Comments (4)
Hi @anushaks579,
Yes, the azure provider is missing some checks and services, we would like to have it completed as soon as possible.
If you can list which checks are you missing, apart from the vm open ports one, it would help us a lot (we can start from that point)
from prowler.
In the report prowler scans azure subscription for VMs it has to display in which VM port are open if its open it should display some warning message some thing like that because when all ports open its easy to hack the data.
Also we need to add one check about the user who opened which port OR who created the network security group and access , log time like that in that report.
Lack of Azure documentation compare to AWS prowler.
from prowler.
Hi @anushaks579 recently we've finished the CIS 2.0 and 2.1 for Azure including the following checks related to open ports:
network_rdp_internet_access_restricted
network_ssh_internet_access_restricted
network_watcher_enabled
What are your requirements about scanning virtual machines? Does those checks cover what you need? Please give it a try and let us know.
Thanks for using Prowler 🚀
from prowler.
Closing the PR since the checks were already added.
from prowler.
Related Issues (20)
- [Bug]: Encoding issue with Dashboard on Prowler 4.1.0 - Aces High HOT 6
- Look for externally shared DynamoDB Tables HOT 1
- Add support for AWS Lightsail resource HOT 1
- [Bug]: Unable to access the prowler dashboard from aws ec2 instance which has public IP HOT 4
- [Bug]: csv output is empty (only column names) HOT 4
- Add configuration for secret related checks HOT 6
- CIS 2.1.0 output has missing checks [Bug]: HOT 4
- [Bug]: empty json-ocsf output in 4.1.0 HOT 7
- [Bug]: efs_not_publicly_accessible check based on misunderstanding? HOT 5
- [Bug]: V4 sends muted fails to Security Hub HOT 2
- Support for custom metadata fields HOT 2
- [Bug]: Security group name missing from new json-oscf format HOT 5
- [Bug]: Separate Checks for Expired and Near-Expiration ACM Certificates HOT 13
- Add Service Account impersonation in GCP as a new authentication method
- [Bug]: Kubernetes RBAC errors HOT 10
- Bring back HTML reports HOT 1
- Getting FileNotFoundError while trying to set up prowler for aws HOT 13
- Getting Error when using prowler dashboard command - UnicodeDecodeError 'utf-8' codec can't decode byte 0x92 in position 5171 HOT 21
- [Bug]: Unix timestamp not working
- [Bug]: Pre-commit Execution Failure Due to Missing TruffleHog Dependency HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prowler.