Putting the Pro in Prowler
Today we’re announcing Prowler Pro, an enterprise version of Prowler, a well-known open source security tool for AWS. Verica and I joined forces back in late 2021 to make Prowler better, and develop a new product that extends on that solid foundation. Prowler Pro has the best of Prowler plus continuous monitoring, automated deployment for multi-account, personalized support, and visualization of your data via helpful dashboards with custom alerting and reporting.
How Prowler Got Its Start
Back in 2016 I took a cloud security architect role at Alfresco Software, where I led the security efforts around everything that we had to do with the cloud at that time. The first challenge I faced was to know what to secure. We had a good number of AWS accounts and I didn’t know what type of resources or services we were using. I didn’t even know which regions we were using! That’s when the idea occurred to me to write a small tool to see what was there.
Around that time, the Center for Internet Security (CIS) released the CIS AWS security benchmark for AWS. It was the first time they had released a benchmark with a Creative Commons license. It meant I could take that and start writing something based on their work. So I wrote a very basic tool to verify the recommended security checks that the CIS had identified.
At first the tool was very simple. You would run it and get red if you have something to fix, green if you were good to go. I made it this way because I didn’t want to run that tool myself—I wanted the engineers or teams working with AWS accounts to be able to use it. It was a mindset that helped ensure they were self-sufficient with their own hardening and security.
Over time, I fixed more issues and added more features. I made it open source and released it on GitHub, and sent out a couple of tweets. People started using it, and before I knew it, Prowler was gaining stars on Github. Now it has almost 5,000 stars.
Organizations of all sizes, including giant enterprises, started using Prowler and giving me feedback. Prowler has never been my full-time job up until now, so many nights and weekends went into building the tool and I invested a lot into the inner workings of Prowler to make it run as comprehensively as it does.
The AWS Security Community Response
When I started Prowler, the AWS cloud security community didn’t have many tools, and securing AWS was complicated and confusing. (It still is!) Prowler is successful due to the many contributions from the security community. The first important contribution from the Prowler community was the CSV output option. After we added that feature, many companies started using Prowler. I considered any and all feedback to be incredibly valuable for feature development that would be useful to the security community, and as a result, it now has more than 220 checks.
Putting the Pro in Prowler
I didn’t quite know what I wanted for Prowler yet, so in 2019 I took a job at AWS. I learned a lot in my time there, and after two years, I realized that Prowler was getting bigger and bigger in terms of features and community. I have seen so many AWS customers using Prowler in many different ways with different use cases—from just playing around and exploring, to giving the assessments to forensics, to enabling continuous monitoring, and more. Many AWS customers were asking for something beyond Prowler and that’s when I said “Okay, let’s do this.”
I had been introduced to Verica’s co-founders Aaron Rinehart and Casey Rosenthal via Robin Vasan from Mango Capital (one of the investors from Verica’s initial funding), and we all agreed that an enterprise version of Prowler would be something very helpful to the AWS cloud security community. We envisioned all the power of Prowler Open Source coupled with enterprise service in order to make identifying threats and potential issues even easier.
I loved this idea because it meant that I could work on the open source product I’m passionate about and keep that community alive and well and at the same time give support to those Prowler users who want something more. Prowler Pro makes it easy to deploy in multiple AWS cloud accounts, and offers centralized, automated reporting with configurable dashboards. This means on top of a comprehensive list of ready-to-use dashboards, the customer has the ability to create their own dashboards based on their own requirements.
With Prowler Pro, customers get compliance results out of the box, covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS, and custom security frameworks.
Prowler Open Source will still be available on Github for cloud security professionals and developers. The team will focus on enhancing the open-source offering—expanding its database of 220+ checks—while strengthening Prowler Pro capabilities.
Prowler Pro is now available in the AWS Marketplace, or you can contact us for a demo.
& Lead of Prowler Pro
Toni de la Fuente
I’m founder of Prowler Open Source, tool for AWS security best practices. I also worked for AWS as security engineer and security consultant. I’m passionate about FLOSS (Free Libre Open Source Software) in general and Information Security, Incident Response and Digital Forensics in particular. I like everything related to cloud computing and automation. I have done some things for security and the Open Source community like Prowler, phpRADmin, Nagios plugin for Alfresco, Alfresco BART (backup tool). I’ve also contributed in books and courses related to Linux, Monitoring and AWS Security for PacktPublishing.