Prowler Cloud (Pay per use)

My main use case for Prowler is cloud security posture, which involves testing our cloud infrastructure against different benchmarks. Along with cloud infrastructure, the recent updates in Prowler allow us to check Kubernetes-related vulnerabilities in a single place, helping us to optimize our cloud posture.

My main use case is covered, but we have similar checks in AWS and GCP. However, in Prowler, we have a centralized feature that maps multiple accounts and checks them from one place. Recently, Prowler also introduced AI features that can assist in remediation when allowed, which helps reduce our time to improve the cloud security posture.

Prowler offers real-time scanning, which is crucial when improving our cloud security posture, as updates can be immediately reflected on the scoreboard. After implementing Prowler's suggestions, a scan will yield results that demonstrate how much more secure our infrastructure is in the cloud posture.

The real-time scoreboard in Prowler helps us see where we lag and identify practices we aren't implementing, the upgrades we need, and the vulnerabilities present in the infrastructure. It guides us on improving cloud security by recommending best practices for various services, such as ensuring WAF is enabled and Cloud Config and CloudTrail are active for monitoring changes. For new users of Prowler or cloud services, it offers guidance on required monitoring capabilities within the AWS account.

Prowler positively impacts our product-based organization in BFSI by helping protect PII data and ensuring that sensitive information is secure and access is permitted only for authorized users. Prowler introduces security measures, such as recommending the rotation of access keys after 90 days, which we may forget otherwise. Prowler reminds us to rotate keys to minimize risk if the keys are compromised.

Prowler currently focuses on cloud services and big vendors, specifically AWS and GCP, but we can improve by including EC2-specific checks, such as identifying open RDP ports. While Prowler supports that, it lacks a suppress feature for false positives reported by users, so this is an area for improvement.

The flow of traffic information is vital, as Prowler requires read-only access to resources. Any user can pinpoint using the network and facilitate remediation. There should also be a dashboard for attack vectors to manage incoming traffic and enhance infrastructure security, making these enhancements beneficial for Prowler's future.

I give Prowler a score of seven or eight due to its inclusion of multiple security policies and the lack of a feature for adding false positives. Additionally, the network architecture features are incomplete even after recent revisions. Improving AI-sourced security posture features would enhance Prowler's value significantly, as would the option to allow automatic remediation for identified issues.

Prowler's AI capabilities are good but just starting, as significant improvements are still needed on that front.

I find the AI features reliable and accurate; we rely on the recommendations provided. However, if Prowler could also include remediation capabilities for users, it would significantly reduce manual efforts, showcasing the potential of AI. It currently summarizes data from Security Hub and AWS documentation, and improving this would be beneficial.

We primarily use Prowler since 2022.

Prowler is stable in my experience.

Scalability is not a relevant concern for us since we purchased the enterprise license, allowing us to add new capabilities as needed; the Prowler team handles the rest.

The customer support for Prowler is good; due to our established relationship with the Prowler team, we can directly connect with their support for fast issue resolution.

We did not use a different solution before Prowler; we have been using Prowler from the beginning, relying on Python libraries initially.

I have seen a return on investment with Prowler, as we directly communicated with the Prowler CEO for a discount. We manage over 20 AWS accounts with only two people handling them, and Prowler helps us manage these efficiently, resulting in a yearly cost saving of about $5,000 USD.

It wasn't well-known at that time, and while we explored Wiz for its extraordinary features, they were not suitable for our use case, which is why we chose to stick with Prowler.

The flow of traffic information is vital, as Prowler requires read-only access to resources. Any user can pinpoint using the network and facilitate remediation. There should also be a dashboard for attack vectors to manage incoming traffic and enhance infrastructure security, making these enhancements beneficial for Prowler's future. I give Prowler an overall rating of 7.

Hybrid Cloud

Amazon Web Services (AWS)

My main use case of Prowler's is to make our cloud resources compliant and secure our cloud architecture. After setting up the cloud infrastructure, we connect it to Prowler via agentless credentials and conduct compliance checks, and based on those results, we make our cloud compliant. We use Prowler for security purposes, such as being able to see the attack map and all details for our cloud resources.

The best feature Prowler offers is agentless integration, so we do not need to deploy any agent in our cloud accounts, and we do not have to provide hard-coded access key and secret key; we just provide the external key and read-only credentials, and it fetches automatically by its schedule type. With an agent, it would be difficult for us, so agentless integration has made things much easier for our team compared to other solutions we have tried.

Prowler's attack map is very good, as we can see the vulnerabilities and unsecure cloud resources from there. Prowler has impacted our organization very positively; the improvements and benefits are that it provides reports agentlessly, we do not need to install any agent across our instancing server, and it is multi-cloud, so we can use it in all cloud resources.

We have different kinds of accounts such as AWS, Azure, and GCP, so we do not have to install multiple agents on multiple clouds; with a single Prowler deployment, we can configure it via agentless API permissions by creating permissions and roles in cloud accounts without doing anything extra for the multi-cloud environments. Prowler's AI capabilities are very good; I have used it many times and find it to be very secure and 99% reliable.

One limitation is that after scanning the cloud account, Prowler provides reports of compliance frameworks such as SOC 2 Type 2 and ISO certified, but we only receive an Excel sheet; I think a PDF report along with remediation steps is needed to help us improve our cloud accounts better.

Prowler has a central dashboard, but I believe they could create separate dashboards for each cloud, and cross-account asset discovery is not currently available in Prowler, which could be another improvement. Prowler has a few limitations, such as not being able to auto-remediate findings directly from Prowler and also not being able to download PDF reports; additionally, they only have a central dashboard for AWS, Azure, and GCP, which could be made separate for each cloud.

I have been using Prowler for one year.

Prowler is 100% stable.

Prowler's scalability is very high; we can use it for any scale of infrastructure, no matter how many cloud resources there are.

Prowler's customer support is very good; we have raised tickets two or three times, and their support team is very responsive and provides excellent assistance. I would rate the customer support ten out of ten because I raised a ticket and they replied within a few minutes.

We were not using any other solutions previously; we were just using Excel sheets and manual effort.

Prowler has saved us a lot of time, as our engineers previously wasted time manually checking all the configurations of cloud resources maintained in Excel sheets; after switching to Prowler, we save 60 to 70% of our engineers' time, as they no longer need to check each cloud account and resource individually.

I have not deep dived into the pricing and setup cost, but the setup cost is very minimal, and using Prowler's cloud platform requires a small amount of money for securing and complying with our cloud.

Before Prowler, we did not evaluate any other options.

The accuracy of Prowler is almost 90% and the reliability is also 95%. I advise teams currently struggling with securing their cloud resources and dealing with compliance auditors to use Prowler, as it requires a very minimal investment for the security and compliance of cloud resources. I gave this review a rating of eight out of ten.

Public Cloud

Amazon Web Services (AWS)

We have been using Prowler for one year. The main use case of Prowler is to ensure we are ready with compliance, and we can also check our configurations of cloud environments. We can check our misconfiguration, ensuring we comply with many frameworks like SOC 2 and NIST. Using Prowler, we can check whether our cloud is secure and compliant.

We are currently building a SaaS platform, and in production, we have integrated Prowler. When a CISO audit came for that SaaS platform, we downloaded the report from Prowler and sent it to that CISO. Through this approach, we have achieved compliance without logging into cloud accounts. At one time, we discovered that our public S3 buckets were publicly open; using Prowler, we found out that our public buckets were open, and after that, we disabled them to secure our cloud environment.

We are not using Prowler day-to-day, but we use it when creating a new cloud account or a new environment. After that, we integrate Prowler, check the configuration, and any time an audit comes, we go to Prowler, download any compliance report we need, and send it to the auditors.

The best feature Prowler offers is that it is agentless; we just need to provide IAM roles, and it does not require hardcoded access keys or secret keys. Using sessions, Prowler can access our account whenever needed. Prowler has read-only policies, and the attack map that Prowler provides is the best feature we can get.

The agent setup is very smooth; you don't have to do anything complicated. We got CloudFront and CloudStack script; we just have to deploy that and create the policies and roles by itself. After creating that, we just give the external ID for Prowler to access our cloud environment. It is very smooth and easy to set up. After checking all the configurations, Prowler builds the attack map, which shows how hackers might attack our resources using that map, making it very useful for us.

Before using Prowler, we were spending hours of our engineers' efforts on compliance and misconfiguration checks, saving that configuration in Excel sheets. After switching to Prowler, these processes are super smooth and easy, and we are currently saving our engineers' time. We can also do audits on time, ensuring we don't miss deadlines on audits.

Prowler definitely results in faster audits and eliminates human errors, with our engineers saving fifty to sixty percent of the time they previously spent on misconfiguration checks.

For the reports, Prowler does not provide PDF reports for all compliances; it only gives reports for the Prowler configuration. Prowler could include PDFs for all the compliances, which would be super useful for users.

One feature Prowler can improve is providing PDFs for all the compliances, which would be very useful for users. Also, after identifying misconfigurations, Prowler should have a remediate button so that when using Prowler, we can apply those fixes automatically without going to the cloud and fixing them manually.

Prowler's governance and security capabilities are very robust, and I have also used the AI features, where you need to provide your API keys. By using chat, we can see whether there are any misconfigurations.

The output from Prowler's AI is eighty to ninety percent accurate, and I find it to be ninety-five percent reliable.

My advice for those looking into using Prowler is that small teams or big teams dealing with compliance, or even teams spending hours of engineers' efforts or millions of dollars on compliance, can use Prowler and make their cloud compliant. Everyone can benefit from Prowler, whether you are a small team or a big team, especially if you are investing significant effort and resources in compliance. Prowler is a super useful open-source product to have. I rate this product a nine out of ten.

Public Cloud

Amazon Web Services (AWS)

My main use case for Prowler is identifying the vulnerabilities in an infrastructure hosted on AWS.

A quick specific example of how I used Prowler to identify vulnerabilities is that in our code build hosted on AWS, we had secrets in plain text that should have been in secrets manager, so it helped us identify the vulnerability that could have caused major problems.

The best features Prowler offers include its ability to help us identify vulnerabilities first, which in turn helps us fix them frequently.

When it comes to identifying vulnerabilities, the specific scanning capabilities and reporting features in Prowler that stand out for me are that the findings are presented in a well-documented report.

Prowler has positively impacted my organization by helping us on the security front by improving compliance.

Some of the findings in Prowler are not that critical but come in the critical category, so that could be improved. The categorization of vulnerabilities could be improved.

I have used Prowler for an extended period.

Prowler is stable.

Prowler's scalability is good.

Prowler's customer support is good.

I have seen a return on investment as compliance has been improved.

My experience with pricing, setup cost, and licensing is positive.

Prowler is a good software; I recommend it. It helps reduce vulnerabilities. On a scale of one to ten, I would rate Prowler an eight because of the features and limitations mentioned above. I give it this rating because it is a good software that helps reduce vulnerabilities.

Public Cloud

Amazon Web Services (AWS)