Skip to main content
Use open-source scanning to validate and extend Microsoft Defender for Cloud

Overview

If you’re using Microsoft Defender for Cloud to monitor your Azure infrastructure, Prowler can complement it with fully transparent, customizable scans across Azure, AWS, GCP, and Kubernetes. Prowler helps you validate policies, automate compliance, and gain deeper visibility—all from the CLI, API or our Prowler UI. You can run Prowler alongside Defender for Cloud to:
  • Double-check security posture with open-source checks.
  • Customize rules for your organization’s policies.
  • Bring your own, or community contributed policies.
  • Automate multi-cloud scans in CI/CD or scheduled jobs.

Why use Prowler with Defender for Cloud

Microsoft Defender for Cloud offers centralized dashboards, alerting, and some cross-cloud coverage. Prowler provides full transparency and control over what’s being checked and how those checks work—no vendor lock-in, no surprises. Use them together to get:
  • More confidence in your security posture
  • Checks you can inspect, modify, and version
  • CLI-first, portable scanning across clouds
  • Open-source tooling that integrates easily into pipelines and audits

Quickstart

Here’s how to install Prowler and run a scan in your Azure account.

1. Install Prowler

git clone https://github.com/prowler-cloud/prowler
cd prowler
./install.sh

2. Authenticate with Azure

Make sure you’re signed in and select your subscription: 
az login
export AZURE_SUBSCRIPTION_ID=$(az account show --query id -o tsv)

3. Run a scan

./prowler -p Azure -f az-aks -f az-general
This will run checks focused on Azure Kubernetes Service (AKS) and general Azure best practices.

4. Review results

cat output/prowler-output-*.json
open output/prowler-output-*.html
You can export findings in JSON, CSV, JUnit, HTML, or AWS Security Hub–compatible formats.

Compare capabilities

FeatureMicrosoft Defender for CloudProwler
Azure-native posture management
AWS, GCP, and Kubernetes support⚠️ (limited)
Custom policy creation
CLI-first, scriptable
Open source
Compliance mappings (CIS, NIST, etc.)✅ (limited control)✅ (customizable)
Exportable detections

Common use cases

✅ Validate policies Run Prowler to confirm your Azure policies are configured as expected and compliant with frameworks like CIS or NIST. ✅ Automate compliance scans Schedule regular Prowler scans in your CI/CD pipeline or infrastructure monitoring workflows. Generate reports for auditors or internal reviews. ✅ Extend detection coverage If Defender for Cloud doesn’t cover all the services or resources in your environment, Prowler’s checks fill in the gaps. ✅ Build custom checks Security is never one-size-fits-all. Prowler lets you write your own checks for organization-specific policies.
I