Tools/prowler-cloud/prowler

prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

14.1kemergingPythonApache License 2.0

The Lens

Prowler scans your AWS, Azure, GCP, and Kubernetes accounts for security misconfigurations and compliance gaps, and it's free and open source. Point it at read-only credentials and it runs hundreds of checks against CIS, PCI, HIPAA, GDPR, and more, then hands you a report of what's wrong.

Running it yourself is a Python CLI or a Docker container. No agents, no infrastructure, just read access to your accounts. The self-hosted version is the full engine, and it drops into CI and cron jobs cleanly. For a solo operator or a small team, that is genuinely all you need.

Prowler Cloud is the paid SaaS on top: a hosted dashboard, continuous scanning, findings history, and team access without wiring up your own storage. Solo and small teams, the CLI is plenty. Larger teams that want a shared view and trend tracking without building it themselves, the hosted tier earns its keep.

The catch: the report will overwhelm you on the first run. A fresh AWS account can throw hundreds of findings, most of them low priority. Budget time to tune the checks to what you actually care about, or the noise buries the signal.

Free vs Self-Hosted vs Paid

free self hosted paid cloud

Self-hosted (free): The full Prowler engine under Apache-2.0. Runs as a Python CLI or Docker container against AWS, Azure, GCP, Kubernetes, and Microsoft 365. Hundreds of built-in checks mapped to CIS, PCI-DSS, HIPAA, GDPR, and other frameworks. Needs only read-only credentials.

Prowler Cloud (paid SaaS): Hosted dashboard with continuous scanning, findings history, and team access, so you don't store and track results yourself. Free tier to start; paid plans scale with accounts and scan volume.

The call: Self-host for CI checks and point-in-time audits. Move to Prowler Cloud when you need an always-on, shared view across a team.

Self-host the full scanner free. Prowler Cloud adds a hosted dashboard and continuous scanning, with a free tier and paid team plans.

Self-hosting ops:trivial

Get tools like this every Wednesday

One featured tool, three on the radar. No fluff.

Score
67/100 · B
Adoption27/30
Maintenance10/25
Community5/20
License15/15
Analysis10/10

About

Owner
Prowler (Organization)
Stars
14,088
Forks
2,230

Explore Further

More tools in the directory