f/security-cryptography/cloud-auditing-tools.md) — Scans cloud infrastructure configurations against security benchmarks and industry best practices to identify vulnerabilities.
- [Infrastructure Security Scanners](https://awesome-repositories.com/f/security-cryptography/infrastructure-security-scanners.md) — Provides an automated engine for scanning cloud configurations and infrastructure-as-code templates for security risks.
- [Cloud Security Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/infrastructure-security-utilities/cloud-security-tools.md) — Evaluates cloud environments against security benchmarks to maintain visibility into infrastructure posture and risk.
- [Attack Surface Analysis](https://awesome-repositories.com/f/security-cryptography/attack-surface-analysis.md) — Uses graph analysis to identify chains of misconfigurations that create exploitable routes for unauthorized access. ([source](https://prowler.com/llms.txt#prowler))
- [Infrastructure as Code Scanners](https://awesome-repositories.com/f/security-cryptography/infrastructure-as-code-scanners.md) — Analyzes infrastructure-as-code templates for security flaws to prevent misconfigurations in live cloud environments. ([source](https://prowler.com/llms.txt#prowler))
- [Posture Assessment Engines](https://awesome-repositories.com/f/security-cryptography/posture-based-access-control/posture-assessment-engines.md) — Compares cloud resource snapshots against security rules to determine the current risk level of the infrastructure.
- [Compliance Mapping Tools](https://awesome-repositories.com/f/security-cryptography/application-security-standards/compliance-mapping-tools.md) — Maps security assessment results to regulatory frameworks to automate the generation of audit-ready documentation.
- [Regulatory Compliance](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/regulatory-compliance.md) — Tracks security findings against regulatory controls to maintain continuous compliance across cloud environments. ([source](https://prowler.com/llms.txt#prowler))
- [Audit and Compliance](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/audit-and-compliance.md) — Maps security findings to regulatory standards to simplify audit preparation and track compliance posture over time.
- [Remediation Guides](https://awesome-repositories.com/f/security-cryptography/security-guides/security-guidance-summaries/remediation-guides.md) — Provides actionable instructions and scripts for fixing identified security issues to reduce manual remediation effort. ([source](https://prowler.com/llms.txt#prowler))
- [Reachability Prioritizers](https://awesome-repositories.com/f/security-cryptography/vulnerability-scanning/reachability-prioritizers.md) — Evaluates and prioritizes identified vulnerabilities to help teams focus on the most critical infrastructure threats. ([source](https://prowler.com/llms.txt#prowler))
- [Security Information Management](https://awesome-repositories.com/f/security-cryptography/security/operations-and-incident-response/security-information-management.md) — Connects automated agents to security data sources to retrieve real-time risk information for programmatic analysis. ([source](https://prowler.com/llms.txt#prowler))

### Software Engineering & Architecture

- [Compliance Reporting](https://awesome-repositories.com/f/software-engineering-architecture/compliance-reporting.md) — Maps security assessment findings to regulatory frameworks to generate audit-ready compliance documentation.
- [Security Tool Integrations](https://awesome-repositories.com/f/software-engineering-architecture/application-frameworks/autonomous-agent-frameworks/external-tool-integrations/security-tool-integrations.md) — Integrates security scanning tools into development workflows via APIs to automate vulnerability reporting. ([source](https://prowler.com/llms.txt#prowler))
- [Plugin Execution Engines](https://awesome-repositories.com/f/software-engineering-architecture/plugin-execution-engines.md) — Utilizes a modular plugin-based execution model to run independent security checks against cloud configurations.

### DevOps & Infrastructure

- [Pipeline Security](https://awesome-repositories.com/f/devops-infrastructure/pipeline-security.md) — Integrates automated security scanning into CI/CD pipelines to detect and block misconfigurations before deployment.

### Testing & Quality Assurance

- [Static Analysis](https://awesome-repositories.com/f/testing-quality-assurance/code-quality-review/static-analysis.md) — Parses and evaluates infrastructure configuration files against security policies before deployment to prevent vulnerabilities.

### System Administration & Monitoring

- [Alerting and Incident Management](https://awesome-repositories.com/f/system-administration-monitoring/alerting-and-incident-management.md) — Streams security alerts and audit results to external incident management platforms for rapid response. ([source](https://prowler.com/llms.txt#prowler))