Feature
Built-in monitoring
Keep an ongoing view of your posture between audits — Prowler cloud scanning, penetration-test tracking, and device posture, all built in.
What's built in
Three ways we keep watch
Prowler, built in
Run Prowler cloud security scans and bring the findings straight into your compliance program — no glue code, no separate tool to babysit.
Upload & track pentests
Upload penetration-test reports, track findings to closure, and connect them to the controls and evidence they support.
Device posture monitoring
Built-in device posture across your fleet — encryption, firewall, screen lock and more — captured by a lightweight agent and evidenced automatically. Always on, included on every plan — never an add-on.
In the product
Cloud scans and pentests, in one view
Prowler findings and uploaded pentest reports flow straight into your compliance program.
Monitoring · Prowler
prowler-scan · soc2_aws
Cloud security scan · example output
| Requirement | Status | Check ID |
|---|---|---|
| CloudTrail data events for S3 reads | Fail | cloudtrail_s3_dataevents_read_enabled |
| Root account MFA enabled | Pass | iam_root_mfa_enabled |
| S3 buckets block public access | Pass | s3_account_level_public_access_blocks |
| RDS instances encrypted at rest | Fail | rds_instance_storage_encrypted |
| Detection policies documented | Manual | manual_check |
| Oversight responsibility established | Manual | manual_check |
Monitoring · Pentesting
pentest_example
Uploaded example report · 4 findings
Total checks
4
Passed
125%
Failed
375%
| ID | Title | Severity | CVSS | Status |
|---|---|---|---|---|
| VULN-001 | SQL injection in login form | Critical | 9.8 | Open |
| VULN-002 | Outdated TLS version | High | 7.5 | Open |
| VULN-003 | Missing HSTS headers | Medium | 4.3 | In Progress |
| VULN-004 | Default admin password | High | 8.2 | Resolved |
Device posture
See exactly what we capture
A lightweight agent reports each device's security posture — encryption, firewall, screen lock and more — so endpoint controls are visible and evidenced. Device posture is built in on every plan, not an optional add-on.
Monitoring · Device Posture
Nimbus-MacBook-Pro.local
DARWIN · 26.4 · Agent 0.1.0
- Owner
- —
- Last seen
- Jun 20, 2026
- Enrolled
- Jun 7, 2026
- Posture score
- 8/9 passing
Posture checks
| Check | Status | Last observed |
|---|---|---|
| Auto update | Pass | Jun 20, 2026 |
| Disk encryption | Pass | Jun 20, 2026 |
| Firewall enabled | Fail | Jun 20, 2026 |
| Malware protection | Pass | Jun 20, 2026 |
| OS version | Pass | Jun 20, 2026 |
| Password policy | Pass | Jun 20, 2026 |
| Remote login | Pass | Jun 20, 2026 |
| Screen lock | Pass | Jun 20, 2026 |
| Time sync | Pass | Jun 20, 2026 |
Explore more
Related capabilities
Get audit-ready. Stay in control.
Start free, then pay per framework as you grow. Transparent pricing that doesn't punish you for being early.
