Prowler
Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
Install / Use
/learn @prowler-cloud/ProwlerREADME
Description
Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment. With hundreds of ready-to-use security checks, remediation guidance, and compliance frameworks, Prowler is built to “Secure ANY cloud at AI Speed”. Prowler delivers AI-driven, customizable, and easy-to-use assessments, dashboards, reports, and integrations, making cloud security simple, scalable, and cost-effective for organizations of any size.
Prowler includes hundreds of built-in controls to ensure compliance with standards and frameworks, including:
- Prowler ThreatScore: Weighted risk prioritization scoring that helps you focus on the most critical security findings first
- Industry Standards: CIS, NIST 800, NIST CSF, CISA, and MITRE ATT&CK
- Regulatory Compliance and Governance: RBI, FedRAMP, PCI-DSS, and NIS2
- Frameworks for Sensitive Data and Privacy: GDPR, HIPAA, and FFIEC
- Frameworks for Organizational Governance and Quality Control: SOC2, GXP, and ISO 27001
- Cloud-Specific Frameworks: AWS Foundational Technical Review (FTR), AWS Well-Architected Framework, and BSI C5
- National Security Standards: ENS (Spanish National Security Scheme) and KISA ISMS-P (Korean)
- Custom Security Frameworks: Tailored to your needs
Prowler App / Prowler Cloud
Prowler App / Prowler Cloud is a web-based application that simplifies running Prowler across your cloud provider accounts. It provides a user-friendly interface to visualize the results and streamline your security assessments.
For more details, refer to the Prowler App Documentation
Prowler CLI
prowler <provider>
Prowler Dashboard
prowler dashboard
Attack Paths
Attack Paths automatically extends every completed AWS scan with a Neo4j graph that combines Cartography's cloud inventory with Prowler findings. The feature runs in the API worker after each scan and therefore requires:
-
An accessible Neo4j instance (the Docker Compose files already ships a
neo4jservice). -
The following environment variables so Django and Celery can connect:
| Variable | Description | Default | | --- | --- | --- | |
NEO4J_HOST| Hostname used by the API containers. |neo4j| |NEO4J_PORT| Bolt port exposed by Neo4j. |7687| |NEO4J_USER/NEO4J_PASSWORD| Credentials with rights to create per-tenant databases. |neo4j/neo4j_password|
Every AWS provider scan will enqueue an Attack Paths ingestion job automatically. Other cloud providers will be added in future iterations.
Prowler at a Glance
[!Tip] For the most accurate and up-to-date information about checks, services, frameworks, and categories, visit Prowler Hub.
| Provider | Checks | Services | Compliance Frameworks | Categories | Support | Interface |
|---|---|---|---|---|---|---|
| AWS | 572 | 83 | 41 | 17 | Official | UI, API, CLI |
| Azure | 165 | 20 | 18 | 13 | Official | UI, API, CLI |
| GCP | 100 | 13 | 15 | 11 | Official | UI, API, CLI |
| Kubernetes | 83 | 7 | 7 | 9 | Official | UI, API, CLI |
| GitHub | 21 | 2 | 1 | 2 | Official | UI, API, CLI |
| M365 | 89 | 9 | 4 | 5 | Official | UI, API, CLI |
| OCI | 48 | 13 | 3 | 10 | Official | UI, API, CLI |
| Alibaba Cloud | 61 | 9 | 3 | 9 | Official | UI, API, CLI |
| Cloudflare | 29 | 2 | 0 | 5 | Official | UI, API, CLI |
| IaC | See trivy docs. | N/A | N/A | N/A | Official | UI, API, CLI |
| MongoDB Atlas | 10 | 3 | 0 | 8 | Official | UI, API, CLI |
| LLM | See promptfoo docs. | N/A | N/A | N/A | Official | CLI |
| Image | N/A | N/A | N/A | N/A | Official | CLI, API |
| Google Workspace | 1 | 1 | 0 | 1 | Official | CLI |
| OpenStack | 27 | 4 | 0 | 8 | Official | UI, API, CLI |
| NHN | 6 | 2 | 1 | 0 | Unofficial | CLI |
[!Note] The numbers in the table are updated periodically.
[!Note] Use the following commands to list Prowler's available checks, services, compliance frameworks, and categories:
prowler <provider> --list-checksprowler <provider> --list-servicesprowler <provider> --list-complianceprowler <provider> --list-categories
💻 Installation
Prowler App
Prowler App offers flexible installation methods tailored to various environments:
For detailed instructions on using Prowler App, refer to the Prowler App Usage Guide.
Docker Compose
Requirements
Docker Composeinstalled: https://docs.docker.com/compose/install/.
Commands
VERSION=$(curl -s https://api.github.com/repos/prowler-cloud/prowler/releases/latest | jq -r .tag_name)
curl -sLO "https://raw.githubusercontent.com/prowler-cloud/prowler/refs/tags/${VERSION}/docker-compose.yml"
# Environment variables can be customized in the .env file. Using default values in production environments is not recommended.
curl -sLO "https://raw.githubusercontent.com/prowler-cloud/prowler/refs/tags/${VERSION}/.env"
docker compose up -d
[!WARNING] 🔒 For a secure setup, the API auto-generates a unique key pair,
DJANGO_TOKEN_SIGNING_KEYandDJANGO_TOKEN_VERIFYING_KEY, and stores it in~/.config/prowler-api(non-container) or the bound Docker volume in_data/api(container). Never commit or reuse static/default keys. To rotate keys, delete the stored key files and restart the API.
Once configured, access the Prowler App at http://localhost:3000. Sign up using your email and password to get started.
Common Issues with Docker Pull Installation
[!Note] If you want to use AWS role ass
Related Skills
healthcheck
330.7kHost security hardening and risk-tolerance configuration for OpenClaw deployments
tmux
330.7kRemote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
prose
330.7kOpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.
claude-opus-4-5-migration
81.4kMigrate prompts and code from Claude Sonnet 4.0, Sonnet 4.5, or Opus 4.1 to Opus 4.5
