Is this a true statement: "Prowler results do not show the 'Framework' associated with the findings" #2055
Replies: 2 comments 2 replies
-
|
https://docs.prowler.cloud/en/latest/tutorials/compliance/ Hi! In that section you can learn what is possible now: get the checks that belong to a compliance framework. Do you need the other way around? To what framework and requirements belong each check. Thanks. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks Toni - That may be it! I'll check it out - was not able to access that site yesterday/today* BUT - Your question is intriguing and would be awesome: "what framework and requirements belong each check". *FWIW: https://docs.prowler.pro/tutorials/compliance/ is not rendering correctly |
Beta Was this translation helpful? Give feedback.
-
|
fwiw - https://docs.prowler.pro/tutorials/compliance/ looks fine, must have ben a 'me' issue! |
Beta Was this translation helpful? Give feedback.
-
|
my bad, the correct URL is this one https://docs.prowler.cloud/en/latest/tutorials/compliance/ |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Pretty sure this is correct - Just looking for confirmation - "Prowler results do not show the 'Framework' associated with the findings".
I assume this is true as any 'finding ' relates to a control, and a control (s3_bucket_object_versioning) can appear in multiple sections of multiple frameworks.
If this is correct, is there any Prowler report that would show control checks by framework/id?
s3_bucket_object_versioning - used by - "<framework>-<provider1>" "<unique-id1>","<unique-id2>","<framework>-<provider2>" "<unique-id1>",Or something like that?
(basically, I can get that by inspecting the .json associated with compliance frameworks, didn't know if there was any existing report for that)
Beta Was this translation helpful? Give feedback.
All reactions