prowler
prowler copied to clipboard
prowler-cloud
Prowler v4.0 dashboard suggestions
New feature motivation
I wrote the AWS Security Assessment Solution (SATv2) to make it easy to run a Prowler assessment against a single AWS account, or an AWS Organization with a simple AWS CloudFormation template.
Version 3, produced an html report which made it easy to review the results from S3, within the web browser.
Version 4 requires prowler dashboard and something to run the server. This requires more resources and increases the complexity of the solution.
Solution Proposed
The dashboard update to see multiple AWS accounts in a single dashboard is a significant improvement.
Some suggestions to improve the UI of the dashboard
- Add additional information on the finding like the risk or recommendation.
- Change the color of the status column for PASS FAIL or MUTED like the colors in the visualizations / cards
Suggestions to make easier to run
- Bring back the html output
Describe alternatives you've considered
I have a proof of concept of running the dashboard on AWS Fargate. This requires a VPC, subnet, load balancer, etc so I think there is room for improvement.
Looks like there may be an opportunity to run dash on AWS Lambda, but may require some code changes. I am still looking into the feasibility.
Additional context
No response
Yes, bring back the HTML report. That was much better to view and correlate the results.
Thank you both for your comments.
@js37 we listen and will see how to improve it based on your comments. to add risk, recomendation and more useful data into findings. About colors, can you be more specific?
About bringing back the html, we will give it a thought and get back to you, thank you again!
Thanks for the response. Let me know if you need anything.
On the dashboard in the "Top Findings by Severity" table, Pass should be Green, and Fail should be Red.
Hi @js37! This would be a really good improvement, I will take a look and tell you something when a solution is taken. Thanks for using Prowler! 🚀
Hi! @js37 I have new updates for you, in this pr I´ve made some improvements and fixes related with your comments. Here I can show you a preview...
Waiting for your thoughts and opinion! 😄
Thanks, it is definitely an improvement, but we still can't see the check title, risk, or recommendation.
Is there any reason the Open Source Prowler can't have the same dashboard as Prowler SaaS? That solves all my asks.
The checks have all the details and recommendations on the findings page
The compliance page is not blank by default either.
Hey @js37 ! We are currently working on dashboard improvements, meanwhile I´ll reopen this issue
+1 for getting back the detailed information about checks.
Most of the stuff from here is not shown in the dashboard: https://github.com/prowler-cloud/prowler/blob/27bb05fedc190ea5a5cb9b83540322a43729c2e2/prowler/providers/kubernetes/services/apiserver/apiserver_security_context_deny_plugin/apiserver_security_context_deny_plugin.metadata.json
It's virtually useless atm if I have to decipher what the check id hints at. Of course for some controls its obvious, but not for all...
Same thing here. Right now, Prowler's dashboard offers little to no usability for me.
Hey! @js37 @Kisielos10 @blaargh @imvignesh27 got new updates for you:
- Prowler dashboard is improved, now more findings information is shown
- HTML output is back
We hope you like it, thanks for using Prowler!
@pedrooot Any idea when this will be implemented in the python package? This is what I'm getting as of today:
➜ prowler -v
Prowler 4.1.0 (You are running the latest version, yay!)
➜ prowler aws -M html
<invalid syntax>
@pedrooot Any idea when this will be implemented in the python package? This is what I'm getting as of today:
➜ prowler -v Prowler 4.1.0 (You are running the latest version, yay!) ➜ prowler aws -M html <invalid syntax>
HI @Kisielos10, the next release will be published today including the HTML output format.
Thanks for using Prowler 🚀
