~ 2 min read
pubDate: Nov 24 2022 author: “Priyam Singh” title: “Using Prowler for AWS assessment against CIS Foundations benchmark - Part 2 Conducting assessment” description: “Prowler is an Open Source security tool used for AWS security best practices assessments, incident response, audits, continuous monitoring, hardening, and forensics readiness. ” image: https://imgs.kloudle.com/academy/using-prowler-for-aws-assessment-against-cis-foundations-benchmark-part-2-conducting-assessment/1673702905-prowler-for-aws-assessment-against-cis-foundations-benchmark-part-2-image.png category: academy tags: [prowler,aws,cloudsecurity,compliance] draft: false
Prowler is a command line tool that helps you with AWS security assessment, auditing, hardening, and incident response.
It follows the guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 190 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others.
Scan with Prowler takes time depending upon the number of services enabled in your AWS account. Once the scan is complete the report is stored in the Prowler folder itself in a sub-directory called output. Prowler’s report can be reviewed to prioritize the findings as critical, high, medium, and low.
The Prowler report follows the CIS Benchmark and accordingly the findings are present in the report.
Prowler produces results as findings and does not show the resolutions for findings in the report. The findings in the report are categorized as below:
- INFO: Informational, no action required. This includes results that are overridden
- PASS: It is the recommended value
- WARNING: A best practice recommendation
- FAIL: A security issue or invalid AWS configuration. A fix is required.