You might associate the name ‘Prowler’ with a character from the Spider-Man universe, but in the world of cloud security, it’s a name that’s garnering significant attention. Conceived by Toni de la Fuente, a former Amazon Web Services (AWS) security engineer, Prowler has made a name for itself as an open-source cloud security platform. Since its inception in 2016, it has been widely adopted by tech giants like AWS, Salesforce, Siemens, Tesla, and IBM. The platform, known for its versatility and ease of deployment, has recently secured US$6 million in seed funding led by Decibel VC, aiming to develop a managed service offering. This investment will enhance Prowler’s capabilities and introduce new features throughout 2024.
Understanding Prowler: A tool transforming cloud security
What makes Prowler stand out in the cloud security landscape? Its Python code stack, designed to cater to the evolving needs of security teams, offers over 300 controls across various security frameworks, including CIS, PCI-DSS, and GDPR. The platform’s compatibility with AWS, Microsoft Azure, Google Cloud, and Kubernetes simplifies deployment across multiple accounts. This allows for continuous monitoring and faster execution with personalised support and integrations. With the recent funding, the platform is set to undergo significant enhancements.
Casey Rosenthal, co-founder and CEO of the new Prowler company, emphasises the platform’s growing significance. In an exclusive interview with VentureBeat, Rosenthal, who has experience from Netflix’s “chaos” engineering team and Verica, a continuous verification software maker, shared insights into cybersecurity transformation. He believes cybersecurity is at an inflexion point, mirroring the evolution cloud infrastructure underwent a decade ago. This transformation is marked by a shift in decision-making power within organisations. Given their proximity to operational realities, security engineers are increasingly influencing the choice of security tools, turning to platforms like Prowler for more tailored solutions.
Decibel VC’s endorsement: Why Prowler stands out
Decibel VC’s backing of Prowler is rooted in its understanding of the unique challenges in securing dynamic cloud environments. Jon Sakoda, founding partner of Decibel VC and a cybersecurity veteran, highlights the market’s limitations of ‘one-size-fits-all’ solutions. He acknowledges the need for more bespoke, granular cloud security solutions, noting that many security engineers have started to write their own rules and detections. This trend has led to a preference for open-source options like Prowler, which offer more control and adaptability.
Launching a commercial aspect of Prowler arises from its success as an open-source product. The commercial offerings aim to complement the free, community-driven version, focusing on managed services and hosting. This approach aligns with a mission to maximise open-source utilisation while supporting larger organisations with additional features and integrations.
