fix(deps): update toniblyx/prowler docker tag to v5.17.1 #76

renovate · 2025-01-29T20:29:48Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
toniblyx/prowler	minor	`5.2.0` → `5.17.1`

Release Notes

prowler-cloud/prowler (toniblyx/prowler)

`v5.17.1`: Prowler 5.17.1

Compare Source

API

🐞 Fixed

Improve API startup process by manage.py argument detection (#9856)
Deleting providers don't try to delete a None Neo4j database when an Attack Paths scan is scheduled (#9858)
Use replica database for reading Findings to add them to the Attack Paths graph (#9861)
Attack paths findings loading query to use streaming generator for O(batch_size) memory instead of O(total_findings) (#9862)
Lazy load Neo4j driver (#9868)
Use Findings.all_objects to avoid the ActiveProviderPartitionedManager (#9869)
Lazy load Neo4j driver for workers only (#9872)
Improve Cypher query for inserting Findings into Attack Paths scan graphs (#9874)
Clear Neo4j database cache after Attack Paths scan and each API query (#9877)
Deduplicated scheduled scans for long-running providers (#9829)

`v5.17.0`: Prowler 5.17.0

Compare Source

✨ New features to highlight in this version

Enjoy them all now for free at https://cloud.prowler.com

🕸️ Attack Paths

A brand new Attack Paths feature powered by Cartography and Neo4j graph database enables you to visualize and analyze potential attack vectors across your AWS environments. This feature allows security teams to:

Execute graph-based queries against your cloud infrastructure
Visualize attack paths as interactive graphs
Identify privilege escalation paths and lateral movement opportunities
Prioritize remediation based on actual exploitability

🗂️ Resource Groups Overview

A new Resource Groups feature provides aggregated views of your cloud resources organized by security-relevant groupings (e.g., Compute, Storage, Network, Identity). This helps you quickly understand which resource categories have the most security issues.

[!NOTE]
Resource group data will populate from scans executed after upgrading to v5.17.0. Previous scan data will not include resource group information.

📊 Redesigned Findings Table

The findings table has been completely rebuilt with a new design system, offering:

Improved filtering UX with better multi-select support
Enhanced table interactions and responsiveness
Cleaner visual hierarchy for faster scanning
Better integration with the new resource group filters

📋 Compliance Watchlist

A new Compliance Watchlist component on the Overview page lets you monitor your most critical compliance frameworks at a glance. Track pass/fail ratios and quickly navigate to detailed compliance views.

🎯 ThreatScore Pillar Breakdown

The Compliance Summary page now includes a detailed ThreatScore pillar breakdown, giving you visibility into how each security pillar (Identity, Data Protection, Network Security, etc.) contributes to your overall risk score.

📈 Enhanced Risk Plot

The Risk Plot has been improved with:

Gradient background for visual risk context
Better correlation between finding volume and security impact

🏛️ AWS European Sovereign Cloud

Full support for AWS European Sovereign Cloud regions, enabling organizations with strict data residency requirements to leverage Prowler's security scanning capabilities.

Read more about it in our blog: AWS EUSC with Prowler

☁️ Alibaba Cloud Provider (Full Support)

Alibaba Cloud now has full support in the Prowler App! After being introduced in the CLI in v5.15.0, this release brings complete API and UI integration, enabling you to:

Add and manage Alibaba Cloud providers from the UI
Run security scans against your Alibaba Cloud infrastructure
View findings and compliance status alongside other cloud providers
Calculate Prowler ThreatScore for Alibaba Cloud environments

Explore all 63 Alibaba Cloud checks at Prowler Hub.

☁️ Cloudflare Provider - CLI Only

Prowler now supports Cloudflare as a first-class cloud provider! Scan your Cloudflare infrastructure for security misconfigurations across zones, DNS, email, WAF, and more.
Available checks include:

TLS/SSL configuration validation
DNS record security
Email security (SPF, DKIM, DMARC)
Bot protection settings
WAF configuration
Privacy and anti-scraping settings
Zone configuration best practices

Explore all Cloudflare checks at Prowler Hub.

📚 New Compliance Frameworks

CIS 5.0 for Azure

The latest CIS Azure Foundations Benchmark v5.0 is now available, bringing updated security controls aligned with current Azure best practices.

CIS 6.0 for Microsoft 365

New CIS Microsoft 365 Benchmark v6.0 compliance framework for comprehensive M365 security assessment.

CIS 1.12 for Kubernetes

Updated CIS Kubernetes Benchmark v1.12 with the latest container security controls.

🤖 AI Skills Pack

Prowler now includes an AI Skills Pack for AI coding assistants like Claude Code, OpenCode, and Codex. Following the agentskills.io standard, this enables AI assistants to better understand Prowler's codebase and contribute more effectively.

🧩 New Checks

GCP - Compute (10 new checks)

compute_instance_group_multiple_zones - Ensure instance groups span multiple zones for HA
compute_instance_group_autohealing_enabled - Verify autohealing is configured
compute_instance_group_load_balancer_attached - Check load balancer attachment
compute_instance_disk_auto_delete_disabled - Prevent accidental data loss
compute_configuration_changes - Detect configuration changes in Cloud Audit Logs
compute_instance_single_network_interface - Enforce single NIC policy
compute_image_not_publicly_shared - Prevent public image exposure
compute_snapshot_not_outdated - Identify stale snapshots
compute_project_os_login_2fa_enabled - Enforce 2FA for OS Login
compute_instance_on_host_maintenance_migrate - Verify live migration settings

🚀 Azure Entra Performance

We've improved performance when retrieving user registration and MFA details from the Azure and M365 Entra services. As part of this enhancement, an additional API call is now required for Azure, which means that service principals used to scan Azure must be granted the Audit.Read.All permission. You can find more details in our documentation.

[!NOTE]
M365 apps don't need any update, since it was already required.

🔐 Security Updates

Security patches across all components:

Django 5.1.15 (CVE-2025-64460, CVE-2025-13372)
Node.js 24.13.0 LTS (8 CVEs from January 2026 advisory)
Werkzeug 3.1.4 (CVE-2025-66221)
django-allauth v65.13.0 (CVE-2025-65431)
pyasn1 v0.6.2 (CVE-2026-23490)
safety 3.7.0 (CVE-2025-68146)
LangChain 1.2.10 and @langchain/core 1.1.15

UI

🚀 Added

Search bar when adding a provider (#9634)
New findings table UI with new design system components, improved filtering UX, and enhanced table interactions (#9699)
Gradient background to Risk Plot for visual risk context (#9664)
ThreatScore pillar breakdown to Compliance Summary page and detail view (#9773)
Provider and Group filters to Resources page (#9492)
Compliance Watchlist component in Overview page (#9786)
Add a new main section for list Attack Paths scans, execute queries on them and view their result as a graph (#9805)
Resource group label filter to Resources page (#9820)

🔄 Changed

Refactor Lighthouse AI MCP tool filtering from blacklist to whitelist approach for improved security (#9802)
Refactor ScatterPlot as reusable generic component with TypeScript generics (#9664)
Rename resource_group filter to group in Resources page and Overview cards (#9492)
Update Resources filters to use __in format for multi-select support (#9492)
Swap Risk Plot axes: X = Fail Findings, Y = Prowler ThreatScore (#9664)
Remove duplicate scan_id filter badge from Findings page (#9664)
Remove unused hasDots prop from RadialChart component (#9664)