Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Prowler: BlackHat Europe Arsenal 2018

Prowler: Cloud Security Assessment, Auditing, Hardening, Compliance and Forensics Readiness Tool
Prowler helps to assess, audit and harden your AWS account configuration and resources. It also helps to check your configuration with CIS recommendations, and check if your cloud infrastructure is GDPR compliance or if you are ready for a proper forensic investigation. It is a command line tool that provides direct and clear information about configuration status related to security of a given AWS account, it performs more than 80 checks.

  • Be the first to comment

  • Be the first to like this

Prowler: BlackHat Europe Arsenal 2018

  1. 1. - Toni de la Fuente - @ToniBlyx
  2. 2. - Toni de la Fuente - @ToniBlyx
  3. 3. - Toni de la Fuente - @ToniBlyx Prowler is a command line tool for AWS Security Best Practices Assessment, Auditing, Hardening, Compliance and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has 40 additional checks including checks related to GDPR and HIPAA.
  4. 4. - Toni de la Fuente - @ToniBlyx • Hardening guides for most popular OS, Cloud Providers, Mobile Devices, Network Devices and others • Include recommendations regarding security, how to audit them (with commands if they exist) and how to remediate them. • Profile definitions: • Level 1: reduced hardening • Level 2: defense in depth • You can help developing benchmarks • There are two CIS Benchmark guides for AWS: • CIS Benchmarks for CIS Amazon Web Services Foundations Benchmark 1.1.0 • CIS Amazon Web Services Three-tier Web Architecture Benchmark 1.0.0
  5. 5. - Toni de la Fuente - @ToniBlyx • +90 check points (CIS + extras) • It covers hardening and security best practices for all AWS regions related to: • Identity and Access Management • Logging • Monitoring • Networking • Extras (encryption, etc) • GDPR, HIPAA, Forensics groups • With Prowler you can: • get a colored or monochrome report • a CSV format report for diff • run specific checks without having to run the entire report • check multiple AWS accounts in parallel • create your own checks and groups
  6. 6. - Toni de la Fuente - @ToniBlyx • OS: Linux, OSX, Cygwin, Alpine • Latest AWS-CLI: pip install awscli • git clone • Configure valid Access Key and Region: aws configure / export keys / instance profile • Make sure your Secret and Access Keys are associated to a user with proper permissions to do all checks • Usage: ./prowler
  7. 7. - Toni de la Fuente - @ToniBlyx <DEMO>
  8. 8. - Toni de la Fuente - @ToniBlyx