About UsSoftware Security
All Prowler code goes through the same security pipeline, whether running on Prowler Cloud or self-managed infrastructure: DAST, SAST, SCA, container scanning, and secrets detection on every build.Software Security
Security tools and practices applied to all Prowler code.
Prowler Cloud vs Self-Managed
| Prowler Cloud | Self-Managed | |
|---|---|---|
| Deployment | Fully managed SaaS | Own infrastructure |
| Region | EU (Ireland) | Any region or provider |
| Compliance | SOC 2 Type II, AWS FTR | Organization responsibility |
| Data Control | Prowler managed | Full control |
| Encryption | AES-256 at rest, TLS 1.2+ in transit | Configurable |
| Backups | Automated | Organization responsibility |
| Updates | Automatic | Manual |
Self-Managed includes Prowler App and Prowler CLI. They can run anywhere — any cloud provider, any region, on-premises, or air-gapped environments. Full control over data residency and infrastructure decisions. See the Prowler App Installation Guide to get started.
Prowler Cloud
This section covers security and compliance for Prowler Cloud, the managed infrastructure.Trust & Compliance
Prowler Cloud holds compliance certifications and undergoes regular audits.| Certification | Status |
|---|---|
| SOC 2 Type II | View on Trust Portal |
| AWS Foundational Technical Review (FTR) | Passed — Details |
Security
Encryption
Data encrypted at rest (AES-256) and in transit (TLS 1.2+).
Data Regions
EU-hosted infrastructure with high availability and disaster recovery.
Networking
Static egress IPs for firewall allowlisting.