Prowler

Prowler is a cloud security platform that automates security and compliance assessments across cloud environments. It runs hundreds of ready-to-use checks, generates dashboards and reports, and pairs findings with remediation guidance so teams can act on the most important risks first.

It ships hundreds of built-in controls, a ThreatScore for weighted risk prioritization, and customizable security frameworks covering standards such as CIS, NIST, PCI-DSS, HIPAA, SOC2, and ISO 27001. The Prowler App offers a web interface for running scans and visualizing results, while the CLI runs the same checks from your terminal. It also provides a GitHub Action with SARIF upload.

It covers AWS, Azure, GCP, Kubernetes, GitHub, M365, and more. Install the CLI from pip or run it from a container; start the App with Docker Compose. Everything runs in your own environment against your accounts.