prowler-cloud
diff --git a/‎README.md‎
Lines changed: 3 additions & 3 deletions b/‎README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎dashboard/compliance/fedramp_20x_ksi_low_aws.py‎
Lines changed: 46 additions & 0 deletions b/‎dashboard/compliance/fedramp_20x_ksi_low_aws.py‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎dashboard/compliance/fedramp_20x_ksi_low_azure.py‎
Lines changed: 46 additions & 0 deletions b/‎dashboard/compliance/fedramp_20x_ksi_low_azure.py‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎dashboard/compliance/fedramp_20x_ksi_low_gcp.py‎
Lines changed: 46 additions & 0 deletions b/‎dashboard/compliance/fedramp_20x_ksi_low_gcp.py‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎prowler/CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎prowler/CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
@@ -82,9 +82,9 @@ prowler dashboard
 
 | Provider | Checks | Services | [Compliance Frameworks](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/compliance/) | [Categories](https://docs.prowler.com/projects/prowler-open-source/en/latest/tutorials/misc/#categories) | Support | Interface |
 |---|---|---|---|---|---|---|
-| AWS | 576 | 82 | 38 | 10 | Official | UI, API, CLI |
-| GCP | 79 | 13 | 12 | 3 | Official | UI, API, CLI |
-| Azure | 162 | 19 | 12 | 4 | Official | UI, API, CLI |
+| AWS | 576 | 82 | 39 | 10 | Official | UI, API, CLI |
+| GCP | 79 | 13 | 13 | 3 | Official | UI, API, CLI |
+| Azure | 162 | 19 | 13 | 4 | Official | UI, API, CLI |
 | Kubernetes | 83 | 7 | 5 | 7 | Official | UI, API, CLI |
 | GitHub | 17 | 2 | 1 | 0 | Official | Stable | UI, API, CLI |
 | M365 | 70 | 7 | 3 | 2 | Official | UI, API, CLI |
 
@@ -0,0 +1,46 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    # Shorten the long FedRAMP KSI descriptions for better display
+    ksi_short_names = {
+        "A secure cloud service offering will protect user data, control access, and apply zero trust principles": "Identity and Access Management",
+        "A secure cloud service offering will use cloud native architecture and design principles to enforce and enhance the Confidentiality, Integrity and Availability of the system": "Cloud Native Architecture",
+        "A secure cloud service provider will ensure that all system changes are properly documented and configuration baselines are updated accordingly": "Change Management",
+        "A secure cloud service provider will continuously educate their employees on cybersecurity measures, testing them regularly": "Cybersecurity Education",
+        "A secure cloud service offering will document, report, and analyze security incidents to ensure regulatory compliance and continuous security improvement": "Incident Reporting",
+        "A secure cloud service offering will monitor, log, and audit all important events, activity, and changes": "Monitoring, Logging, and Auditing",
+        "A secure cloud service offering will have intentional, organized, universal guidance for how every information resource, including personnel, is secured": "Policy and Inventory",
+        "A secure cloud service offering will define, maintain, and test incident response plan(s) and recovery capabilities to ensure minimal service disruption and data loss": "Recovery Planning",
+        "A secure cloud service offering will follow FedRAMP encryption policies, continuously verify information resource integrity, and restrict access to third-party information resources": "Service Configuration",
+        "A secure cloud service offering will understand, monitor, and manage supply chain risks from third-party information resources": "Third-Party Information Resources",
+    }
+
+    # Replace long descriptions with short names - use contains for partial matching
+    if not aux.empty:
+        for long_desc, short_name in ksi_short_names.items():
+            mask = aux["REQUIREMENTS_DESCRIPTION"].str.contains(
+                long_desc, na=False, regex=False
+            )
+            aux.loc[mask, "REQUIREMENTS_DESCRIPTION"] = short_name
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,46 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    # Shorten the long FedRAMP KSI descriptions for better display
+    ksi_short_names = {
+        "A secure cloud service offering will protect user data, control access, and apply zero trust principles": "Identity and Access Management",
+        "A secure cloud service offering will use cloud native architecture and design principles to enforce and enhance the Confidentiality, Integrity and Availability of the system": "Cloud Native Architecture",
+        "A secure cloud service provider will ensure that all system changes are properly documented and configuration baselines are updated accordingly": "Change Management",
+        "A secure cloud service provider will continuously educate their employees on cybersecurity measures, testing them regularly": "Cybersecurity Education",
+        "A secure cloud service offering will document, report, and analyze security incidents to ensure regulatory compliance and continuous security improvement": "Incident Reporting",
+        "A secure cloud service offering will monitor, log, and audit all important events, activity, and changes": "Monitoring, Logging, and Auditing",
+        "A secure cloud service offering will have intentional, organized, universal guidance for how every information resource, including personnel, is secured": "Policy and Inventory",
+        "A secure cloud service offering will define, maintain, and test incident response plan(s) and recovery capabilities to ensure minimal service disruption and data loss": "Recovery Planning",
+        "A secure cloud service offering will follow FedRAMP encryption policies, continuously verify information resource integrity, and restrict access to third-party information resources": "Service Configuration",
+        "A secure cloud service offering will understand, monitor, and manage supply chain risks from third-party information resources": "Third-Party Information Resources",
+    }
+
+    # Replace long descriptions with short names - use contains for partial matching
+    if not aux.empty:
+        for long_desc, short_name in ksi_short_names.items():
+            mask = aux["REQUIREMENTS_DESCRIPTION"].str.contains(
+                long_desc, na=False, regex=False
+            )
+            aux.loc[mask, "REQUIREMENTS_DESCRIPTION"] = short_name
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -0,0 +1,46 @@
+import warnings
+
+from dashboard.common_methods import get_section_containers_cis
+
+warnings.filterwarnings("ignore")
+
+
+def get_table(data):
+    aux = data[
+        [
+            "REQUIREMENTS_ID",
+            "REQUIREMENTS_DESCRIPTION",
+            "REQUIREMENTS_ATTRIBUTES_SECTION",
+            "CHECKID",
+            "STATUS",
+            "REGION",
+            "ACCOUNTID",
+            "RESOURCEID",
+        ]
+    ].copy()
+
+    # Shorten the long FedRAMP KSI descriptions for better display
+    ksi_short_names = {
+        "A secure cloud service offering will protect user data, control access, and apply zero trust principles": "Identity and Access Management",
+        "A secure cloud service offering will use cloud native architecture and design principles to enforce and enhance the Confidentiality, Integrity and Availability of the system": "Cloud Native Architecture",
+        "A secure cloud service provider will ensure that all system changes are properly documented and configuration baselines are updated accordingly": "Change Management",
+        "A secure cloud service provider will continuously educate their employees on cybersecurity measures, testing them regularly": "Cybersecurity Education",
+        "A secure cloud service offering will document, report, and analyze security incidents to ensure regulatory compliance and continuous security improvement": "Incident Reporting",
+        "A secure cloud service offering will monitor, log, and audit all important events, activity, and changes": "Monitoring, Logging, and Auditing",
+        "A secure cloud service offering will have intentional, organized, universal guidance for how every information resource, including personnel, is secured": "Policy and Inventory",
+        "A secure cloud service offering will define, maintain, and test incident response plan(s) and recovery capabilities to ensure minimal service disruption and data loss": "Recovery Planning",
+        "A secure cloud service offering will follow FedRAMP encryption policies, continuously verify information resource integrity, and restrict access to third-party information resources": "Service Configuration",
+        "A secure cloud service offering will understand, monitor, and manage supply chain risks from third-party information resources": "Third-Party Information Resources",
+    }
+
+    # Replace long descriptions with short names - use contains for partial matching
+    if not aux.empty:
+        for long_desc, short_name in ksi_short_names.items():
+            mask = aux["REQUIREMENTS_DESCRIPTION"].str.contains(
+                long_desc, na=False, regex=False
+            )
+            aux.loc[mask, "REQUIREMENTS_DESCRIPTION"] = short_name
+
+    return get_section_containers_cis(
+        aux, "REQUIREMENTS_ID", "REQUIREMENTS_ATTRIBUTES_SECTION"
+    )
@@ -19,6 +19,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
 - Add multiple compliance improvements [(#9145)](https://github.com/prowler-cloud/prowler/pull/9145)
 - Added validation for invalid checks, services, and categories in `load_checks_to_execute` function [(#8971)](https://github.com/prowler-cloud/prowler/pull/8971)
 - NIST CSF 2.0 compliance framework for the AWS provider [(#9185)](https://github.com/prowler-cloud/prowler/pull/9185)
+- Add FedRAMP 20x KSI Low for AWS, Azure and GCP [(#9198)](https://github.com/prowler-cloud/prowler/pull/9198)
 
 ### Changed
 - Update AWS Direct Connect service metadata to new format [(#8855)](https://github.com/prowler-cloud/prowler/pull/8855)