Skip to content

Commit 7a5bd00

Browse files
gebalamariuszgebalamariusz
committed
docs: correct Prowler comparison in README per @toniblyx feedback
Fix inaccurate claims in the "How It Compares" table that mischaracterized Prowler, raised by @toniblyx in toniblyx/my-arsenal-of-aws-security-tools#126: - Compliance frameworks for Prowler: "CIS" -> 41 (CIS, PCI-DSS, HIPAA, SOC2, NIST 800, ISO 27001, GDPR, FedRAMP, NIS2, MITRE ATT&CK + more) - Auto-remediation: "CIS only" -> 55 fixers across 17 AWS services - Attack chains: "No" -> Yes via Prowler App (Cartography + Neo4j graph) - IAM privilege escalation: "No" -> Yes via Prowler App Attack Paths - AI-SPM (Bedrock + SageMaker): "No" -> ~20 checks across both services - AWS checks: 576 -> 572 (current master) - Removed Trivy column (different category: container-first scanner) - Added multi-cloud row as key Prowler advantage - Rewrote surrounding prose to frame Prowler as the standard and cloud-audit as a complementary AWS-focused tool, not a competitor Prowler stats verified from github.com/prowler-cloud/prowler master (April 2026) via README table, fixer file count, and service directory listing.
1 parent 45ceec8 commit 7a5bd00

1 file changed

Lines changed: 22 additions & 13 deletions

File tree

README.md

Lines changed: 22 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -181,19 +181,28 @@ claude mcp add cloud-audit -- uvx --from cloud-audit cloud-audit-mcp
181181

182182
## How It Compares
183183

184-
| Feature | Prowler | Trivy | cloud-audit |
185-
|---------|---------|-------|-------------|
186-
| Checks | 576 | 517 | **94** |
187-
| Attack chains + root-cause grouping | No | No | **31 rules** |
188-
| What-If remediation simulator | No | No | **Yes** |
189-
| IAM privilege escalation | No | No | **25 methods** |
190-
| Remediation per finding | CIS only | No | **100% (CLI + TF)** |
191-
| AI-SPM (Bedrock/SageMaker) | No | No | **Yes** |
192-
| Compliance frameworks | CIS | -- | **6** |
193-
194-
cloud-audit has fewer checks but goes deeper per finding: attack chain correlation, root-cause grouping, cost estimates, and a simulator that shows the impact of each fix before you apply it. If you need exhaustive multi-cloud compliance coverage, use Prowler. If you need to know what to fix first and why, cloud-audit is built for that.
195-
196-
<sub>Feature snapshot as of v2.0.0 (April 2026).</sub>
184+
[Prowler](https://github.com/prowler-cloud/prowler) is the AWS security standard: 572 checks across 83 services, 41 compliance frameworks (CIS, PCI-DSS, HIPAA, SOC2, NIST 800, ISO 27001, GDPR, FedRAMP, NIS2, MITRE ATT&CK and more), 55 auto-remediation fixers, and graph-based attack path analysis in the Prowler App (Cartography + Neo4j). It also covers Azure, GCP, Kubernetes, M365, and 10+ other providers.
185+
186+
cloud-audit is AWS-only and intentionally narrower (94 curated checks). It goes deep where Prowler goes wide: attack chain correlation and IAM escalation detection run in the free CLI with zero infrastructure, every finding ships with reviewable Terraform + AWS CLI remediation, and scan diff / drift tracking is built into the CLI.
187+
188+
| Feature | Prowler | cloud-audit |
189+
|---------|---------|-------------|
190+
| AWS checks | 572 across 83 services | 94 across 23 services |
191+
| Compliance frameworks (AWS) | 41 (CIS, PCI-DSS, HIPAA, SOC2, NIST, ISO 27001, GDPR, FedRAMP, NIS2, ...) | 6 (CIS v3.0, SOC 2, BSI C5, ISO 27001, HIPAA, NIS2) |
192+
| Auto-remediation | 55 fixers across 17 AWS services (direct API calls) | 94/94 findings with CLI + Terraform output (reviewable, you apply) |
193+
| Attack path / graph analysis | Prowler App (Cartography + graph queries) | CLI-native (31 rules, no infra) |
194+
| IAM privilege escalation graph | Prowler App | CLI-native (25 methods) |
195+
| What-If remediation simulator | No | Yes |
196+
| AI/ML security checks (Bedrock + SageMaker) | ~20 checks | 5 checks + 3 attack chain rules |
197+
| Scan diff / drift tracking | Prowler App | Built-in CLI (`cloud-audit diff`) |
198+
| Breach cost estimates (USD) | No | Per-finding + per-chain |
199+
| MCP Server | Free | Free |
200+
| Multi-cloud | AWS + 13 others | AWS only |
201+
| License | Apache 2.0 | MIT |
202+
203+
Use Prowler for compliance breadth, multi-cloud coverage, and graph-based attack path analysis. Use cloud-audit for fast CLI-native attack chain detection, reviewable Terraform remediation, and CI/CD drift tracking. They are complementary, not competitors - a common setup is Prowler for quarterly compliance evidence plus cloud-audit daily in CI/CD.
204+
205+
<sub>Prowler stats verified from github.com/prowler-cloud/prowler (April 2026). cloud-audit snapshot as of v2.0.1.</sub>
197206

198207
---
199208

0 commit comments

Comments
 (0)