multi cloud security assessment from cloudimg, ready to scan your accounts on first boot
Prowler is an open source security assessment tool that audits a cloud account against hundreds of security controls and reports exactly which pass, which fail, and which compliance requirements each one maps to. It covers Azure, AWS, Google Cloud, Kubernetes, Microsoft 365 and more from a single command line, and maps its findings onto published frameworks including CIS, PCI DSS, HIPAA, SOC 2, ISO 27001, NIST and FedRAMP. It reads and reports only: an assessment never modifies the account it audits.
Ships with no cloud credentials of any kind, by design, so you attach your own read only identity and nothing is ever baked in. Includes the trivy dependency Prowler's infrastructure as code scanning genuinely requires, installed so it stays patchable, plus example fixtures that let you prove the scanner produces real findings before you connect any account. Scheduled assessments are pre wired and fail closed, refusing to run rather than emitting a clean looking report from a scanner that has been tampered with. Paired deploy guide and 24/7 support.