feat: Ability to configure rule based alerts to existing connector / integrations #9717
Description
Feature search
- I have searched the existing issues and this feature has not been requested yet or is already in our Public Roadmap
Which component would this feature affect?
Prowler API
Related to specific cloud provider?
No response
New feature motivation
There may be certain findings within an organization which may require immediate remedition. For instance, a fresh compute instance has been created however, they missed to configure security groups properly (e.g. closing 22 port, etc.) hence putting the network in risk.
These may require immediate attention as people are not very likely to check and review the daily scan reports with rule on periodic basis and these critical fidings might accidently slip.
Solution Proposed
Providing a configurable alerting system would be very helpful to work and mitigate such situations. For instance:
- Alert when specific finding fails.
- [ support for other more granular rules can be added gradually ]
Use case and benefits
- Reduce attack surface and mitigate risks on timely manner.
- Smoother compliance operations.
- Quick resolution of findings.
Describe alternatives you've considered
- For now, the only way is to track the dashboard manually.
- Setup custom integration using n8n or something when n8n integration is live.
- Put some manual script or workflow using prowler APIs.
Additional context
No response