Built for the Nigerian Government & African Businesses on Cloud
Powered by Prowler · Built by Wrancorp
ZUMA is a production-grade Cloud Security Posture Management (CSPM) platform built specifically for the Nigerian government and African businesses operating on cloud infrastructure. It extends Prowler — the world's most widely used open-source cloud security tool — with real-time threat detection, AI-powered analysis, and Nigerian regulatory compliance built in.
Think of it as your cloud security control room: it continuously scans your AWS, GCP, and Azure accounts for misconfigurations, compliance violations, and active threats — then presents everything in one clean dashboard with actionable recommendations, no terminal required.
Nigerian government agencies and African businesses face unique challenges:
- NITDA Cybersecurity Framework compliance is mandatory for government IT systems
- NDPA 2023 (Nigeria Data Protection Act) requires strict data protection controls
- Data sovereignty — sensitive government data cannot be sent to foreign AI services
- Limited cloud security expertise — most teams need a no-code interface
- Air-gap requirements — some environments have no internet access
ZUMA solves all of these out of the box.
| Feature | Description |
|---|---|
| 🛡Security Scanning | 500+ checks across AWS, GCP, Azure, Kubernetes, GitHub via Prowler |
| 🇳🇬Nigerian Compliance | NITDA Cybersecurity Framework + NDPA 2023 — built-in, not an afterthought |
| 🧠UBA Engine | User & Entity Behaviour Analytics with 0–100 risk scoring and anomaly detection |
| ☁️Cloud Detections | AWS GuardDuty, GCP Security Command Center, Azure Defender — real-time polling |
| 🤖AI Assistant | MCP tool-calling AI that queries your real data (Groq cloud or local Ollama) |
| 📊Analytics | Pass/fail charts, severity trends, region heatmaps, compliance drill-down |
| 🔒Auth & RBAC | bcrypt password hashing, admin/analyst roles, first-time setup flow |
| 📦Resources Inventory | All cloud resources with finding counts and severity badges |
| 📋44 Frameworks | CIS, ISO 27001, PCI DSS, SOC 2, NIST, GDPR, HIPAA, MITRE ATT&CK, and more |
| 🐳Docker Ready | Full docker-compose with Postgres, Ollama, Prometheus, Grafana |
| Runs fully offline with local AI — no data leaves your network |
git clone https://github.com/wrancorp/zuma-dashboard
cd zuma-dashboard
pip install -r requirements.txt
python zuma.pyOpen http://localhost:5000 — you'll be guided through first-time setup to create your admin account.
cp .env.docker .env
# Edit .env with your settings
docker compose up -dZUMA includes two frameworks not available in standard Prowler:
The National Information Technology Development Agency framework for securing government IT systems. Covers 5 control categories:
| Control | Description |
|---|---|
| CC-1 | Identity & Access Management — MFA, least privilege, access key rotation |
| CC-2 | Data Protection & Encryption — encryption at rest and in transit, KMS |
| CC-3 | Audit Logging & Monitoring — CloudTrail, Config recorder, VPC flow logs |
| CC-4 | Network Security — security group restrictions, no public S3/RDS/EC2 |
| CC-5 | Incident Response & Recovery — GuardDuty, SecurityHub, backups |
Nigeria's primary data protection law, enforced by the Nigeria Data Protection Commission (NDPC). Key articles mapped to cloud controls:
| Section | Requirement |
|---|---|
| Section 24 | Data Security — encryption at rest and in transit |
| Section 25 | Access Control — MFA, least privilege, no root access keys |
| Section 26 | Audit & Records — CloudTrail, Config, log validation |
| Section 27 | Breach Notification — GuardDuty, SecurityHub, CloudWatch alarms |
| Section 34 | Data Minimisation — no public S3, RDS, EC2 |
| Section 43 | Cross-border Transfer — S3 policies, CloudFront HTTPS |
Available for AWS, GCP, and Azure.
The AI uses MCP (Model Context Protocol) tool-calling — it queries your real security data before answering:
You: "What are my biggest risks?"
→ AI calls get_threat_summary()
→ Gets real data from your DB
→ Answers with actual numbers from your environment
Two AI modes:
- Groq (cloud, fast, free tier) — for testing and development
- Ollama (local, air-gap safe) — for production and government use. All inference stays on your server. No data leaves your network.
zuma-dashboard/
├── zuma.py # Entry point (Flask + background scheduler)
├── config.py # All settings from .env
├── db.py # SQLAlchemy models (SQLite dev / Postgres prod)
├── services/
│ ├── scanner.py # Prowler scan runner (uses prowler venv)
│ ├── uba.py # UBA risk scoring engine
│ ├── guardduty.py # AWS GuardDuty poller
│ ├── gcp_scc.py # GCP Security Command Center poller
│ ├── azure_defender.py# Azure Defender poller
│ ├── ai.py # AI chat with MCP tool-calling
│ ├── mcp_tools.py # 5 MCP tools (alerts, entities, threats, detections, scans)
│ ├── compliance.py # Compliance framework drill-down
│ ├── providers.py # Cloud provider credential management
│ ├── auth.py # Authentication & RBAC
│ └── encryption.py # Credential encryption at rest
├── routes/
│ ├── main.py # All Flask routes (45+ endpoints)
│ └── metrics.py # Prometheus /metrics endpoint
└── templates/ # 24 Jinja2 HTML templates
Copy .env.docker to .env:
# Database (SQLite by default, Postgres for production)
ZUMA_DATABASE_URL=postgresql://user:pass@localhost:5432/zuma_db
# AI — leave GROQ_API_KEY empty to use local Ollama
GROQ_API_KEY=gsk_...
GROQ_FALLBACK_ENABLED=false # Never enable in production
# Security
ZUMA_SECRET_KEY=change-me-in-productionpython -m pytest tests/ -v
# 38 tests: auth, UBA engine, MCP tools, scanner, providers, rules, healthSee the built-in Help & Documentation page at /help in the dashboard for detailed guides on every feature, including step-by-step setup for each cloud provider.
For offline/air-gap deployment: OFFLINE_DEPLOY.md
ZUMA is designed, built, and maintained by Wrancorp — a cybersecurity company focused on building enterprise-grade security and cloud infrastructure tools for African governments and businesses.
Wrancorp builds the tools that African enterprises need to operate securely — without compromising on data sovereignty, regulatory compliance, or operational simplicity.
Contact: wrancorp@gmail.com · wrancorp.com
Contributions welcome. Please open an issue first to discuss what you'd like to change.
Core Team:
- Badmus (@iampopg) —
- Wrancorp Engineering Team
- Prowler — the world's most widely used open-source cloud security tool (Apache 2.0)
- Flask — web framework
- SQLAlchemy — database ORM
- Groq / Ollama — AI inference
Apache License 2.0 — same as Prowler.
Made with ❤️ for Nigeria and Africa by Wrancorp