Summary
The repository has no cloud security skills. Cloud infrastructure is the dominant deployment target for modern applications, and misconfigurations in IAM policies, S3 buckets, security groups, and logging settings are consistently among the most exploited attack vectors (per Verizon DBIR and CISA advisories). Prowler is the leading open-source CSPM tool covering AWS, GCP, and Azure with 500+ checks.
Requested Skill: compliance/cspm-prowler
What to Cover
Core workflows:
- Run a full posture assessment against AWS/GCP/Azure
- Run scoped checks by compliance framework (CIS, PCI-DSS, SOC2, HIPAA, NIST)
- Export findings as JSON/CSV/SARIF for DefectDojo ingestion
- Filter by severity to surface critical misconfigs first
Key check categories:
- IAM: overly permissive policies, unused credentials, MFA enforcement, root account usage
- Storage: S3 public access, unencrypted buckets, logging disabled
- Networking: unrestricted security groups (0.0.0.0/0 on 22/3389), VPC flow logs disabled
- Logging: CloudTrail disabled, CloudWatch alarms not configured, Config rules missing
- Compute: IMDSv1 enabled, public AMIs, unencrypted EBS volumes
Example commands:
# Full AWS scan
prowler aws --output-formats json-asff html
# Scoped to PCI-DSS
prowler aws --compliance pci_dss_3.2.1
# Send to DefectDojo
prowler aws -M json | python3 skills/devsecops/vuln-defectdojo/scripts/import_findings.py \
--product "AWS Production" --engagement "Q2 Posture Review" --file -
Frameworks to Map
| Framework |
Prowler Compliance Key |
| CIS AWS Foundations Benchmark v2.0 |
cis_2.0_aws |
| PCI-DSS v3.2.1 |
pci_dss_3.2.1 |
| SOC 2 |
soc2 |
| HIPAA |
hipaa |
| NIST 800-53 |
nist_800_53_revision_5 |
| GDPR |
gdpr |
| ISO 27001 |
iso27001_2013 |
Integration with Existing Skills
- Pairs with
compliance/policy-opa for preventative policy enforcement
- Findings can feed into
devsecops/vuln-defectdojo for tracking over time
- Runtime detections can trigger
incident-response/ir-velociraptor
Why Prowler Over Alternatives
- Supports all 3 major cloud providers with a single CLI
- 100% open source (no SaaS required)
- Native output for all major compliance frameworks
- Active community (10k+ GitHub stars, weekly releases)
Summary
The repository has no cloud security skills. Cloud infrastructure is the dominant deployment target for modern applications, and misconfigurations in IAM policies, S3 buckets, security groups, and logging settings are consistently among the most exploited attack vectors (per Verizon DBIR and CISA advisories). Prowler is the leading open-source CSPM tool covering AWS, GCP, and Azure with 500+ checks.
Requested Skill:
compliance/cspm-prowlerWhat to Cover
Core workflows:
Key check categories:
Example commands:
Frameworks to Map
cis_2.0_awspci_dss_3.2.1soc2hipaanist_800_53_revision_5gdpriso27001_2013Integration with Existing Skills
compliance/policy-opafor preventative policy enforcementdevsecops/vuln-defectdojofor tracking over timeincident-response/ir-velociraptorWhy Prowler Over Alternatives