Using Prowler for AWS assessment against CIS Foundations benchmark - Part 2 Conducting assessment

Introduction

Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening, and incident response.

It follows the guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 190 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others.

Prowler assessment

Scan with Prowler takes time depending upon the number of services enabled in your AWS account. Once the scan is complete the report is stored in the Prowler folder itself in a sub-directory called output. Prowler’s report can be reviewed to prioritize the findings as critical, high, medium, and low.

The Prowler report follows the CIS Benchmark and accordingly the findings are present in the report.

Audit results

Prowler produces results as findings and does not show the resolutions for findings in the report. The findings in the report are categorized as below:

1. INFO: Informational, no action required. This includes results that are overridden
2. PASS: It is the recommended value
3. WARNING: A best practice recommendation
4. FAIL: A security issue or invalid AWS configuration. A fix is required.