✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🔔 Alerts

[!NOTE]
Available exclusively in Prowler Cloud.

Wire findings straight into the people who need to know. By default, every organization gets a daily digest of critical findings delivered to the organization owner — auto-provisioned, no setup required, editable or removable any time.

From there, organization admins can define custom alert rules over scan results — scoped by provider, account, severity, status, or any combination — and route them to any user in the organization. A Create Alert shortcut on the Findings page turns the current filter set into an alert rule in one click, so the filters you used to triage become the alert that watches for the same condition tomorrow.

All organization users are confirmed recipients by default (no opt-in confirmation required for now), and every alert email carries a one-click unsubscribe link so nobody is stuck on a list they don't want to be on. The new Manage Alerts RBAC permission keeps configuration gated to the right people.

Read more in the alerts documentation.

🔍 Finding Detail Drawer - Built for Triage

The finding drawer is where security teams actually live during triage, so it has been rebuilt around the question every analyst opens it to answer: what's not good, where, and how do I fix it?

• The verdict comes first. A color-coded status banner sits at the top of the drawer - pass, fail, manual, or muted - so the outcome is the first thing you see, not the last thing you scroll to.
• Remediation gets its own tab. Step-by-step fixes no longer compete with identifiers and metadata for attention; you click one tab and you're in the "what do I do about it" view.
• Resource context is front and center. Account and Resource share the top row with a one-click link straight to the resource page.
• Information hierarchy matches the workflow. Internal identifiers (check_id, finding_id, finding_uid) move to the bottom of the overview - still one click away when you need them for a Jira ticket or a copy-paste, but no longer competing with the answer to "what is this?". The "Other Findings For This Resource" tab is renamed to the more direct Findings for this resource.
• Faster carousel navigation. Stepping through findings inside the drawer no longer flashes empty banners - the status renders immediately from the row you came from while the full record loads in the background.

The net effect: less hunting, fewer clicks between "I have a finding" and "I have a plan."

🎯 Prowler ThreatScore - Compliance View Overhaul

The ThreatScore compliance views get a focused UX pass so the score is something you can act on, not just look at:

• Canonical pillar ordering everywhere - pillars now render in a single canonical order (1. IAM → 2. Attack Surface → 3. Logging and Monitoring → 4. Encryption) across the badge, breakdown card, donut legend, and accordion. Missing pillars no longer disappear from the UI - they render with - / 0% so the full set is always visible.
• Pillars are clickable - clicking a pillar on /compliance now jumps straight to the ThreatScore detail page with the accordion pre-expanded on the pillar you clicked, scrolled into view. No more eyeballing the accordion to find what you just clicked on.
• Top Failed Sections always shows the full pillar set - every canonical pillar shows up on the chart, zero-filled when there are no failures, so you get a true at-a-glance pillar-by-pillar fail rate instead of a partial picture.
• Every donut slice is hoverable - on the Requirements Status donut, the slice you hover over expands slightly so even tiny 1–2% fail or manual segments are easy to target and inspect, instead of being swallowed by the dominant pass slice.

📚 ASD Essential Eight Maturity Model - AWS

The Australian Signals Directorate's Essential Eight Maturity Model (Maturity Level One, Nov 2023) is now a first-class compliance framework for AWS. It plugs into the compliance page with the same detail view, top-failed-sections breakdown, and export support as every other framework. Thanks to @boonchuan!

Read more in our compliance documentation.

📧 Google Workspace - Gmail Attachment Safety & Spoofing Protection

Eight new Gmail checks land for Google Workspace, covering attachment safety and spoofing protection at the domain level via the Cloud Identity Policy API:

• gmail_anomalous_attachment_protection_enabled
• gmail_domain_spoofing_protection_enabled
• gmail_employee_name_spoofing_protection_enabled
• gmail_encrypted_attachment_protection_enabled
• gmail_groups_spoofing_protection_enabled
• gmail_inbound_domain_spoofing_protection_enabled
• gmail_script_attachment_protection_enabled
• gmail_unauthenticated_email_protection_enabled

Read more in our Google Workspace documentation.

Explore all Google Workspace checks at Prowler Hub.

☁️ AWS - Bedrock Hardening

Three new AWS Bedrock checks land this release to keep generative-AI surface area honest:

• bedrock_guardrails_configured - flags Bedrock deployments that ship without Guardrails configured, the standard AWS-native abuse and content-safety layer.
• bedrock_prompt_management_exists - verifies Prompt Management is in use so prompts are versioned and auditable rather than embedded inline in application code.
• bedrock_prompt_encrypted_with_cmk- verifies that each Prompt is encrypted with CMK.

Read more in our AWS provider documentation.

Explore all AWS checks at Prowler Hub.

🖥️ UI - Providers Wording, Findings Polish

A coordinated UX pass across the high-traffic surfaces:

• Providers wording - "Cloud Providers", "Accounts", and "Account Groups" copy is gone. Everything is now consistently labeled "Providers" across the UI and docs, removing the last of the legacy naming.
• Finding remediation links - the detail drawer now labels remediation actions by destination ("View CVE", "View in Prowler Hub", "View Advisory", "View Reference") instead of a generic "View" everywhere.
• Compliance cards - full-width progress bar, passing-requirements caption next to the framework logo.

🔗 Remediation Links Now Point to the Source

Container image CVE findings and IaC findings now link to official sources for remediation and references - CVE.org, Prowler Hub, and GitHub Security Advisories - instead of a third-party advisory mirror. Trivy-sourced findings also link correctly into Prowler Hub, so the "View" buttons in the finding drawer go where you expect every time.

🔐 Security Updates

• Image provider SSRF - parser-mismatch SSRF in registry auth fixed: crafted bearer-token realms and pagination links could force requests to internal addresses and leak credentials cross-origin.
• cryptography 46.0.6 → 46.0.7 and trivy 0.69.2 → 0.70.0 across SDK, API, and MCP images for CVE-2026-39892 and CVE-2026-33186.
• requests 2.33.1 in the MCP server image to clear advisory 90553.

🙌 External Contributors

Thank you to our community contributors for this release!

• @boonchuan - Add ASD Essential Eight Maturity Model compliance framework for AWS in #10808
• @DannyLyubenov - Batch AWS CodeBuild API calls to prevent throttling-induced false positives in #10639
• @davletd) - Tighten Azure Network Watcher flow log checks to require workspace-backed Traffic Analytics in #10645
• @davletd - Update Azure Network Watcher flow log compliance text for NSG retirement in #10937
• @ivan-necheporenko - Scan every Azure subscription even when display names collide in #10718
• @rchotacode - Scan Oracle Cloud identity in known valid regions for non-Ashburn tenancies in #10529
• @mohamedsolaiman - Add AWS guide for extending existing services in #10924
• @baggers27 - Fix Azure documentation broken link for minimum TLS version in #10916

UI

🚀 Added

• ASD Essential Eight compliance framework support (#11071)

🔄 Changed

• Standardized "Providers" wording across UI and documentation, replacing legacy "Cloud Providers" / "Accounts" / "Account Groups" copy (#10971)
• Finding detail drawer now labels remediation actions from finding-level recommendation URLs by destination: "View CVE", "View in Prowler Hub", "View Advisory", or "View Reference", while keeping URL-only remediation cards labeled (#10853)
• Finding detail drawer reorganized: status-colored banner below the resource info, dedicated Remediation tab, renamed "Findings for this resource" tab, and inline View Resource link next to the resource UID (#11091)
• ThreatScore compliance views: canonical pillar order across all charts and the accordion, clickable pillars on /compliance that anchor the detail page, Top Failed Sections always shows the full pillar set, and donut tooltip now triggers on every segment (#10975)

API

🚀 Added

• scan-reset-ephemeral-resources post-scan task zeroes failed_findings_count for resources missing from the latest full-scope scan, keeping ephemeral resources from polluting the Resources page sort (#10929)
• ASD Essential Eight (AWS) compliance framework support (#10982)

🔐 Security

• trivy binary from 0.69.2 to 0.70.0 and cryptography from 46.0.6 to 46.0.7 (transitive via prowler SDK) in the API image for CVE-2026-33186 and CVE-2026-39892 (#10978)

SDK

🚀 Added

• bedrock_guardrails_configured check for AWS provider (#10844)
• Universal compliance with OCSF support (#10301)
• ASD Essential Eight Maturity Model compliance framework for AWS (Maturity Level One, Nov 2023) (#10808)
• Vercel checks to return personalized finding status extended depending on billing plan and classify them with billing-plan categories (#10663)
• bedrock_prompt_management_exists check for AWS provider (#10878)
• 8 Gmail attachment safety and spoofing protection checks for Google Workspace provider using the Cloud Identity Policy API (#10980)
• bedrock_prompt_encrypted_with_cmk check for AWS provider (#10905)

🔄 Changed

• Azure Network Watcher flow log checks now require workspace-backed Traffic Analytics for network_flow_log_captured_sent and align metadata with VNet-compatible flow log guidance (#10645)
• Azure compliance entries for legacy Network Watcher flow log controls now use retirement-aware guidance and point new deployments to VNet flow logs (#10937)
• AWS CodeBuild service now batches BatchGetProjects and BatchGetBuilds calls per region (up to 100 items per call) to reduce API call volume and prevent throttling-induced false positives in codebuild_project_not_publicly_accessible (#10639)
• display_compliance_table dispatch switched from substring in checks to startswith to prevent false matches between similarly named frameworks (e.g. cisa vs cis) (#10301)
• Restore the ec2-imdsv1 category for EC2 IMDS checks to keep Attack Surface and findings filters aligned (#10998)
• Container image CVE findings and IaC findings now use official CVE, Prowler Hub, or GitHub Security Advisory URLs instead of Aqua advisory URLs in remediation and references; Trivy rule IDs map to Prowler Hub without the AVD- prefix so links resolve (#10853)

🐞 Fixed

• AWS SDK test isolation: autouse mock_aws fixture and leak detector in conftest.py to prevent tests from hitting real AWS endpoints, with idempotent organization setup for tests calling set_mocked_aws_provider multiple times (#10605)
• AWS boto user agent extra is now applied to every client (#10944)
• Image provider connection check no longer fails with a misleading host='https' resolution error when the registry URL includes an http:// or https:// scheme prefix (#10950)
• Azure subscriptions sharing the same display name are no longer collapsed into a single identity entry, so every subscription is scanned (#10718)

🔐 Security

• Parser-mismatch SSRF in image provider registry auth where crafted bearer-token realms and pagination links could force requests to internal addresses and leak credentials cross-origin (#10945)
• cryptography from 46.0.6 to 46.0.7 and trivy binary from 0.69.2 to 0.70.0 in the SDK image for CVE-2026-39892 and CVE-2026-33186 (#10978)

UI

🔄 Changed

• Compliance cards: progress bar now spans the full card width, the passing-requirements caption sits beside the framework logo under the title, and the ISO 27001 logo asset is recentered within its tile (#10939)
• Findings expanded resource rows now drop the redundant cube icons, render Service and Region with the same compact label style as Last seen and Failing for, and reorder columns to Status, Resource, Provider, Severity, then field labels (#10949)

SDK

🐞 Fixed

• route53_dangling_ip_subdomain_takeover now also flags CNAME records pointing to S3 website endpoints whose buckets are missing from the account (#10920)
• Duplicate Kubernetes RBAC findings when the same User or Group subject appeared in multiple ClusterRoleBindings (#10242)
• Match K8s RBAC rules by apiGroup (#10969)
• Return a compact actor name from CloudTrail userIdentity events (#10986)

UI

🐞 Fixed

• Compliance page export menu now scales on small screens, and frameworks load on first render without requiring a manual scan re-selection (#10918)

API

🐞 Fixed

• Attack Paths: AWS scans no longer fail when enabled regions cannot be retrieved, and scans stuck in scheduled state are now cleaned up after the stale threshold (#10917)
• Scan report and compliance downloads now redirect to a presigned S3 URL instead of streaming through the API worker, preventing gunicorn timeouts on large files (#10927)

SDK

🐞 Fixed

• KeyError when generating compliance outputs after the CLI scan #10919
• Kubernetes OCSF provider_uid now uses the cluster name in in-cluster mode (so --cluster-name is correctly reflected in findings) and keeps the kubeconfig context in kubeconfig mode (#10483)

✨ New features to highlight

Enjoy them all now for free at https://cloud.prowler.com/

📦 Official Prowler GitHub Action

prowler-cloud/[email protected] is now an official GitHub Action. Drop it into any workflow to run a Prowler scan, optionally upload SARIF to GitHub Code Scanning, and push results to Prowler Cloud.

- uses: prowler-cloud/[email protected]
  with:
    provider: iac
    output-formats: sarif json-ocsf
    upload-sarif: true
    flags: --severity critical high

The action is pinned to the matching release tag, so v5.25 ships with prowler-cloud/[email protected] ready to use.

🐙 GitHub — zizmor Workflow Scanning as a First-Class Service

The GitHub provider gains a new service: GitHub Actions, powered by zizmor for static analysis of workflow files. Prowler now scans .github/workflows/*.yml for the OWASP Top 10 CI/CD risks — script injection, overly permissive GITHUB_TOKEN, untrusted checkouts, dangerous triggers — and ships the findings through the same pipeline as every other GitHub check. This is your first line of defense against supply chain attacks: a poisoned action, a compromised tag, or a workflow that leaks secrets to a forked PR is exactly the kind of footgun zizmor catches before it ships. zizmor v1.24.1 is bundled into the API Docker image, so the service runs out of the box on Prowler Cloud and self-hosted alike.

Read more in our GitHub provider documentation.

Explore all GitHub checks at Prowler Hub.

🛡️ IaC — SARIF Output for GitHub Code Scanning

The IaC provider now emits SARIF via --output-formats sarif. Combined with the new GitHub Action, that means IaC misconfigurations land directly in the Security → Code Scanning tab on every PR — annotated on the offending Terraform, CloudFormation, Dockerfile, or Kubernetes manifest, with severity, remediation, and Prowler check metadata carried through.

Read more in our IaC provider documentation.

🖥️ UI — Compliance Page Redesign

The compliance page has been rebuilt: client-side search across frameworks, a more compact scan selector trigger, and redesigned compliance cards.

🖥️ UI — Resources, Mutelist, and Filter Polish

A coordinated UX pass across the high-traffic surfaces:

• Resources — batch-applied filters, syntax-highlighted metadata JSON, and tighter drawer behavior.
• Mutelist — name and reason search, plus visual count badges on finding targets.
• Shared filter dropdowns — local option search and auto-scroll to the first visible match across table and provider filters.
• View Resource button — easy navigation to resource details directly from finding view.

📧 Google Workspace — Gmail Service

The Google Workspace provider gains a new Gmail service with 9 CIS-aligned checks covering user settings, link safety, end-user access, and spam/phishing controls — pulled directly from the Cloud Identity Policy API at the domain level.

• gmail_mail_delegation_disabled
• gmail_shortener_scanning_enabled
• gmail_external_image_scanning_enabled
• gmail_untrusted_link_warnings_enabled
• gmail_pop_imap_access_disabled
• gmail_auto_forwarding_disabled
• gmail_per_user_outbound_gateway_disabled
• gmail_enhanced_pre_delivery_scanning_enabled
• gmail_comprehensive_mail_storage_enabled

Explore all Google Workspace checks at Prowler Hub.

🏛️ Prowler Cloud — Reports for Imported Scans

[!NOTE]
Available exclusively in Prowler Cloud.

Imported scans (OCSF) now generate the same downloadable artifacts as CLI scans. The new download buttons are wired into both the scans table and the compliance views, so air-gapped, partner, and offline OCSF imports get the same reporting surface as a connected provider.

Read more in our reports documentation.

📊 CIS Benchmark PDF Reports

Compliance for the latest CIS variant of every provider get a Download PDF button, and the API exposes the underlying generator at GET /scans/{id}/cis/{name}/. Only the latest CIS version per provider surfaces the button — the backend rejects PDF generation for older variants — so the report you download always matches the benchmark you'd want to ship to an auditor.

Read more in our compliance documentation.

👥 Tenant User Expulsion

Tenant owners can now remove users from their organizations directly from the UI. Behind the scenes, DELETE /tenants/{tenant_pk}/memberships/{id} deletes the expelled user's account when the removed membership was their last one and blacklists every outstanding refresh token, so existing sessions stop minting new access tokens immediately.

🔍 New Checks

AWS

• secretsmanager_has_restrictive_resource_policy - evaluates resource-based policies for AWS Secrets Manager secrets — thanks to @kagahd!

GitHub

• repository_default_branch_dismisses_stale_reviews — flags repositories whose default branch protection does not dismiss stale PR approvals when new commits are pushed (CIS 1.1.4) — thanks to @Mathisdjango!

Explore all GitHub checks at Prowler Hub.

🙌 External Contributors

Thank you to our community contributors for this release!

• @Mathisdjango -- New GitHub check: dismiss stale PR approvals on default branch (CIS 1.1.4) in #10569
• @raajheshkannaa -- --repo-list-file CLI flag for GitHub provider to load repositories from a file in https://github.com/prowler-cloud/prowler/pull/10501
• @grauJavier -- Centralize AI assistant config via symlinks for skills in https://github.com/prowler-cloud/prowler/pull/9951
• @boonchuan -- Nginx reverse proxy configuration in https://github.com/prowler-cloud/prowler/pull/10780
• @kagahd -- New AWS check to evaluate resource-based policies for Secrets Manager secrets in https://github.com/prowler-cloud/prowler/pull/6985

UI

🚀 Added

• Download PDF button for CIS Benchmark compliance cards, surfaced only on the latest CIS variant per provider to match the backend's latest-only PDF generation (#10650)
• knip for dead code detection with lint:knip and lint:knip:fix scripts (#10654)
• Resource button in the findings resource detail drawer to open the related resource page (#10847)

🔄 Changed

• Redesign compliance page, client-side search for compliance frameworks, compact scan selector trigger, enhanced compliance cards (#10767)
• Allows tenant owners to expel users from their organizations (#10787)
• Shared filter dropdowns now support local option search and auto-scroll to the first visible match across table and provider filters (#10859)
• Backward-compatibility middleware redirect from /sign-up?invitation_token=… to /invitation/accept?invitation_token=…; new invitation emails use /invitation/accept directly (#10797)
• Mutelist improvements: table now supports name/reason search and visual count badges for finding targets (#10846)
• Resources now use batch-applied filters, render metadata JSON with syntax highlighting, and more (#10861)
• Table pagination controls now keep their arrows visible on hover in light theme, and more UI improvements (#10862)

API

🚀 Added

• CIS Benchmark PDF report generation for scans, exposing the latest CIS version per provider via GET /scans/{id}/cis/{name}/ (#10650)
• /overviews/resource-groups (resource inventory), /overviews/categories and /overviews/attack-surfaces now reflect newly-muted findings without waiting for the next scan. The post-mute reaggregate-all-finding-group-summaries task now also dispatches aggregate_scan_resource_group_summaries_task, aggregate_scan_category_summaries_task and aggregate_attack_surface_task per latest scan of every (provider, day) pair, rebuilding ScanGroupSummary, ScanCategorySummary and AttackSurfaceOverview alongside the tables already covered in #10827 (#10843)
• Install zizmor v1.24.1 in API Docker image for GitHub Actions workflow scanning (#10607)

🔄 Changed

• Allows tenant owners to expel users from their organizations (#10787)
• aggregate_findings, aggregate_attack_surface, aggregate_scan_resource_group_summaries and aggregate_scan_category_summaries now upsert via bulk_create(update_conflicts=True, ...) instead of the prior ignore_conflicts=True / plain INSERT / already backfilled short-circuit. Re-runs triggered by the post-mute reaggregation pipeline no longer trip the unique_*_per_scan constraints nor silently drop updates, and are race-safe under concurrent writers (e.g. scan completion overlapping with a fresh mute rule) (#10843)
• Rename the scan-category and scan-resource-group summary aggregators from backfill_* to aggregate_* (#10843)

🐞 Fixed

• generate_outputs_task crashing with KeyError for compliance frameworks listed by get_compliance_frameworks but not loadable by Compliance.get_bulk (#10903)

SDK

🚀 Added

• --repo-list-file CLI flag for GitHub provider to load repositories from a file (#10501)
• SARIF output format for the IaC provider, enabling GitHub Code Scanning integration via --output-formats sarif (#10626)
• repository_default_branch_dismisses_stale_reviews check for GitHub provider to ensure stale pull request approvals are dismissed when new commits are pushed (#10569)
• Official Prowler GitHub Action (prowler-cloud/[email protected]) for running scans in GitHub workflows with optional --push-to-cloud and SARIF upload to GitHub Code Scanning (#10872)
• GitHub Actions service for scanning workflow security issues using zizmor (#10607)
• secretsmanager_has_restrictive_resource_policy check for AWS provider (#6985)

🐞 Fixed

• Alibaba Cloud CS service SDK compatibility, harden other services and improve documentation (#10871)
• AWS Organizations metadata retrieval for delegated administrator scans by using the assumed role session instead of the pre-assume credentials (#10894)
• admincenter_groups_not_public_visibility check for M365 provider evaluating Security and Distribution groups, now restricted to Microsoft 365 (Unified) groups per CIS M365 Foundations 1.2.1 (#10899)
• Google Workspace check reports now store the actual domain or account resource subject instead of provider.identity (#10901)
• entra_users_mfa_capable evaluating disabled guest accounts; CIS 5.2.3.4 only targets enabled member users (#10785)

UI

🐞 Fixed

• Provider wizard no longer advances to the Launch Scan step when rotating credentials (#10851)
• Attack Paths scan selector now lists scans from every provider with working pagination, instead of capping the list at the first ten (#10864)

API

🚀 Added

• DJANGO_SENTRY_TRACES_SAMPLE_RATE env var (default 0.02) enables Sentry performance tracing for the API (#10873)

🔄 Changed

• Attack Paths: Neo4j driver connection_acquisition_timeout is now configurable via NEO4J_CONN_ACQUISITION_TIMEOUT (default lowered from 120 s to 15 s) (#10873)

API

🚀 Added

• /overviews/findings, /overviews/findings-severity and /overviews/services now reflect newly-muted findings without waiting for the next scan. The post-mute reaggregate-all-finding-group-summaries task was extended to re-run the same per-scan pipeline that scan completion runs (ScanSummary, DailySeveritySummary, FindingGroupDailySummary) on the latest scan of every (provider, day) pair, keeping the pre-aggregated tables in sync with Finding.muted updates (#10827)

🐞 Fixed

• Finding groups aggregated status now treats muted findings as resolved: a group is FAIL only while at least one non-muted FAIL remains, otherwise it is PASS (including fully-muted groups). The filter[status] filter and the sort=status ordering share the same semantics, keeping status consistent with fail_count and the orthogonal muted flag (#10825)
• aggregate_findings is now idempotent: it deletes the scan's existing ScanSummary rows before bulk_create, so re-runs (such as the post-mute reaggregation pipeline) no longer violate the unique_scan_summary constraint and no longer abort the downstream DailySeveritySummary / FindingGroupDailySummary recomputation for the affected scan (#10827)
• Attack Paths: Findings on AWS were silently dropped during the Neo4j merge for resources whose Cartography node is keyed by a short identifier (e.g. EC2 instances) rather than the full ARN (#10839)

SDK

🐞 Fixed

• CloudTrail resource timeline uses resource name as fallback in LookupEvents (#10828)
• Exclude me-south-1 and me-central-1 from default AWS scans to prevent hangs when the host can't reach those regional endpoints (#10837)

UI

🐞 Fixed

• Default muted filter now applied consistently on the findings page and the finding-group resource drill-down, keeping muted findings hidden unless the "include muted findings" checkbox is opted in (#10818)

API

🔄 Changed

• Finding groups /resources endpoints now materialize the filtered finding IDs into a Python list before filtering ResourceFindingMapping (#10816)

🐞 Fixed

• /finding-groups/latest/<check_id>/resources now selects the latest completed scan per provider by -completed_at (then -inserted_at) instead of -inserted_at, matching the /finding-groups/latest summary path and the daily-summary upsert so overlapping scans no longer produce diverging delta/new_count between the two endpoints (#10802)

UI

🐞 Fixed

• Findings and filter UX fixes: exclude muted findings by default in the resource detail drawer and finding group resource views, show category context label (for example Status: FAIL) on MultiSelect triggers instead of hiding the placeholder, and add a wide width option for filter dropdowns applied to the findings Scan filter to prevent label truncation (#10734)
• Findings grouped view now handles zero-resource IaC counters, refines drawer loading states, and adds provider indicators to finding groups (#10736)
• Other Findings for this resource: ordering by severity (#10778)
• Other Findings for this resource: show delta indicator (#10778)
• Compliance: requirement findings do not show muted findings (#10778)
• Latest new findings: link to finding groups order by -severity,-last_seen_at (#10778)

🔒 Security

• Upgrade React to 19.2.5 and Next.js to 16.2.3 to mitigate CVE-2026-23869 (React2DoS), a high-severity unauthenticated remote DoS vulnerability in the React Flight Protocol's Server Function deserialization (#10754)

API

🔄 Changed

• Attack Paths: Restore SYNC_BATCH_SIZE and FINDINGS_BATCH_SIZE defaults to 1000, upgrade Cartography to 0.135.0, enable Celery queue priority for cleanup task, rewrite Finding insertion, remove AWS graph cleanup and add timing logs (#10729)

🐞 Fixed

• Finding group resources endpoints now include findings without associated resources (orphaned IaC findings) as simulated resource rows, and return one row per finding when multiple findings share a resource (#10708)
• Attack Paths: Missing tenant_id filter while getting related findings after scan completes (#10722)
• Finding group counters pass_count, fail_count and manual_count now exclude muted findings (#10753)
• Silent data loss in ResourceFindingMapping bulk insert that left findings orphaned when INSERT ... ON CONFLICT DO NOTHING dropped rows without raising; added explicit unique_fields (#10724)

SDK

🔄 Changed

• msgraph-sdk from 1.23.0 to 1.55.0 and azure-mgmt-resource from 23.3.0 to 24.0.0, removing marshmallow as is a transitively dev dependency (#10733)

🐞 Fixed

• Cloudflare account-scoped API tokens failing connection test in the App with CloudflareUserTokenRequiredError (#10723)
• Google Workspace Calendar checks false FAIL on unconfigured settings with secure Google defaults (#10726)
• prowler image --registry-list crashes with AttributeError because ImageProvider.__init__ returns early before registering the global provider (#10691)
• Google Workspace Drive checks false FAIL on unconfigured settings with secure Google defaults (#10727)
• Cloudflare validate_credentials can hang in an infinite pagination loop when the SDK repeats accounts, blocking connection tests (#10771)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com/

🖥️ Redesigned Resources

The resources detail panel has been rebuilt from the ground up. The new side drawer consolidates resource metadata, associated findings, and events timeline into a cleaner, denser layout — designed to keep you inside the drawer while investigating a resource instead of bouncing back to the list.

🧹 UX and Data Consistency

A large sweep of fixes landed this release targeting the rough edges users actually hit day to day: filter behavior, headers, counters drifting from the underlying data, drawer layouts, and scan/compliance/finding views surfacing stale or mislabeled context.

🆕 AWS Checks

Bedrock Security Hardening

Four new AWS checks tightening the blast radius around Amazon Bedrock and the identities that can reach it:

• bedrock_full_access_policy_attached — flags IAM principals with AmazonBedrockFullAccess or equivalent wildcard Bedrock permissions attached
• iam_role_access_not_stale_to_bedrock and iam_user_access_not_stale_to_bedrock — catch roles and users with Bedrock privileges that haven't been used recently, so dormant GenAI access stops piling up as a standing risk
• bedrock_vpc_endpoints_configured — verifies Bedrock traffic stays on private VPC endpoints instead of traversing the public internet

Explore all AWS Bedrock checks at Prowler Hub.

IAM Marketplace Guardrails

Two new IAM checks to stop the silent path from a compromised identity to a paid marketplace subscription:

• iam_policy_no_wildcard_marketplace_subscribe
• iam_inline_policy_no_wildcard_marketplace_subscribe

Both detect aws-marketplace:Subscribe granted with wildcards on managed and inline policies — a vector that turns an IAM misconfiguration into a billing incident.

Explore all AWS IAM checks at Prowler Hub.

🆕 Microsoft 365 Checks

Entra Conditional Access

• entra_conditional_access_policy_all_apps_all_users — ensures at least one CA policy targets every app and every user
• entra_conditional_access_policy_mfa_enforced_for_guest_users - checks that guest and external users have MFA enforced. Without that compromised external accounts can access tenant resources using only a password
• entra_conditional_access_policy_block_unknown_device_platforms - block access from unknown device platforms
• entra_conditional_access_policy_corporate_device_sign_in_frequency_enforced - enforces sign in for non-corporate devices, without that user sessions may persist indefinitely on unmanaged devices
• entra_conditional_access_policy_directory_sync_account_excluded — validates that the directory sync service account is excluded from restrictive CA policies to prevent sync outages

Explore all M365 Entra checks at Prowler Hub.

Intune

• intune_device_compliance_policy_unassigned_devices_not_compliant_by_default — unassigned devices should not be marked compliant by default by the built-in device policy

Explore all M365 Intune checks at Prowler Hub.

Exchange Online

• exchange_organization_delicensing_resiliency_enabled — keeps mailbox data accessible for 30 days after a license is removed, preventing accidental data loss

Explore all M365 Exchange checks at Prowler Hub.

🆕 Exclude Regions in AWS scans

Prowler now lets you exclude specific AWS regions from scans, so you can keep your scan scope focused on the regions that matter to you. You can configure exclusions with

• --excluded-region
• PROWLER_AWS_DISALLOWED_REGIONS environment variable
• aws.disallowed_regions in config.yaml

See the AWS Regions and Partitions documentation for usage examples.

UI

🚀 Added

• Resources side drawer with redesigned detail panel (#10673)
• Syntax highlighting for remediation code blocks in finding groups drawer with provider-aware auto-detection (Shell, HCL, YAML, Bicep) (#10698)

🔄 Changed

• Attack Paths scan selection: contextual button labels based on graph availability, tooltips on disabled actions, green dot indicator for selectable scans, and a warning banner when viewing data from a previous scan cycle (#10685)
• Remove legacy finding detail sheet, row-details wrapper, and resource detail panel; unify findings and resources around new side drawers (#10692)
• Attack Paths "View Finding" now opens the finding drawer inline over the graph instead of navigating to /findings in a new tab, preserving graph zoom, selection, and filter state
• Attack Paths scan table: replace action buttons with radio buttons, add dedicated Graph column, use info-colored In Progress badge, remove redundant Progress column, and fix info banner variant (#10704)

🐞 Fixed

• Findings group resource filters now strip unsupported scan parameters, display scan name instead of provider alias in filter badges, migrate mute modal from HeroUI to shadcn, and add searchable accounts/provider type selectors (#10662)
• Compliance detail page header now reflects the actual provider, alias and UID of the selected scan instead of always defaulting to AWS (#10674)
• Provider wizard modal moved to a stable page-level host so the providers table refreshes after link, authenticate, and connection check without closing the modal (#10675)

API

🔄 Changed

• Bump Poetry to 2.3.4 in Dockerfile and pre-commit hooks. Regenerate api/poetry.lock (#10681)
• Attack Paths: Remove dead cleanup_findings no-op and its supporting prowler_finding_lastupdated index (#10684)

🐞 Fixed

• Worker-beat race condition on cold start: replaced sleep 15 with API service healthcheck dependency (Docker Compose) and init containers (Helm), aligned Gunicorn default port to 8080 (#10603)
• API container startup crash on Linux due to root-owned bind-mount preventing JWT key generation (#10646)

🔐 Security

• pytest from 8.2.2 to 9.0.3 to fix CVE-2025-71176 (#10678)

SDK

🚀 Added

• entra_conditional_access_policy_directory_sync_account_excluded check for M365 provider (#10620)
• intune_device_compliance_policy_unassigned_devices_not_compliant_by_default check for M365 provider (#10599)
• entra_conditional_access_policy_all_apps_all_users check for M365 provider (#10619)
• bedrock_full_access_policy_attached check for AWS provider (#10577)
• iam_role_access_not_stale_to_bedrock and iam_user_access_not_stale_to_bedrock checks for AWS provider (#10536)
• iam_policy_no_wildcard_marketplace_subscribe and iam_inline_policy_no_wildcard_marketplace_subscribe checks for AWS provider (#10525)
• bedrock_vpc_endpoints_configured check for AWS provider (#10591)
• exchange_organization_delicensing_resiliency_enabled check for M365 provider (#10608)
• entra_conditional_access_policy_mfa_enforced_for_guest_users check for M365 provider (#10616)
• entra_conditional_access_policy_corporate_device_sign_in_frequency_enforced check for M365 provider (#10618)
• entra_conditional_access_policy_block_unknown_device_platforms check for M365 provider (#10615)
• --excluded-region CLI flag, PROWLER_AWS_DISALLOWED_REGIONS environment variable, and aws.disallowed_regions config entry to skip specific AWS regions during scans (#10688)

🔄 Changed

• Bump Poetry to 2.3.4 and consolidate SDK workflows onto the setup-python-poetry composite action with opt-in lockfile regeneration (#10681)
• Normalize Conditional Access platform values in Entra models and simplify platform-based checks (#10635)

🐞 Fixed

• Vercel firewall config handling for team-scoped projects and current API response shapes (#10695)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com/

🔎 Findings Grouped View

The problem: a real cloud environment produces thousands of findings per scan. A flat list makes it impossible to triage — the same misconfiguration repeated across 200 resources shows up as 200 rows, burying the signal, making prioritization guesswork, and turning "mute this false positive everywhere" into a click marathon. And once you're investigating a single resource, you lose sight of what else is wrong with it, because related findings are scattered across the same flat list.

The problem this solves: findings are now grouped by check. One row per check title, with severity, impacted providers, and an X of Y impacted resources counter at a glance, so Vercel project has the Web Application Firewall enabled across every affected project collapses to a single row — not one per project. Sort or filter by severity, provider, or status at the group level and triage top-down instead of drowning in per-resource rows.

Expand any group inline to see the failing resources with their UID, service, region, severity, provider, last seen, and failing for duration, then open the resource detail drawer for the full finding context: Risk, Description, Status Extended, Remediation, a direct "View in Prowler Hub" link, and a one-click Analyze This Finding With Lighthouse AI button. Bulk-mute an entire group in a single action instead of chasing duplicates across the list.

Inside the drawer, a new Other Findings For This Resource tab lists every finding that hits the same resource (passing, failing, and muted) alongside the one you opened — so when you're looking at "WAF not enabled" on a Vercel project, you immediately see skew protection, rate limiting, IP blocking, custom firewall rules, and password protection findings for that same project, instead of going back to the main list and filtering by resource UID. Pair it with the Scans and Events tabs for full context without leaving the drawer.

🏢 New Provider — Vercel

Connect Vercel teams via API token and audit deployments, domains, projects, and team settings. Ships with 26 security checks out of the box.

Explore all Vercel checks at Prowler Hub (no login required).

Read more in the Vercel provider documentation.

🏛️ Multi-Organization Management

Create, switch, edit, and delete organizations from the profile page. The active organization is switched automatically before deletion so JWTs are never rejected mid-flow.

🔒 RBAC role lookup is now scoped by tenant_id to prevent cross-tenant privilege leaks, and admin tenant listing no longer requires the MANAGE_ACCOUNT permission.

Read more in the Multi-Tenant management documentation.

💡 Thanks to @pfe-nazaries and @Davidm4r for their first contributions as part of the Prowler Team 🚀

🤖 MCP Server — Resource Events Timeline

New resource events tool in the Prowler MCP Server that returns a who/what/when timeline for a given resource. For AWS, this surfaces CloudTrail events directly to your LLM: actor identity, event name, source IP, user agent, request parameters, and response payloads — the same data that powers the Events tab in the UI, now accessible from any MCP client.

Pair it with Lighthouse AI or your own agent to ask natural-language questions like "who modified this S3 bucket policy in the last 24 hours?" or "what actions has this IAM role performed recently?" without leaving your chat interface or jumping to the AWS console.

🕸️ Attack Paths — Custom Queries Editor Improvements

Custom query editor has been improved with syntax highlighting and line numbering to help you write openCypher queries.

Read more in the Attack Paths documentation.

📚 New Compliance Frameworks for Google Workspace

More compliance coverage this time for the Google Workspace provider:

• CISA SCuBA Baselines
• CIS Foundations Benchmark v1.3.0

💡Check’s coverage will increase in the next versions.

☁️ Oracle Cloud Infrastructure Improvements

• Multi-region filtering via --region across filestorage, blockstorage, kms, compute, and identity services, including regions outside the tenancy home region
• Mutelist support now passes tenancy_id to is_finding_muted, and the example Mutelist uses the proper Accounts key
• False positive fixes in kms_key_rotation_enabled and events_rule_idp_group_mapping_changes

Explore all OCI checks at Prowler Hub.

Read more in the Oracle Cloud Infrastructure documentation.

💡 Thanks to @rchotacode for most of the OCI work this release!

🆕 Checks

AWS

• cloudfront_distributions_logging_enabled — now detects Standard Logging v2 via CloudWatch Log Delivery — thanks to @mcrolly!
• ec2_securitygroup_allow_ingress_from_internet_to_any_port_from_ip — uses ipaddress.is_global for accurate public IP detection — thanks to @raajheshkannaa!
• glue_etl_jobs_no_secrets_in_arguments — detects plaintext secrets in Glue ETL job arguments — thanks to @raajheshkannaa!
• awslambda_function_no_dead_letter_queue, awslambda_function_using_cross_account_layers, and awslambda_function_env_vars_not_encrypted_with_cmk — thanks to @sandiyochristan!
• stepfunctions_statemachine_no_secrets_in_definition — thanks to @Jeevan-88

Explore all AWS checks at Prowler Hub.

GCP — Generative Language (Gemini) API Coverage

Two new checks covering the Gemini API surface — thanks to @F30:

• apikeys_api_restricted_with_gemini_api
• gemini_api_disabled

Explore all GCP checks at Prowler Hub.

Google Workspace

15 new checks, one to increase coverage in the directory service, three for the new calendar service and eleven for drive and docs services:

• directory_super_admin_only_admin_roles
• calendar_external_sharing_primary_calendar
• calendar_external_sharing_secondary_calendar
• calendar_external_invitations_warning
• drive_external_sharing_warn_users
• drive_publishing_files_disabled
• drive_sharing_allowlisted_domains
• drive_warn_sharing_with_allowlisted_domains
• drive_access_checker_recipients_only
• drive_internal_users_distribute_content
• drive_shared_drive_creation_allowed
• drive_shared_drive_managers_cannot_override
• drive_shared_drive_members_only_access
• drive_shared_drive_disable_download_print_copy
• drive_desktop_access_disabled

Explore all Google Workspace checks at Prowler Hub.

Microsoft 365 — Conditional Access Hardening

Four new Conditional Access Policy checks for Entra ID, all aligned with Microsoft security baselines:

• entra_conditional_access_policy_mdm_compliant_device_required
• entra_conditional_access_policy_device_registration_mfa_required (plus entra_intune_enrollment_sign_in_frequency_every_time hardening)
• entra_conditional_access_policy_block_elevated_insider_risk
• entra_conditional_access_policy_block_o365_elevated_insider_risk

Explore all M365 checks at Prowler Hub.

🐍 Python 3.9 EndOfLife

Minimum Python version bumped to 3.10 as 3.9 reached end of life in October 2025.

Read more about it in this community announcement.

🛠️ CLI Improvements

• New --resource-group and --list-resource-groups flags to filter checks by resource group across all providers
• --list-checks and --list-checks-json now include the threat-detection category — thanks to @kaiisfree!
• prowler image --registry no longer fails with ImageNoImagesProvidedError — registry arguments are forwarded through init_global_provider — thanks to @eblume!

🔐 Security Updates

• Harden-Runner enabled across GitHub Actions workflows to monitor and restrict outbound network traffic during CI runs, detect unexpected endpoints, and protect against compromised dependencies exfiltrating secrets from the build environment
• CVE-2026-28802 — authlib bumped from 1.6.5 to 1.6.9 (JWT alg: none validation bypass)
• CVE-2026-26007 and CVE-2026-34073 — cryptography bumped from 44.0.3 to 46.0.6; oci to 2.169.0; alibabacloud-tea-openapi to 0.4.4
• Sensitive CLI flag values (tokens, keys, passwords) in HTML output "Parameters used" field are now redacted to prevent credential leaks
• All previously unpinned API dependencies pinned to exact versions to prevent supply chain attacks and ensure reproducible builds

🙌 Community Contributors

Thank you to our community contributors for this release!

• @rchotacode — OCI mutelist support (#10566)
• @rchotacode — Fix OCI identity clients for multi-region configuration in blockstorage, identity, and filestorage (#10520)
• @rchotacode — Add multi-region filtering argument support for OCI (#10473)
• @rchotacode — Fix OCI service region support outside tenancy home region (#10472)
• @raajheshkannaa — Add internet-exposed category to 13 AWS checks (CloudFront, CodeArtifact, EC2, EFS, RDS, SageMaker, Shield, VPC) (#10502)
• @raajheshkannaa — Add ec2_securitygroup_allow_ingress_from_internet_to_any_port_from_ip check using ipaddress.is_global for accurate public IP detection (#10335)
• @raajheshkannaa — Add glue_etl_jobs_no_secrets_in_arguments check for plaintext secrets in AWS Glue ETL job arguments (#10368)
• @sandiyochristan — Enrich AWS Lambda Function model with inventory fields and add awslambda_function_no_dead_letter_queue, awslambda_function_using_cross_account_layers, and awslambda_function_env_vars_not_encrypted_with_cmk checks (#10381)
• @mcrolly — Detect CloudFront Standard Logging v2 via CloudWatch Log Delivery in cloudfront_distributions_logging_enabled (#10090)
• @F30 — Add apikeys_api_restricted_with_gemini_api and gemini_api_disabled checks for GCP Generative Language (Gemini) API (#10280)
• @kagahd — Create distinct report per key/secret in Azure Key Vault checks (#10332)
• @terryf82 — Add VALKEY_SCHEME, VALKEY_USERNAME, and VALKEY_PASSWORD environment variables to configure Celery broker TLS/auth for Valkey/ElastiCache (#10420)
• @apoorvdarshan — Remove return statements from finally blocks across IAM, Organizations, GCP provider, and custom checks metadata to stop silently swallowing exceptions (#10102)
• @eblume — Pass registry arguments through init_global_provider to fix prowler image --registry failing with ImageNoImagesProvidedError (#10470)
• @kaiisfree — Include threat-detection category checks in -list-checks and -list-checks-json output (#10578)
• @Jeevan-88 — Add stepfunctions_statemachine_no_secrets_in_definition (#10625)

UI

🚀 Added

• Invitation accept smart router for handling invitation flow routing (#10573)
• Invitation link backward compatibility (#10583)
• Updated invitation link to use smart router (#10575)
• Multi-tenant organization management: create, switch, edit, and delete organizations from the profile page (#10491)
• Findings grouped view with drill-down table showing resources per check, resource detail drawer, infinite scroll pagination, and bulk mute support (#10425)
• Resource events tool to Lighthouse AI (#10412)
• Vercel provider: connect Vercel teams via API token, scan deployments, domains, projects, and team settings (#10191)

🔄 Changed

• Attack Paths custom openCypher queries now use a code editor with syntax highlighting and line numbers (#10445)
• Attack Paths custom openCypher queries now link to the Prowler documentation with examples and how-to guidance instead of the upstream Cartography schema URL
• Filter summary strip: removed redundant "Clear all" link next to pills (use top-bar Clear Filters instead) and switched chip variant from outline to tag for consistency (#10481)

🐞 Fixed

• Preserve query parameters in callbackUrl during invitation flow (#10571)
• Deleting the active organization now switches to the target org before deleting, preventing JWT rejection from the backend (#10491)
• Clear Filters now resets all filters including muted findings and auto-applies, Clear all in pills only removes pill-visible sub-filters, and the discard icon is now an Undo text button (#10446)
• Send to Jira modal now dynamically fetches and displays available issue types per project instead of hardcoding "Task", fixing failures on non-English Jira instances (#10534)
• Exclude service filter from finding group resources endpoint to prevent empty results when a service filter is active (#10652)

API

🚀 Added

• RBAC role lookup filtered by tenant_id to prevent cross-tenant privilege leak (#10491)
• VALKEY_SCHEME, VALKEY_USERNAME, and VALKEY_PASSWORD environment variables to configure Celery broker TLS/auth connection details for Valkey/ElastiCache (#10420)
• Vercel provider support (#10190)
• Finding groups list and latest endpoints support sort=delta, ordering by new_count then changed_count so groups with the most new findings rank highest (#10606)
• Finding group resources endpoints (/finding-groups/{check_id}/resources and /finding-groups/latest/{check_id}/resources) now expose finding_id per row, pointing to the most recent matching Finding for each resource. UUIDv7 ordering guarantees Max(finding__id) resolves to the latest snapshot (#10630)
• Handle CIS and CISA SCuBA compliance framework from google workspace (#10629)

🔄 Changed

• Finding groups list/latest/resources now expose status ∈ {FAIL, PASS, MANUAL} and muted: bool as orthogonal fields. The aggregated status reflects the underlying check outcome regardless of mute state, and muted=true signals that every finding in the group/resource is muted. New manual_count is exposed alongside pass_count/fail_count, plus pass_muted_count/fail_muted_count/manual_muted_count siblings so clients can isolate the muted half of each status. The new_*/changed_* deltas are now broken down by status and mute state via 12 new counters (new_fail_count, new_fail_muted_count, new_pass_count, new_pass_muted_count, new_manual_count, new_manual_muted_count and the matching changed_* set). New filter[muted]=true|false and sort=status (FAIL > PASS > MANUAL) / sort=muted are supported. filter[status]=MUTED is no longer accepted (#10630)
• Attack Paths: Periodic cleanup of stale scans with dead-worker detection via Celery inspect, marking orphaned EXECUTING scans as FAILED and recovering graph_data_ready (#10387)
• Attack Paths: Replace _provider_id property with _Provider_{uuid} label for provider isolation, add regex-based label injection for custom queries (#10402)

🐞 Fixed

• reaggregate_all_finding_group_summaries_task now refreshes finding group daily summaries for every (provider, day) combination instead of only the latest scan per provider, matching the unbounded scope of mute_historical_findings_task. Mute rule operations no longer leave older daily summaries drifting from the underlying muted findings (#10630)
• Finding groups list/latest now apply computed status/severity filters and finding-level prefilters (delta, region, service, category, resource group, scan, resource type), plus check_title support for sort/filter consistency (#10428)
• Populate compliance data inside check_metadata for findings, which was always returned as null (#10449)
• 403 error for admin users listing tenants due to roles query not using the admin database connection (#10460)
• Filter transient Neo4j defunct connection logs in Sentry before_send to suppress false-positive alerts handled by RetryableSession retries (#10452)
• MANAGE_ACCOUNT permission no longer required for listing and creating tenants (#10468)
• Finding groups muted filter, counters, metadata extraction and mute reaggregation (#10477)
• Finding groups check_title__icontains resolution, name__icontains resource filter and resource_group field in /resources response (#10486)
• Membership post_delete signal using raw FK ids to avoid DoesNotExist during cascade deletions (#10497)
• Finding group resources endpoints returning false 404 when filters match no results, and sort parameter being ignored (#10510)
• Jira integration failing with JiraInvalidIssueTypeError on non-English Jira instances due to hardcoded "Task" issue type; now dynamically fetches available issue types per project (#10534)
• Finding group first_seen_at now reflects when a new finding appeared in the scan instead of the oldest carry-forward date across all unchanged findings (#10595)
• Attack Paths: Remove clear_cache call from read-only query endpoints; cache clearing belongs to the scan/ingestion flow, not API queries (#10586)

🔐 Security

• Pin all unpinned dependencies to exact versions to prevent supply chain attacks and ensure reproducible builds (#10469)
• authlib bumped from 1.6.6 to 1.6.9 to fix CVE-2026-28802 (JWT alg: none validation bypass) (#10579)
• aiohttp bumped from 3.13.3 to 3.13.5 to fix CVE-2026-34520 (the C parser accepted null bytes and control characters in response headers) (#10538)

SDK

🚀 Added

• apikeys_api_restricted_with_gemini_api and gemini_api_disabled checks for GCP provider (#10280)
• cloudfront_distributions_logging_enabled detects Standard Logging v2 via CloudWatch Log Delivery (#10090)
• glue_etl_jobs_no_secrets_in_arguments check for plaintext secrets in AWS Glue ETL job arguments (#10368)
• awslambda_function_no_dead_letter_queue, awslambda_function_using_cross_account_layers, and awslambda_function_env_vars_not_encrypted_with_cmk checks for AWS Lambda (#10381)
• entra_conditional_access_policy_mdm_compliant_device_required check for M365 provider (#10220)
• directory_super_admin_only_admin_roles check for Google Workspace provider (#10488)
• ec2_securitygroup_allow_ingress_from_internet_to_any_port_from_ip check for AWS provider using ipaddress.is_global for accurate public IP detection (#10335)
• entra_conditional_access_policy_block_o365_elevated_insider_risk check for M365 provider (#10232)
• --resource-group and --list-resource-groups CLI flags to filter checks by resource group across all providers (#10479)
• CISA SCuBA Google Workspace Baselines compliance (#10466)
• CIS Google Workspace Foundations Benchmark v1.3.0 compliance (#10462)
• calendar_external_sharing_primary_calendar, calendar_external_sharing_secondary_calendar, and calendar_external_invitations_warning checks for Google Workspace provider using the Cloud Identity Policy API (#10597)
• 11 Drive and Docs checks for Google Workspace provider (drive_external_sharing_warn_users, drive_publishing_files_disabled, drive_sharing_allowlisted_domains, drive_warn_sharing_with_allowlisted_domains, drive_access_checker_recipients_only, drive_internal_users_distribute_content, drive_shared_drive_creation_allowed, drive_shared_drive_managers_cannot_override, drive_shared_drive_members_only_access, drive_shared_drive_disable_download_print_copy, drive_desktop_access_disabled) using the Cloud Identity Policy API (#10648)
• entra_conditional_access_policy_device_registration_mfa_required check and entra_intune_enrollment_sign_in_frequency_every_time enhancement for M365 provider (#10222)
• entra_conditional_access_policy_block_elevated_insider_risk check for M365 provider (#10234)
• Vercel provider support with 30 checks (#10189)
• internet-exposed category for 13 AWS checks (CloudFront, CodeArtifact, EC2, EFS, RDS, SageMaker, Shield, VPC) (#10502)
• stepfunctions_statemachine_no_secrets_in_definition check for hardcoded secrets in AWS Step Functions state machine definitions (#10570)
• CCC improvements with the latest checks and new mappings (#10625)

🔄 Changed

• Minimum Python version from 3.9 to 3.10 and updated classifiers to reflect supported versions (3.10, 3.11, 3.12) (#10464)
• Pin direct SDK dependencies to exact versions and rely on poetry.lock artifact hashes for reproducible installs (#10593)
• Sensitive CLI flags now warn when values are passed directly, recommending environment variables instead (#10532)

🐞 Fixed

• OCI mutelist support: pass tenancy_id to is_finding_muted and update oraclecloud_mutelist_example.yaml to use Accounts key (#10566)
• return statements in finally blocks replaced across IAM, Organizations, GCP provider, and custom checks metadata to stop silently swallowing exceptions (#10102)
• JiraConnection now includes issue types per project fetched during test_connection, fixing JiraInvalidIssueTypeError on non-English Jira instances (#10534)
• --list-checks and --list-checks-json now include threat-detection category checks in their output (#10578)
• Missing __init__.py in codebuild_project_uses_allowed_github_organizations check preventing discovery by --list-checks (#10584)
• Azure Key Vault checks emitting incorrect findings for keys, secrets, and vault logging (#10332)
• is_policy_public now recognizes kms:CallerAccount, kms:ViaService, aws:CalledVia, aws:CalledViaFirst, and aws:CalledViaLast as restrictive condition keys, fixing false positives in kms_key_policy_is_not_public and other checks that use is_condition_block_restrictive (#10600)
• _enabled_regions empty-set bug in AwsProvider.generate_regional_clients creating boto3 clients for all 36 AWS regions instead of the audited ones, causing random CI timeouts and slow test runs (#10598)
• Retrieve only the latest version from a package in AWS CodeArtifact (#10243)
• AWS global services (CloudFront, Route53, Shield, FMS) now use the partition's global region instead of the profile's default region (#10458)
• Oracle Cloud events_rule_idp_group_mapping_changes now recognizes the CIS 3.1 add/remove event names to avoid false positives (#10416)
• Oracle Cloud password policy checks now exclude immutable system-managed policies (SimplePasswordPolicy, StandardPasswordPolicy) to avoid false positives (#10453)
• Oracle Cloud kms_key_rotation_enabled now checks current key version age to avoid false positives on vaults without auto-rotation support (#10450)
• OCI filestorage, blockstorage, KMS, and compute services now honor --region for scanning outside the tenancy home region (#10472)
• OCI provider now supports multi-region filtering via --region (#10473)
• prowler image --registry failing with ImageNoImagesProvidedError due to registry arguments not being forwarded to ImageProvider in init_global_provider (#10470)
• OCI multi-region support for identity client configuration in blockstorage, identity, and filestorage services (#10520)
• Google Workspace Calendar checks now filter for customer-level policies only, skipping OU and group overrides that could produce incorrect audit results (#10658)

🔐 Security

• Sensitive CLI flag values (tokens, keys, passwords) in HTML output "Parameters used" field now redacted to prevent credential leaks (#10518)
• authlib bumped from 1.6.5 to 1.6.9 to fix CVE-2026-28802 (JWT alg: none validation bypass) (#10579)
• cryptography bumped from 44.0.3 to 46.0.6 (CVE-2026-26007, CVE-2026-34073), oci to 2.169.0, and alibabacloud-tea-openapi to 0.4.4 (#10535)
• aiohttp bumped from 3.13.3 to 3.13.5 to fix CVE-2026-34520 (the C parser accepted null bytes and control characters in response headers) (#10537)

MCP

🚀 Added

• Resource events tool to get timeline for a resource (who, what, when) (#10412)

🔄 Changed

• Pin httpx dependency to exact version for reproducible installs (#10593)

🔐 Security

• authlib bumped from 1.6.5 to 1.6.9 to fix CVE-2026-28802 (JWT alg: none validation bypass) (#10579)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

Findings page — Batch filter apply

Selecting filters no longer triggers a page re-render on each change. A new "Apply Filters" button lets you configure multiple filters before executing the query, fixing layout shifts and improving responsiveness.

Attack Paths — Custom queries

Run custom openCypher queries against your Attack Paths graph alongside predefined queries. Use Lighthouse AI to help generate them.

Predefined Attack Paths queries now run faster 🚀

Read more about it in Attack Paths documentation

🙌 Community Contributors

• @sandiyochristan — Replace stdlib XML parser with defusedxml in SAML metadata parsing to prevent XML bomb (billion laughs) DoS attacks (#10165)

UI

🚀 Added

• Attack Paths custom openCypher queries with Cartography schema guidance and clearer execution errors (#10397)

🔄 Changed

• Findings filters now use a batch-apply pattern with an Apply Filters button, filter summary strip, and independent filter options instead of triggering API calls on every selection (#10388)

API

🚀 Added

• Finding groups support check_title substring filtering (#10377)

🐞 Fixed

• Finding groups latest endpoint now aggregates the latest snapshot per provider before check-level totals, keeping impacted resources aligned across providers (#10419)
• Mute rule creation now triggers finding-group summary re-aggregation after historical muting, keeping stats in sync after mute operations (#10419)
• Attack Paths: Deduplicate nodes before ProwlerFinding lookup in Attack Paths Cypher queries, reducing execution time (#10424)

🔐 Security

• Replace stdlib XML parser with defusedxml in SAML metadata parsing to prevent XML bomb (billion laughs) DoS attacks (#10165)
• Bump flask to 3.1.3 (CVE-2026-27205) and werkzeug to 3.1.6 (CVE-2026-27199) (#10430)

SDK

🐞 Fixed

• Azure MySQL flexible server checks now compare configuration values case-insensitively to avoid false negatives when Azure returns lowercase values (#10396)
• Azure vm_backup_enabled and vm_sufficient_daily_backup_retention_period checks now compare VM names case-insensitively to avoid false negatives when Azure stores backup item names in a different case (#10395)
• entra_non_privileged_user_has_mfa skips disabled users to avoid false positives (#10426)

API

🐞 Fixed

• ThreatScore aggregation query to eliminate unnecessary JOINs and COUNT(DISTINCT) overhead (#10394)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🏛️ Google Workspace - Full App Support

Google Workspace provider is now fully integrated with the Prowler App. You can now connect and scan your Google Workspace environment directly from the UI.

Read more in our Google Workspace documentation.

Explore all Google Workspace checks at Prowler Hub.

🤖 Lighthouse AI

We've added a new system to provide AI skills to Lighthouse AI alongside the first one: Attack Path Custom Query. This skill provides the LLM with openCypher syntax guidance and Cartography schema knowledge for writing graph queries against Prowler's data.

This was included alongside a new tool in the Prowler MCP to get the Cartography's scan schema.

📖 Check Metadata

We've completed the check's metadata migration to the new format 🎉 Now all are structured in the same way.

Huge shoutout to the Prowler's Detection&Remediation team for this massive effort!

Read more in our Check Metadata Guidelines

⌛ AWS Resource Timeline

You can now see the last 90 days of AWS CloudTrail events for a given findings!

AWS resource modification history is now visible directly in the App. A new Events tab in Findings and Resource detail cards shows an AWS CloudTrail timeline with expandable event rows, actor details, request/response JSON payloads, and error information. A read-event toggle lets you include or exclude read-only API calls from the timeline.

🐳 Container Image

Container Image provider is now fully integrated with the Prowler App. You can now connect and scan your container registry directly from the UI.

Read more in our Container Image documentation.

🏛️ AWS Organizations Improvements

We've upgraded AWS Organizations management in the Cloud Providers page with greater flexibility and control. You can now edit organization names and credentials, run connection tests across all accounts or scoped to a specific organizational unit, and delete individual organizational units or full organizations.

🕸️ Attack Paths Improvements

We continued improving Attack Paths UX by improving performance and adding more labels to improve filtering when using custom queries.

📄 Compliance

We've improved compliance coverage with the following frameworks:

• SecNumCloud 3.2 for AWS, Azure, GCP, Alibaba and Oracle Cloud
• Reserve Bank of India (RBI) for Azure

🔍 New Checks

Microsoft 365

• entra_conditional_access_policy_device_code_flow_blocked - Conditional Access policy blocks device code flow to prevent phishing attacks
• entra_conditional_access_policy_require_mfa_for_admin_portals - Conditional Access policy requires MFA for Microsoft Admin Portals

Explore all Microsoft 365 checks at Prowler Hub.

Github

• organization_repository_deletion_limited - Organization repository deletion and transfer is restricted to owners - Thanks to @shalkoda

Explore all Github checks at Prowler Hub.

🙌 Community Contributors

• @shalkoda — organization_repository_deletion_limited check for Github (#10185)
• @AlienwareSec - Route53 dangling IP check false positive when using --region flag (#9952)
• @tejas0077 - RBI compliance for the Azure provider (#10339)
• @JiwaniZakir - CORS_ALLOWED_ORIGINS configurable via environment variable (#10355)

UI

🚀 Added

• Skill system to Lighthouse AI (#10322)
• Skill for creating custom queries on Attack Paths (#10323)

🔄 Changed

• Google Workspace provider support (#10333)
• Image (Container Registry) provider support in UI: badge icon, credentials form, and provider-type filtering (#10167)
• Events tab in Findings and Resource detail cards showing an AWS CloudTrail timeline with expandable event rows, actor info, request/response JSON payloads, and error details (#10320)
• AWS Organization and organizational unit row actions (Edit Name, Update Credentials, Test Connections, Delete) in providers table dropdown (#10317)

API

🚀 Added

• CORS_ALLOWED_ORIGINS configurable via environment variable (#10355)
• Attack Paths: Tenant and provider related labels to the nodes so they can be easily filtered on custom queries (#10308)

🔄 Changed

• Attack Paths: Complete migration to private graph labels and properties, removing deprecated dual-write support (#10268)
• Attack Paths: Reduce sync and findings memory usage with smaller batches, cursor iteration, and sequential sessions (#10359)

🐞 Fixed

• Attack Paths: Recover graph_data_ready flag when scan fails during graph swap, preventing query endpoints from staying blocked until the next successful scan (#10354)

🔐 Security

• Use psycopg2.sql to safely compose DDL in PostgresEnumMigration, preventing SQL injection via f-string interpolation (#10166)

SDK

🚀 Added

• misconfig scanner as default for Image provider scans (#10167)
• entra_conditional_access_policy_device_code_flow_blocked check for M365 provider (#10218)
• RBI compliance for the Azure provider (#10339)
• entra_conditional_access_policy_require_mfa_for_admin_portals check for Azure provider and update CIS compliance (#10330)
• CheckMetadata Pydantic validators (#8583)
• organization_repository_deletion_limited check for GitHub provider (#10185)
• SecNumCloud 3.2 for the GCP provider (#10364)
• SecNumCloud 3.2 for the Azure provider (#10358)
• SecNumCloud 3.2 for the Alibaba Cloud provider (#10370)
• SecNumCloud 3.2 for the Oracle Cloud provider (#10371)

🔄 Changed

• Bump pygithub from 2.5.0 to 2.8.0 to use native Organization properties
• Update M365 SharePoint service metadata to new format (#9684)
• Update M365 Exchange service metadata to new format (#9683)
• Update M365 Teams service metadata to new format (#9685)
• Update M365 Entra ID service metadata to new format (#9682)
• Update ResourceType and Categories for Azure Entra ID service metadata (#10334)
• Update OCI Regions to include US DoD regions (#10375)

🐞 Fixed

• Route53 dangling IP check false positive when using --region flag (#9952)
• RBI compliance framework support on Prowler Dashboard for the Azure provider (#10360)
• CheckMetadata strict validators rejecting valid external tool provider data (image, iac, llm) (#10363)

🔐 Security

• Bump multipart to 1.3.1 to fix GHSA-p2m9-wcp5-6qw3 (#10331)

MCP

🚀 Added

• Attack Path tool to get Neo4j DB schema (#10321)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🏛️ AWS Organizations Improvements

[!NOTE]
Available exclusively in Prowler Cloud.

• We've improved the AWS Organizations onboarding wizard making it easier to deploy the required CloudFormation templates.
• Findings now include Organizational Unit ID and name across all output formats (ASFF, OCSF, CSV), giving you full visibility into which OU each account belongs to — Thanks to @raajheshkannaa!
• Cloud Providers page shows your AWS Organizations hierarchy tree with organizational units and accounts.

🕸️ Attack Paths Improvements

• APOC to standard openCypher migration: Network exposure queries now use standard openCypher instead of APOC procedures, making them use better open standards
• Cartography upgrade: Upgraded from 0.129.0 to 0.132.0, fixing exposed_internet not being set on ELB/ELBv2 nodes
• Custom query endpoint: Cypher blocklist, input validation, rate limiting, and Helm lockdown for hardening its security
• Security hardening — Cypher blocklist, input validation, rate limiting, and Helm lockdown for the custom query endpoint
• Better error handling: Server errors (5xx) and network failures now show user-friendly messages instead of raw internal errors
• Improved logging: Query execution and scan error handling now log properly
• Several UX improvements in the Attack Paths page

🏛️ Google Workspace - API Only

Google Workspace is now fully integrated with the Prowler API. After being introduced as a CLI-only provider in v5.19.0, you can now connect and scan your Google Workspace environment directly from the API. Full App support will be included in the next release.

Read more in our Google Workspace documentation.

Explore all Google Workspace checks at Prowler Hub.

☁️ OpenStack — Object Storage Service

OpenStack continues to expand with a brand new Object Storage service adding 7 security checks covering container access control, versioning, encryption, metadata hygiene, and lifecycle management.

Read more in our OpenStack documentation.

Explore all OpenStack checks at Prowler Hub.

🔍 New Checks

AWS

• guardduty_delegated_admin_enabled_all_regions - Verify that a delegated administrator account is configured for GuardDuty - Thanks to @m-wentz!
• opensearch_service_domains_not_publicly_accessible - Now supports a trusted_ips configuration option. If your OpenSearch domain has a resource policy restricting access to known IPs, you no longer get a false positive on the public accessibility check — Thanks to @codename470!

Explore all AWS checks at Prowler Hub.

Microsoft 365

• entra_conditional_access_policy_approved_client_app_required_for_mobile — Requires approved client apps on mobile devices
• entra_conditional_access_policy_compliant_device_hybrid_joined_device_mfa_required — Requires compliant/hybrid-joined device or MFA

Explore all M365 checks at Prowler Hub.

🐞 Bug Fixes

We've added several bug fixes to improve the user experience across the application.

⛵ Community Helm Chart

Prowler now has an official community-maintained Helm chart for self-hosted deployments on Kubernetes. The chart is published as an OCI artifact to oci://ghcr.io/prowler-cloud/charts/prowler on every release.

Check it on https://ghcr.io/prowler-cloud/charts/prowler

Thanks to @Ca-moes and @Utwo for building and maintaining this chart!

🙌 Community Contributors

• @m-wentz — guardduty_delegated_admin_enabled_all_regions check for AWS (#9867)
• @codename470 — trusted_ips config for OpenSearch check (#8631)
• @raajheshkannaa — AWS Organizations OU metadata in outputs (#10283)
• @Ca-moes @Utwo — Helm Continuous Deployment (#10079)

UI

🔄 Changed

• Attack Paths: Improved error handling for server errors (5xx) and network failures with user-friendly messages instead of raw internal errors and layout changes (#10249)
• Refactor simple providers with new components and styles (#10259)
• Providers page redesigned with cloud organization hierarchy, HeroUI-to-shadcn migration, organization and account group filters, and row selection for bulk actions (#10292)
• AWS Organizations onboarding now uses a clearer 3-step flow: deploy the ProwlerScan role in the management account via CloudFormation Stack, deploy to member accounts via StackSet with a copyable template URL, and confirm with the Role ARN (#10274)

🐞 Fixed

• Provider wizard now closes after updating credentials instead of incorrectly advancing to the Launch Scan step, which caused API errors for providers with existing scheduled scans (#10278)
• Attack Paths query builder sending stale parameters from previous query selections due to validation schema and default values being recreated on every render (#10306)
• Finding detail drawer crashing when resource, scan, or provider relationships are missing from the API response (#10314)

🔐 Security

• npm transitive dependencies patched to resolve 11 Dependabot alerts (6 HIGH, 4 MEDIUM, 1 LOW): hono, @hono/node-server, fast-xml-parser, serialize-javascript, minimatch (#10267)

API

🔄 Changed

• Attack Paths: Migrate network exposure queries from APOC to standard openCypher for Neo4j and Neptune compatibility (#10266)
• POST /api/v1/providers returns 409 Conflict if already exists (#10293)

🐞 Fixed

• Attack Paths: Security hardening for custom query endpoint (Cypher blocklist, input validation, rate limiting, Helm lockdown) (#10238)
• Attack Paths: Missing logging for query execution and exception details in scan error handling (#10269)
• Attack Paths: Upgrade Cartography from 0.129.0 to 0.132.0, fixing exposed_internet not set on ELB/ELBv2 nodes (#10272)

SDK

🚀 Added

• entra_conditional_access_policy_approved_client_app_required_for_mobile check for M365 provider (#10216)
• entra_conditional_access_policy_compliant_device_hybrid_joined_device_mfa_required check for M365 provider (#10197)
• trusted_ips configurable option for opensearch_service_domains_not_publicly_accessible check to reduce false positives on IP-restricted policies (#8631)
• guardduty_delegated_admin_enabled_all_regions check for AWS provider (#9867)
• OpenStack object storage service with 7 checks (#10258)
• AWS Organizations OU metadata (OU ID, OU path) in ASFF, OCSF and CSV outputs (#10283)

🔄 Changed

• Update Kubernetes API server checks metadata to new format (#9674)
• Update Kubernetes Controller Manager service metadata to new format (#9675)
• Update Kubernetes Core service metadata to new format (#9676)
• Update Kubernetes Kubelet service metadata to new format (#9677)
• Update Kubernetes RBAC service metadata to new format (#9678)
• Update Kubernetes Scheduler service metadata to new format (#9679)
• Update MongoDB Atlas Organizations service metadata to new format (#9658)
• Update MongoDB Atlas clusters service metadata to new format (#9657)
• Update GitHub Repository service metadata to new format (#9659)
• Update GitHub Organization service metadata to new format (#10273)
• Update Oracle Cloud Compute Engine service metadata to new format (#9371)
• Update Oracle Cloud Database service metadata to new format (#9372)
• Update Oracle Cloud File Storage service metadata to new format (#9374)
• Update Oracle Cloud Integration service metadata to new format (#9376)
• Update Oracle Cloud KMS service metadata to new format (#9377)
• Update Oracle Cloud Network service metadata to new format (#9378)
• Update Oracle Cloud Object Storage service metadata to new format (#9379)
• Update Oracle Cloud Events service metadata to new format (#9373)
• Update Oracle Cloud Identity service metadata to new format (#9375)
• Update Alibaba Cloud services metadata to new format (#10289)
• Update M365 Admin Center service metadata to new format (#9680)
• Update M365 Defender service metadata to new format (#9681)
• Update M365 Purview service metadata to new format (#9092)

✨ New features to highlight in this version

Enjoy them all now like a Pro at https://cloud.prowler.com

🏛️ AWS Organizations Onboarding

[!NOTE]
Available exclusively in Prowler Cloud.

Connect multiple AWS accounts from your Organization in a single flow. Select accounts from your AWS Organization hierarchy and onboard them all at once — no more adding accounts one by one.

Read more in our AWS Organizations in Prowler Cloud documentation.

📤 Import Findings

[!NOTE]
Available exclusively in Prowler Cloud.

Scan results can now be imported into Prowler Cloud for centralized visibility and correlation. Available via:

• CLI — --push-to-cloud flag uploads findings in OCSF directly
• API — POST /api/v1/ingestions endpoint for CI/CD and automation workflows

Read more in our import findings documentation. Thanks to @sonofagl1tch for their contribution and continued support!

☁️ OpenStack — Multi-Region & New Services

OpenStack support matures with:

• Multiple regions scanned from a single provider configuration
• 7 new Compute security checks covering instance, network, and security group configurations
• 6 new Networking security checks covering security groups, port security, DHCP, and network state
• 7 new Block Storage security checks covering volume encryption, sensitive metadata, backups, and resource hygiene
• 6 new Image security checks covering visibility, signature verification, deletion protection, encryption, and Secure Boot
• Full App integration — OpenStack providers can now be managed from the UI

Read more in our OpenStack documentation.

Explore all OpenStack checks at Prowler Hub.

🐳 Container Image Scanning

A brand new Image provider powered by Trivy brings container image security scanning to Prowler. Scan individual images or entire registries for vulnerabilities:

• Single image mode: Scan any container image by tag or digest
• Registry scan mode: Enumerate and scan all images from OCI-standard registries, Docker Hub, and Amazon ECR
• Available via CLI and API — full App support coming in the next release

Read more in our Image provider documentation.

Explore all Image checks at Prowler Hub.

🏢 Google Workspace Provider - CLI

A new Google Workspace provider brings organizational security visibility to Prowler, starting with the Directory service.

It's the 1st provider in Prowler for @lydiavilchez 🙌

Explore all Google Workspace checks at Prowler Hub

☁️ Cloudflare — Now in the App

After being introduced in the CLI in v5.17.0, Cloudflare now has full App support in the Prowler App with 29 security checks covering:

• TLS/SSL
• DNS
• Email security
• WAF
• Bot protection
• Zone configuration.

Read more in our Cloudflare documentation.

Explore all CloudFlare checks at Prowler Hub.

🕸️ Attack Paths — Major Upgrades

The Attack Paths feature receives significant enhancements in this release:

• Full query library from pathfinding.cloud — comprehensive set of privilege escalation and lateral movement detection queries
• Query descriptions and source links — each query now includes a detailed description and a link to its source at pathfinding.cloud
• Cartography upgrade — from fork 0.126.1 to upstream 0.129.0, with Neo4j driver upgraded from 5.x to 6.x
• Read-only query execution — queries now run in read-only mode for safety
• Provider-scoped results — query results are filtered by provider, preventing cross-tenant and cross-provider data leakage
• Improved reliability — orphaned Neo4j databases are cleaned up on scan failure, and provider deletion no longer causes DatabaseError

🤖 Attack Paths in Prowler MCP Server

The Prowler MCP Server now includes Attack Paths tools, enabling AI agents to query and analyze privilege escalation and lateral movement paths directly. Connect your AI assistant at mcp.prowler.com/mcp.

📚 New Compliance Frameworks

CSA CCM 4.0

The Cloud Security Alliance Cloud Controls Matrix v4.0 is now available across five providers: AWS, Azure, GCP, Oracle Cloud, and Alibaba Cloud.

CIS 6.0 for AWS

The latest CIS Amazon Web Services Foundations Benchmark v6.0 is now available, bringing updated security controls aligned with current AWS best practices.

SecNumCloud for AWS

The ANSSI SecNumCloud qualification framework is now available for AWS, covering French cloud security requirements.

🔗 Unified Provider Wizard

The provider connection flow has been completely redesigned into a modal wizard with a unified experience across all provider types.

🔍 New Checks

Microsoft 365

12 new security checks covering Entra ID, Defender for Identity, Defender XDR, and email protection.

• entra_conditional_access_policy_app_enforced_restrictions — App enforced restrictions
• entra_app_registration_no_unused_privileged_permissions — Unused privileged permissions
• entra_seamless_sso_disabled — Seamless SSO disabled
• entra_conditional_access_policy_require_mfa_for_management_api — MFA for management API
• defenderidentity_health_issues_no_open — Defender for Identity health
• defenderxdr_endpoint_privileged_user_exposed_credentials — Exposed credentials detection
• defenderxdr_critical_asset_management_pending_approvals — Critical asset management
• defender_safe_attachments_policy_enabled — Safe Attachments policy
• defender_safelinks_policy_enabled — Safe Links policy
• entra_default_app_management_policy_enabled — Default app management policy enabled
• entra_authentication_method_sms_voice_disabled - Disable SMS and voice authentication
• entra_break_glass_account_fido2_security_key_registered - Break glass accounts should have a FIDO2 security key

Explore all M365 checks at Prowler Hub.

AWS

Enhanced IAM privilege escalation detection with patterns from the pathfinding.cloud library

Explore all AWS checks at Prowler Hub.

OpenStack

26 new security checks across four services:

Compute (7 checks)

• compute_instance_config_drive_enabled — Config drive for secure metadata delivery
• compute_instance_isolated_private_network — Network isolation (private-only IPs)
• compute_instance_key_based_authentication — SSH key-based auth configuration
• compute_instance_locked_status_enabled — Instance lock status protection
• compute_instance_metadata_sensitive_data — Secrets in instance metadata
• compute_instance_public_ip_exposed — Publicly exposed instances
• compute_instance_trusted_image_certificates — Image signature verification

Networking (6 checks)

• networking_security_group_allows_ssh_from_internet — SSH (port 22) exposed to the internet
• networking_security_group_allows_rdp_from_internet — RDP (port 3389) exposed to the internet
• networking_security_group_allows_all_ingress_from_internet — Security groups allowing all ingress from the internet
• networking_port_security_disabled — Networks/ports allowing MAC/IP spoofing attacks
• networking_subnet_dhcp_disabled — Subnets without DHCP auto-configuration
• networking_admin_state_down — Administratively disabled networks

Block Storage (7 checks)

• blockstorage_volume_encryption_enabled — Volumes without encryption enabled
• blockstorage_volume_metadata_sensitive_data — Sensitive data in volume metadata
• blockstorage_snapshot_metadata_sensitive_data — Sensitive data in snapshot metadata
• blockstorage_volume_backup_exists — Volumes without any backups
• blockstorage_volume_multiattach_disabled — Volumes with multi-attach enabled
• blockstorage_volume_not_unattached — Orphaned volumes with no attachments
• blockstorage_snapshot_not_orphaned — Snapshots referencing non-existent source volumes

Image (6 checks)

• image_not_publicly_visible — Publicly visible images exposing OS configs and credentials
• image_not_shared_with_multiple_projects — Images shared with too many projects
• image_signature_verification_enabled — Images without cryptographic signature verification
• image_protected_status_enabled — Images without deletion protection
• image_encryption_enabled — Images without guest memory encryption (AMD SEV)
• image_secure_boot_enabled — Images without Secure Boot required

Explore all OpenStack checks at Prowler Hub.

GitHub

• organization_verified_badge — Verified badge on GitHub organizations — thanks to @kushpatel321!

Explore all Github checks at Prowler Hub.

🔐 Security Updates

• py-ocsf-models 0.8.1 and cryptography 44.0.3
• Pillow 12.1.1 (CVE-2021-25289)
• azure-core 1.38.x removing CVE-2026-21226 safety ignore
• npm dependencies updated resolving 20 Dependabot alerts (2 CRITICAL, 7 HIGH, 9 MEDIUM, 2 LOW)
• defusedxml XXE vulnerability fix for Alibaba Cloud OSS — thanks to @sandiyochristan!

🔒 CI Security Hardening

GitHub Actions workflows have been audited and hardened using zizmor, which is now integrated into CI. Fixes include expression injection prevention, credential persistence controls, and overall workflow hardening in (#10200) (#10207) (#10208)

🙌 Community Contributors

• @sonofagl1tch — Import Findings to Prowler Cloud support
• @kushpatel321 — organization_verified_badge check for GitHub provider (#10033)
• @HarshCasper — Respect AWS_ENDPOINT_URL for STS session creation (#10228)
• @anthonytwh — Apply provider/account filters to Findings Severity Over Time chart (#10103)
• @sandiyochristan — defusedxml XXE vulnerability fix for Alibaba Cloud OSS (#9999)
• @sbldevnet - For testing CloudFlare provider thoroughly

UI

🚀 Added

• OpenStack provider support in the UI (#10046)
• PDF report available for the CSA CCM compliance framework (#10088)
• Cloudflare provider support (#9910)
• CSV and PDF download buttons in compliance views (#10093)
• Add SecNumCloud compliance framework (#10117)
• Attack Paths tools added to Lighthouse AI workflow allowed list (#10175)

🔄 Changed

• Attack Paths: Query list now shows their name and short description, when one is selected it also shows a longer description and an attribution if it has it (#9983)
• Updated GitHub provider form placeholder to clarify both username and organization names are valid inputs (#9830)
• CSA CCM detailed view and small fix related with Top Failed Sections width (#10018)
• Attack Paths: Show scan data availability status with badges and tooltips, allow selecting scans for querying while a new scan is in progress (#10089)
• Attack Paths: Catches not found and permissions (for read only queries) errors (#10140)
• Provider connection flow was unified into a modal wizard with AWS Organizations bulk onboarding, safer secret retry handling, and more stable E2E coverage (#10153) (#10154) (#10155) (#10156) (#10157) (#10158)

🐞 Fixed

• Findings Severity Over Time chart on Overview not responding to provider and account filters, and chart clipping at Y-axis maximum values (#10103)

🔐 Security

• npm dependencies updated to resolve 11 Dependabot alerts (4 HIGH, 7 MEDIUM): fast-xml-parser, @modelcontextprotocol/sdk, tar, @isaacs/brace-expansion, hono, lodash, lodash-es (#10052)
• npm transitive dependencies patched to resolve 9 Dependabot alerts (2 CRITICAL, 3 HIGH, 2 MEDIUM, 2 LOW): fast-xml-parser, rollup, minimatch, ajv, hono, qs (#10187)

API

🚀 Added

• Finding group summaries and resources endpoints for hierarchical findings views (#9961)
• OpenStack provider support (#10003)
• PDF report for the CSA CCM compliance framework (#10088)
• image provider support for container image scanning (#10128)
• Attack Paths: Custom query and Cartography schema endpoints (temporarily blocked) (#10149)

🔄 Changed

• Attack Paths: Queries definition now has short description and attribution (#9983)
• Attack Paths: Internet node is created while scan (#9992)
• Attack Paths: Add full paths set from pathfinding.cloud (#10008)
• Attack Paths: Mark attack Paths scan as failed when Celery task fails outside job error handling (#10065)
• Attack Paths: Remove legacy per-scan graph_database and is_graph_database_deleted fields from AttackPathsScan model (#10077)
• Attack Paths: Add graph_data_ready field to decouple query availability from scan state (#10089)
• Attack Paths: Upgrade Cartography from fork 0.126.1 to upstream 0.129.0 and Neo4j driver from 5.x to 6.x (#10110)
• Attack Paths: Query results now filtered by provider, preventing future cross-tenant and cross-provider data leakage (#10118)
• Attack Paths: Add private labels and properties in Attack Paths graphs for avoiding future overlapping with Cartography's ones (#10124)
• Attack Paths: Query endpoint executes them in read only mode (#10140)
• Attack Paths: Accept header query endpoints also accepts text/plain, supporting compact plain-text format for LLM consumption (#10162)
• Bump Trivy from 0.69.1 to 0.69.2 (#10210)

🐞 Fixed

• Attack Paths: Orphaned temporary Neo4j databases are now cleaned up on scan failure and provider deletion (#10101)
• Attack Paths: scan no longer raises DatabaseError when provider is deleted mid-scan (#10116)
• Tenant compliance summaries recalculated after provider deletion (#10172)
• Security Hub export retries transient replica conflicts without failing integrations (#10144)

🔐 Security

• Bump Pillow to 12.1.1 (CVE-2021-25289) (#10027)
• Remove safety ignore for CVE-2026-21226 (84420), fixed via azure-core 1.38.x (#10110)

SDK

🚀 Added

• entra_authentication_method_sms_voice_disabled check for M365 provider (#10212)
• Google Workspace provider support with Directory service including 1 security check (#10022)
• entra_conditional_access_policy_app_enforced_restrictions check for M365 provider (#10058)
• entra_app_registration_no_unused_privileged_permissions check for M365 provider (#10080)
• defenderidentity_health_issues_no_open check for M365 provider (#10087)
• organization_verified_badge check for GitHub provider (#10033)
• OpenStack provider clouds_yaml_content parameter for API integration (#10003)
• defender_safe_attachments_policy_enabled check for M365 provider (#9833)
• defender_safelinks_policy_enabled check for M365 provider (#9832)
• CSA CCM 4.0 for the AWS provider (#10018)
• CSA CCM 4.0 for the GCP provider (#10042)
• CSA CCM 4.0 for the Azure provider (#10039)
• CSA CCM 4.0 for the Oracle Cloud provider (#10057)
• OCI regions updater script and CI workflow (#10020)
• image provider for container image scanning with Trivy integration (#9984)
• CSA CCM 4.0 for the Alibaba Cloud provider (#10061)
• ECS Exec (ECS-006) privilege escalation detection via ecs:ExecuteCommand + ecs:DescribeTasks (#10066)
• --export-ocsf CLI flag to upload OCSF scan results to Prowler Cloud (#10095)
• scan_id field in OCSF unmapped output for ingestion correlation (#10095)
• defenderxdr_endpoint_privileged_user_exposed_credentials check for M365 provider (#10084)
• defenderxdr_critical_asset_management_pending_approvals check for M365 provider (#10085)
• entra_seamless_sso_disabled check for M365 provider (#10086)
• Registry scan mode for image provider: enumerate and scan all images from OCI standard, Docker Hub, and ECR (#9985)
• File descriptor limits (ulimits) for Docker Compose worker services to prevent Too many open files errors (#10107)
• SecNumCloud compliance framework for the AWS provider (#10117)
• CIS 6.0 for the AWS provider (#10127)
• entra_conditional_access_policy_require_mfa_for_management_api check for M365 provider (#10150)
• OpenStack provider multiple regions support (#10135)
• entra_break_glass_account_fido2_security_key_registered check for M365 provider (#10213)
• entra_default_app_management_policy_enabled check for M365 provider (#9898)
• OpenStack networking service with 6 security checks (#9970)
• OpenStack block storage service with 7 security checks (#10120)
• OpenStack compute service with 7 security checks (#9944)
• OpenStack image service with 6 security checks (#10096)
• --provider-uid CLI flag for IaC provider, used as cloud.account.uid in OCSF output and required with --export-ocsf (#10233)
• unmapped.provider_uid field in OCSF output to match CLI scan results with API provider entities during ingestion (#10231)
• unmapped.provider field in OCSF output for provider name availability in non-cloud providers like Kubernetes (#10240)

🔄 Changed

• Update Azure Monitor service metadata to new format (#9622)
• GitHub provider enhanced documentation and repository_branch_delete_on_merge_enabled logic (#9830)
• Parallelize Cloudflare zone API calls with threading to improve scan performance (#9982)
• Update GCP API Keys service metadata to new format (#9637)
• Update GCP BigQuery service metadata to new format (#9638)
• Update GCP Cloud SQL service metadata to new format (#9639)
• Update GCP Cloud Storage service metadata to new format (#9640)
• Update GCP Compute Engine service metadata to new format (#9641)
• Update GCP Dataproc service metadata to new format (#9642)
• Update GCP DNS service metadata to new format (#9643)
• Update GCP GCR service metadata to new format (#9644)
• Update GCP GKE service metadata to new format (#9645)
• Update GCP IAM service metadata to new format (#9646)
• Update GCP KMS service metadata to new format (#9647)
• Update GCP Logging service metadata to new format (#9648)
• Update Azure Key Vault service metadata to new format (#9621)
• Update Azure Entra ID service metadata to new format (#9619)
• Update Azure Virtual Machines service metadata to new format (#9629)
• Cloudflare provider credential validation with specific exceptions (#9910)
• Enhance AWS IAM privilege escalation detection with patterns from pathfinding.cloud library (#9922)
• Bump Trivy from 0.66.0 to 0.69.2 (#10210)
• Standardize GitHub and M365 provider account UIDs for consistent OCSF output (#10226)
• Standardize Cloudflare account and resource UIDs to prevent None values in findings (#10227)

🐞 Fixed

• Update AWS checks metadata URLs to replace deprecated Trend Micro CloudOne Conformity (EOL July 2026) with Vision One and remove docs.prowler.com references (#10068)
• Standardize resource_id values across Azure checks to use actual Azure resource IDs and prevent duplicate resource entries (#9994)
• VPC endpoint service collection filtering third-party services that caused AccessDenied errors on DescribeVpcEndpointServicePermissions (#10152)
• Handle serialization errors in OCSF output for non-serializable resource metadata (#10129)
• Respect AWS_ENDPOINT_URL environment variable for STS session creation (#10228)
• Help text and typos in CLI flags (#10040)
• elbv2_insecure_ssl_ciphers false positive on AWS post-quantum (PQ) TLS policies like ELBSecurityPolicy-TLS13-1-2-PQ-2025-09 (#10219)

🔐 Security

• Bumped py-ocsf-models to 0.8.1 and cryptography to 44.0.3 (#10059)
• Harden GitHub Actions workflows against expression injection, add persist-credentials: false to checkout steps, and configure dependabot cooldown (#10200)

MCP

🚀 Added

• Attack Paths tools to list scans, discover queries, and run Cypher queries against Neo4j (#10145)

UI

🐞 Fixed

• Dropdown selects in the "Send to Jira" modal and other dialogs not responding to clicks (#10097)
• Update credentials for the Alibaba Cloud provider (#10098)

API

🐞 Fixed

• GCP provider UID validation regex to allow domain prefixes (#10078)

SDK

🐞 Fixed

• pip install prowler failing on systems without C compiler due to netifaces transitive dependency from openstacksdk (#10055)
• kms_key_not_publicly_accessible false negative for specific KMS actions (e.g., kms:DescribeKey, kms:Decrypt) with unrestricted principals (#10071)
• Remove account_id and location for manual requirements in M365CIS (#10105)

UI

🐞 Fixed

• ProviderTypeSelector crashing when an unknown provider type is missing from PROVIDER_DATA (#9991)
• Infinite memory loop when opening modals from table row action dropdowns due to HeroUI and Radix Dialog overlay conflict (#9996)
• Filter changes not coordinating with Suspense boundaries in ProviderTypeSelector, AccountsSelector, and muted findings checkbox (#10013)
• Scans page pagination not refreshing table data after page change (#10013)
• Duplicate filter[search] parameter in findings and scans API calls (#10013)
• Filters on /findings silently reverting on first click in production (#10034)

API

🐞 Fixed

• SAML role mapping now prevents removing the last MANAGE_ACCOUNT user (#10007)

SDK

🐞 Fixed

• --repository and --organization flags combined interaction in GitHub provider, qualifying unqualified repository names with organization (#10001)
• HPACK library logging tokens in debug mode for Azure, M365, and Cloudflare providers (#10010)

UI

🐞 Fixed

• Scans page polling now only refreshes scan table data instead of re-rendering the entire server component tree, eliminating redundant API calls to providers, findings, and compliance endpoints every 5 seconds (#9976)

✨ New features to highlight in this version

Enjoy these features and more at https://cloud.prowler.com

☁️ OpenStack Provider - CLI only

Prowler now supports OpenStack as a new cloud provider! This release introduces initial coverage with the Compute service and includes the first security check. This opens the door to assessing private cloud environments built on OpenStack.

Check the OpenStack documentation and all checks on Prowler Hub.

🔍 CloudTrail Timeline - Resource History Tracking - API only

A new CloudTrail Timeline abstraction enables querying resource modification history directly from the API. The new endpoint GET /resources/{id}/events retrieves AWS resource modification events from CloudTrail, giving you visibility into who changed what and when.

🕸️ Attack Paths Enhancements

• New privilege escalation queries for Bedrock Code Interpreter and AttachRolePolicy patterns
• Cartography upgraded to 0.126.1 with expanded AWS scans covering SageMaker, CloudFront, and Bedrock
• Neo4j database per tenant architecture for improved isolation and performance

🛡️ CodeBreach Vulnerability Detection

New check codebuild_project_webhook_filters_use_anchored_patterns helps detect the CodeBreach vulnerability in AWS CodeBuild projects by verifying webhook filters use properly anchored patterns.

📋 New Security Checks

• AWS: rds_instance_extended_support - Detect RDS instances using extended support
• M365: defender_zap_for_teams_enabled, exchange_shared_mailbox_sign_in_disabled
• GCP: compute_instance_suspended_without_persistent_disks

🏛️ HIPAA for Azure

The HIPAA compliance framework is now available for the Azure provider, helping healthcare organizations assess their Azure infrastructure against HIPAA requirements.

⚡ Performance Improvements

• Azure Key Vault parallelization - Vaults and contents retrieval now runs in parallel for faster
  scans
• Lazy-load providers and compliance data - Reduced API/worker startup memory and time
• Memory optimizations for large compliance report generation
• Partial database index on findings for faster new failed findings queries

🎨 UI Improvements

• Redesigned Resources view with an improved resource detail drawer
• Launch Scan page now displays all providers without pagination limits
• Next.js 16.1 upgrade with ESLint 9 flat config migration

⚙️ Cloudflare Enhancements

• New --account-id filter argument for Cloudflare CLI
• Cloudflare provider credentials now supported as constructor parameters for SDK usage

🛠️ AWS Cross-Account Configuration

Cross-account checks are now configurable through the trusted_account_ids config parameter, giving you control over which accounts are considered trusted for cross-account access patterns.

🐛 Bug Fixes

• Jira integration: Fixed summary truncation to 255 characters preventing INVALID_INPUT errors with long resource UIDs
• Azure: Fixed duplicated findings in entra_user_with_vm_access_has_mfa when users have multiple VM access roles

🙏 Community Contribution

Special thanks to @AlienwareSec for contributing the fix for CSV/XLSX download failures in the Dashboard https://github.com/prowler-cloud/prowler/pull/9946

UI

🔄 Changed

• Restyle resources view with improved resource detail drawer (#9864)
• Launch Scan page now displays all providers without pagination limit (#9700)
• Upgrade Next.js from 15.5.9 to 16.1.3 with ESLint 9 flat config migration (#9826)

🔐 Security

• React from 19.2.3 to 19.2.4 and Next.js from 16.1.3 to 16.1.6, patching DoS vulnerability in React Server Components (GHSA-83fc-fqcc-2hmg) (#9917)

API

🚀 Added

• Cloudflare provider support (#9907)
• Attack Paths: Bedrock Code Interpreter and AttachRolePolicy privilege escalation queries (#9885)
• provider_id and provider_id__in filters for resources endpoints (GET /resources and GET /resources/metadata/latest) (#9864)
• Added memory optimizations for large compliance report generation (#9444)
• GET /api/v1/resources/{id}/events endpoint to retrieve AWS resource modification history from CloudTrail (#9101)
• Partial index on findings to speed up new failed findings queries (#9904)

🔄 Changed

• Lazy-load providers and compliance data to reduce API/worker startup memory and time (#9857)
• Attack Paths: Pinned Cartography to version 0.126.1, adding AWS scans for SageMaker, CloudFront and Bedrock (#9893)
• Remove unused indexes (#9904)
• Attack Paths: Modified the behaviour of the Cartography scans to use the same Neo4j database per tenant, instead of individual databases per scans (#9955)

🐞 Fixed

• Attack Paths: aws-security-groups-open-internet-facing query returning no results due to incorrect relationship matching (#9892)

SDK

🚀 Added

• defender_zap_for_teams_enabled check for M365 provider (#9838)
• compute_instance_suspended_without_persistent_disks check for GCP provider (#9747)
• codebuild_project_webhook_filters_use_anchored_patterns check for AWS provider to detect CodeBreach vulnerability (#9840)
• exchange_shared_mailbox_sign_in_disabled check for M365 provider (#9828)
• CloudTrail Timeline abstraction for querying resource modification history (#9101)
• Cloudflare --account-id filter argument (#9894)
• rds_instance_extended_support check for AWS provider (#9865)
• OpenStack provider support with Compute service including 1 security check (#9811)
• OpenStack documentation for the support in the CLI (#9848)
• Add HIPAA compliance framework for the Azure provider (#9957)
• Cloudflare provider credentials as constructor parameters (api_token, api_key, api_email) (#9907)

🔄 Changed

• Update Azure App Service service metadata to new format (#9613)
• Update Azure Application Insights service metadata to new format (#9614)
• Update Azure Container Registry service metadata to new format (#9615)
• Update Azure Cosmos DB service metadata to new format (#9616)
• Update Azure Databricks service metadata to new format (#9617)
• Parallelize Azure Key Vault vaults and vaults contents retrieval to improve performance (#9876)
• Update Azure IAM service metadata to new format (#9620)
• Update Azure Policy service metadata to new format (#9625)
• Update Azure MySQL service metadata to new format (#9623)
• Update Azure Defender service metadata to new format (#9618)
• Make AWS cross-account checks configurable through trusted_account_ids config parameter (#9692)
• Update Azure PostgreSQL service metadata to new format (#9626)
• Update Azure SQL Server service metadata to new format (#9627)
• Update Azure Network service metadata to new format (#9624)
• Update Azure Storage service metadata to new format (#9628)

🐛 Fixed

• Duplicated findings in entra_user_with_vm_access_has_mfa check when user has multiple VM access roles (#9914)
• Jira integration failing with INVALID_INPUT error when sending findings with long resource UIDs exceeding 255-character summary limit (#9926)
• CSV/XLSX download failure in dashboard (#9946)

API

🐞 Fixed

• Improve API startup process by manage.py argument detection (#9856)
• Deleting providers don't try to delete a None Neo4j database when an Attack Paths scan is scheduled (#9858)
• Use replica database for reading Findings to add them to the Attack Paths graph (#9861)
• Attack paths findings loading query to use streaming generator for O(batch_size) memory instead of O(total_findings) (#9862)
• Lazy load Neo4j driver (#9868)
• Use Findings.all_objects to avoid the ActiveProviderPartitionedManager (#9869)
• Lazy load Neo4j driver for workers only (#9872)
• Improve Cypher query for inserting Findings into Attack Paths scan graphs (#9874)
• Clear Neo4j database cache after Attack Paths scan and each API query (#9877)
• Deduplicated scheduled scans for long-running providers (#9829)

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🕸️ Attack Paths

A brand new Attack Paths feature powered by Cartography and Neo4j graph database enables you to visualize and analyze potential attack vectors across your AWS environments. This feature allows security teams to:

• Execute graph-based queries against your cloud infrastructure
• Visualize attack paths as interactive graphs
• Identify privilege escalation paths and lateral movement opportunities
• Prioritize remediation based on actual exploitability

🗂️ Resource Groups Overview

A new Resource Groups feature provides aggregated views of your cloud resources organized by security-relevant groupings (e.g., Compute, Storage, Network, Identity). This helps you quickly understand which resource categories have the most security issues.

[!NOTE]
Resource group data will populate from scans executed after upgrading to v5.17.0. Previous scan data will not include resource group information.

📊 Redesigned Findings Table

The findings table has been completely rebuilt with a new design system, offering:

• Improved filtering UX with better multi-select support
• Enhanced table interactions and responsiveness
• Cleaner visual hierarchy for faster scanning
• Better integration with the new resource group filters

📋 Compliance Watchlist

A new Compliance Watchlist component on the Overview page lets you monitor your most critical compliance frameworks at a glance. Track pass/fail ratios and quickly navigate to detailed compliance views.

🎯 ThreatScore Pillar Breakdown

The Compliance Summary page now includes a detailed ThreatScore pillar breakdown, giving you visibility into how each security pillar (Identity, Data Protection, Network Security, etc.) contributes to your overall risk score.

📈 Enhanced Risk Plot

The Risk Plot has been improved with:

• Gradient background for visual risk context
• Better correlation between finding volume and security impact

🏛️ AWS European Sovereign Cloud

Full support for AWS European Sovereign Cloud regions, enabling organizations with strict data residency requirements to leverage Prowler's security scanning capabilities.

Read more about it in our blog: AWS EUSC with Prowler

☁️ Alibaba Cloud Provider (Full Support)

Alibaba Cloud now has full support in the Prowler App! After being introduced in the CLI in v5.15.0, this release brings complete API and UI integration, enabling you to:

• Add and manage Alibaba Cloud providers from the UI
• Run security scans against your Alibaba Cloud infrastructure
• View findings and compliance status alongside other cloud providers
• Calculate Prowler ThreatScore for Alibaba Cloud environments

Explore all 63 Alibaba Cloud checks at Prowler Hub.

☁️ Cloudflare Provider - CLI Only

Prowler now supports Cloudflare as a first-class cloud provider! Scan your Cloudflare infrastructure for security misconfigurations across zones, DNS, email, WAF, and more.
Available checks include:

• TLS/SSL configuration validation
• DNS record security
• Email security (SPF, DKIM, DMARC)
• Bot protection settings
• WAF configuration
• Privacy and anti-scraping settings
• Zone configuration best practices

Explore all Cloudflare checks at Prowler Hub.

📚 New Compliance Frameworks

CIS 5.0 for Azure

The latest CIS Azure Foundations Benchmark v5.0 is now available, bringing updated security controls aligned with current Azure best practices.

CIS 6.0 for Microsoft 365

New CIS Microsoft 365 Benchmark v6.0 compliance framework for comprehensive M365 security assessment.

CIS 1.12 for Kubernetes

Updated CIS Kubernetes Benchmark v1.12 with the latest container security controls.

🤖 AI Skills Pack

Prowler now includes an AI Skills Pack for AI coding assistants like Claude Code, OpenCode, and Codex. Following the agentskills.io standard, this enables AI assistants to better understand Prowler's codebase and contribute more effectively.

🧩 New Checks

GCP - Compute (10 new checks)

• compute_instance_group_multiple_zones - Ensure instance groups span multiple zones for HA
• compute_instance_group_autohealing_enabled - Verify autohealing is configured
• compute_instance_group_load_balancer_attached - Check load balancer attachment
• compute_instance_disk_auto_delete_disabled - Prevent accidental data loss
• compute_configuration_changes - Detect configuration changes in Cloud Audit Logs
• compute_instance_single_network_interface - Enforce single NIC policy
• compute_image_not_publicly_shared - Prevent public image exposure
• compute_snapshot_not_outdated - Identify stale snapshots
• compute_project_os_login_2fa_enabled - Enforce 2FA for OS Login
• compute_instance_on_host_maintenance_migrate - Verify live migration settings

🚀 Azure Entra Performance

We've improved performance when retrieving user registration and MFA details from the Azure and M365 Entra services. As part of this enhancement, an additional API call is now required for Azure, which means that service principals used to scan Azure must be granted the AuditLog.Read.All permission. You can find more details in our documentation.

[!NOTE]
M365 apps don't need any update, since it was already required.

🔐 Security Updates

Security patches across all components:

• Django 5.1.15 (CVE-2025-64460, CVE-2025-13372)
• Node.js 24.13.0 LTS (8 CVEs from January 2026 advisory)
• Werkzeug 3.1.4 (CVE-2025-66221)
• django-allauth v65.13.0 (CVE-2025-65431)
• pyasn1 v0.6.2 (CVE-2026-23490)
• safety 3.7.0 (CVE-2025-68146)
• LangChain 1.2.10 and @langchain/core 1.1.15

UI

🚀 Added

• Search bar when adding a provider (#9634)
• New findings table UI with new design system components, improved filtering UX, and enhanced table interactions (#9699)
• Gradient background to Risk Plot for visual risk context (#9664)
• ThreatScore pillar breakdown to Compliance Summary page and detail view (#9773)
• Provider and Group filters to Resources page (#9492)
• Compliance Watchlist component in Overview page (#9786)
• Add a new main section for list Attack Paths scans, execute queries on them and view their result as a graph (#9805)
• Resource group label filter to Resources page (#9820)

🔄 Changed

• Refactor Lighthouse AI MCP tool filtering from blacklist to whitelist approach for improved security (#9802)
• Refactor ScatterPlot as reusable generic component with TypeScript generics (#9664)
• Rename resource_group filter to group in Resources page and Overview cards (#9492)
• Update Resources filters to use __in format for multi-select support (#9492)
• Swap Risk Plot axes: X = Fail Findings, Y = Prowler ThreatScore (#9664)
• Remove duplicate scan_id filter badge from Findings page (#9664)
• Remove unused hasDots prop from RadialChart component (#9664)

🐞 Fixed

• OCI update credentials form failing silently due to missing provider UID (#9746)

🔐 Security

• Node.js from 20.x to 24.13.0 LTS, patching 8 CVEs from January 2026 security advisory (#9797)
• langchain from 1.1.5 to 1.2.10 and @langchain/core from 1.1.8 to 1.1.15 (#9797)

API

🚀 Added

• /api/v1/overviews/compliance-watchlist endpoint to retrieve the compliance watchlist (#9596)
• AlibabaCloud provider support (#9485)
• /api/v1/overviews/resource-groups endpoint to retrieve an overview of resource groups based on finding severities (#9694)
• group filter for GET /findings and GET /findings/metadata/latest endpoints (#9694)
• provider_id and provider_id__in filter aliases for findings endpoints to enable consistent frontend parameter naming (#9701)
• Attack Paths: /api/v1/attack-paths-scans for AWS providers backed by Neo4j (#9805)

🔐 Security

• Django 5.1.15 (CVE-2025-64460, CVE-2025-13372), Werkzeug 3.1.4 (CVE-2025-66221), sqlparse 0.5.5 (PVE-2025-82038), fonttools 4.60.2 (CVE-2025-66034) (#9730)
• safety to 3.7.0 and filelock to 3.20.3 due to Safety vulnerability 82754 (CVE-2025-68146) (#9816)
• pyasn1 to v0.6.2 to address CVE-2026-23490 (#9818)
• django-allauth[saml] to v65.13.0 to address CVE-2025-65431 (#9575)

SDK

🚀 Added

• AI Skills pack for AI coding assistants (Claude Code, OpenCode, Codex) following agentskills.io standard (#9728)
• Prowler ThreatScore for the Alibaba Cloud provider (#9511)
• compute_instance_group_multiple_zones check for GCP provider (#9566)
• compute_instance_group_autohealing_enabled check for GCP provider (#9690)
• Support AWS European Sovereign Cloud (#9649)
• compute_instance_disk_auto_delete_disabled check for GCP provider (#9604)
• Bedrock service pagination (#9606) - Thanks to @sonofagl1tch
• ResourceGroup field to all check metadata for resource classification (#9656)
• compute_configuration_changes check for GCP provider to detect Compute Engine configuration changes in Cloud Audit Logs (#9698)
• compute_instance_group_load_balancer_attached check for GCP provider (#9695)
• Cloudflare provider with critical security checks (#9423)
• CloudFlare TLS/SSL, records and email checks for zone service (#9424)
• compute_instance_single_network_interface check for GCP provider (#9702)
• compute_image_not_publicly_shared check for GCP provider (#9718)
• compute_snapshot_not_outdated check for GCP provider (#9774)
• compute_project_os_login_2fa_enabled check for GCP provider (#9839)
• compute_instance_on_host_maintenance_migrate check for GCP provider (#9834)
• CIS 1.12 compliance framework for Kubernetes (#9778)
• CIS 6.0 for M365 provider (#9779)
• CIS 5.0 compliance framework for the Azure provider (#9777)
• Cloudflare Bot protection, WAF, Privacy, Anti-Scraping and Zone configuration checks (#9425)

🔄 Changed

• Update AWS Step Functions service metadata to new format (#9432)
• Update AWS Route 53 service metadata to new format (#9406)
• Update AWS SQS service metadata to new format (#9429)
• Update AWS Shield service metadata to new format (#9427)
• Update AWS Secrets Manager service metadata to new format (#9408)
• Improve SageMaker service tag retrieval with parallel execution (#9609) - Thanks to @sonofagl1tch
• Update AWS Redshift service metadata to new format (#9385)
• Update AWS Storage Gateway service metadata to new format (#9433)
• Update AWS Well-Architected service metadata to new format (#9482)
• Update AWS SSM service metadata to new format (#9430)
• Update AWS Organizations service metadata to new format (#9384)
• Update AWS Resource Explorer v2 service metadata to new format (#9386)
• Update AWS SageMaker service metadata to new format (#9407)
• Update AWS Security Hub service metadata to new format (#9409)
• Update AWS SES service metadata to new format (#9411)
• Update AWS SSM Incidents service metadata to new format (#9431)
• Update AWS WorkSpaces service metadata to new format (#9483)
• Update AWS OpenSearch service metadata to new format (#9383)
• Update AWS VPC service metadata to new format (#9479)
• Update AWS Transfer service metadata to new format (#9434)
• Update AWS S3 service metadata to new format (#9552)
• Update AWS DataSync service metadata to new format (#8854)
• Update AWS RDS service metadata to new format (#9551)
• Update AWS Bedrock service metadata to new format (#8827)
• Update AWS IAM service metadata to new format (#9550)
• Enhance user_registration_details perfomance and user mfa evaluation (#9236)
• Update AWS Cognito service metadata to new format (#8853)
• Update AWS EC2 service metadata to new format (#9549)
• Update Azure AI Search service metadata to new format (#9087)
• Update Azure AKS service metadata to new format (#9611)
• Update Azure API Management service metadata to new format (#9612)

🐞 Fixed

• OCI authentication error handling and validation (#9738)
• Python mutable default argument in AWS EC2 Security Group lib (#9216) - Thanks to @leetrout

🔐 Security

• safety to 3.7.0 and filelock to 3.20.3 due to Safety vulnerability 82754 (CVE-2025-68146) (#9816)
• pyasn1 to v0.6.2 to address CVE-2026-23490 (#9817)