Verica launches Prowler Pro solution to enhance AWS security

Verification vendor Verica and Toni de la Fonte, creator of the Prowler AWS security tool, have announced the launch of Prowler Pro to enhance cloud security and provide new open-source tools to make AWS security simpler for customers. The two stated in a press release that Prowler Pro marks the evolution of Prowler Open Source, one of the most recognizable open-source tools for AWS cloud security, and puts security assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness in easy reach of businesses running multiple AWS services.

Continuous monitoring, personalized support, customizable dashboards across AWS deployments

Prowler Pro contains over 220 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks, the parties said. It is publicly available via AWS Marketplace, and they claim it is easy to deploy in multiple AWS cloud accounts, offering continuous monitoring, faster execution, personalized support, and customizable dashboards.

“Uniting our technology offerings was a natural progression for both platforms. We are thrilled to welcome the Prowler team to the Verica family and bring open-source solutions to a wider audience,” said Aaron Rinehart, co-founder and CTO of Verica. “We think it’s critically important to bring the practices of continuous verification to AWS security problems, and we look forward to rolling out more integrations to create a seamless experience for customers.”

Prowler Open Source will remain available on GitHub for cloud security professionals and developers, with the team focusing on enhancing the open-source offering and expanding its database of 220-plus checks, along with strengthening Prowler Pro capabilities. Both Prowler Open Source and Prowler Pro customers will benefit from upgrades to their tools that will make the process of securing AWS systems significantly easier, they added.

“When I started Prowler, the AWS cloud security community didn’t have many tools, and securing AWS was complicated and confusing (and still is),” said de la Fuente. “It was natural for developers to start using Prowler due to its simplicity to install and run. This evolution of Prowler aligned with Verica’s vision makes it even easier to identify issues and threats.”

Self-hosted solution gives customers total control of data

Speaking to CSO, de la Fuente says that, in addition to the new security features, Prowler Pro is offered as a self-hosted deployment that gives customers total control of their data. “The customer owns their data, so they don’t have to trust third parties for security monitoring activities,” he adds.

AWS security is often overlooked as developers or operations staff add new services and applications, and this becomes complicated when people leave organizations or applications need new privileges or new roles, de la Fuente continues. “Prowler Pro aims to make it easy for developers and security architects to build and run applications with security built in. Security isn’t an afterthought done at audit or annual compliance time but is part of development from day one. We believe that as AWS continues to grow and scale companies and organizations need a security tool they can rely on to make it easy and consistent.”