Premium or Enterprise · 572 specialized tests

Cloud Security Posture Management

Authenticated CSPM via Prowler — 572 AWS checks across 41 frameworks (CIS / PCI-DSS / SOC2 / ISO27001 / HIPAA)

€199 Add to Scan

What Gets Tested

CIS AWS Foundations Benchmark v2.0 (572 checks)
PCI-DSS 3.2.1 mapping for AWS
SOC 2 Trust Services Criteria
ISO 27001 Annex A controls
HIPAA Security Rule controls
GDPR + FedRAMP + NIST CSF 2.0 mappings
Multi-cloud: AWS / Azure / GCP / Kubernetes
Read-only IAM role assume-flow (no standing creds)
Customer-supplied credentials only (Prowler runs against YOUR cloud)
External recon: cloud_enum + GCPBucketBrute (multi-cloud bucket OSINT)
GCP IAM TestIamPermissions privilege depth probe

How It Works

1

Onboarding

Customer creates a read-only IAM role in their cloud account with our scanner account ID as trusted principal + external_id.

2

Authenticated Sweep

Prowler enumerates the cloud account against the chosen compliance framework.

3

External Recon

cloud_enum + GCPBucketBrute hunt orphan buckets / blobs / containers attributable to the target keyword.

4

Privilege Depth

GCPBucketBrute calls TestIamPermissions on each discovered bucket to surface World-writable / IAM-policy-set buckets.

Compliance Coverage

CIS-AWS-2.0 PCI-DSS-3.2.1 SOC2-CC6 ISO-27001-A.5 HIPAA Security Rule

Cloud Security Posture Management

€199

Premium or Enterprise · One-time per scan

572 specialized tests + AI-powered analysis

Start Your Scan

Select this addon when configuring your scan

Related Add-Ons

Kubernetes Security

€199

kube-bench (CIS) + kube-hunter (active) — authenticated K8s cluster audit

Aggressive Pentest

€599

Full exploitation testing — SQL injection, RCE, credential brute force, consent-gated proof-of-exploit