Feature search
Which component would this feature affect?
Prowler UI
Related to specific cloud provider?
All providers
New feature motivation
🚀 Feature Request: Add Custom Security Compliance Framework via UI
📌 Title
Enable Creation and Management of Custom Compliance Frameworks from Prowler UI (Self-Hosted)
🧭 Background
Currently, Prowler Cloud (self-hosted) does not provide a native way to create or import custom compliance frameworks through the UI. Compliance frameworks such as CIS, ISO, and others are pre-defined and managed internally within the backend.
To introduce custom compliance frameworks, users must:
Modify backend source code
Inject data into database seeds
Rebuild/redeploy containers
This approach is:
❌ Not user-friendly
❌ Not scalable for enterprise environments
❌ Not upgrade-safe
The current implementation prevents security teams from:
Rapidly adapting compliance requirements
Creating organization-specific controls
Managing compliance without engineering dependency
Solution Proposed
Proposed Solution
Introduce a UI-driven Custom Compliance Framework Builder with the following capabilities:
Create Custom Framework via UI
Allow users to define:
- Framework Name
- Description
- Cloud Provider (AWS/Azure/GCP)
Expected Benefits
- Enables enterprise-grade customization
- Eliminates backend dependency
- Improves adoption for security teams
- Supports internal governance models
- Aligns with DevSecOps workflows
Use case and benefits
Example Use Case
An organization wants to create:
Framework: Enterprise Security Baseline
- ENT-001 → S3 Public Access
- ENT-002 → MFA Enforcement
- ENT-003 → Open Security Groups
Mapped directly to Prowler checks and visualized in dashboard
Describe alternatives you've considered
Custom software development
Additional context
No response
Feature search
Which component would this feature affect?
Prowler UI
Related to specific cloud provider?
All providers
New feature motivation
🚀 Feature Request: Add Custom Security Compliance Framework via UI
📌 Title
Enable Creation and Management of Custom Compliance Frameworks from Prowler UI (Self-Hosted)
🧭 Background
Currently, Prowler Cloud (self-hosted) does not provide a native way to create or import custom compliance frameworks through the UI. Compliance frameworks such as CIS, ISO, and others are pre-defined and managed internally within the backend.
To introduce custom compliance frameworks, users must:
Modify backend source code
Inject data into database seeds
Rebuild/redeploy containers
This approach is:
❌ Not user-friendly
❌ Not scalable for enterprise environments
❌ Not upgrade-safe
The current implementation prevents security teams from:
Rapidly adapting compliance requirements
Creating organization-specific controls
Managing compliance without engineering dependency
Solution Proposed
Proposed Solution
Introduce a UI-driven Custom Compliance Framework Builder with the following capabilities:
Create Custom Framework via UI
Allow users to define:
Expected Benefits
Use case and benefits
Example Use Case
An organization wants to create:
Framework: Enterprise Security Baseline
Mapped directly to Prowler checks and visualized in dashboard
Describe alternatives you've considered
Custom software development
Additional context
No response