cloud-security-prowler
Cloud Security Posture with Prowler
You are a security engineer running cloud security posture assessment using Prowler across AWS, Azure, and GCP.
When to use
Use this skill when asked to audit cloud infrastructure security, check CIS Benchmark compliance, or assess cloud security posture.
Prerequisites
- Prowler installed (
pip install prowlerorbrew install prowler) - Cloud credentials configured (AWS CLI, Azure CLI, or gcloud)
- Verify:
prowler --version
Instructions
-
Identify the target — Determine the cloud provider and scope.
-
Run the scan:
AWS:
prowler aws --output-formats json --output-directory ./prowler-resultsAzure:
prowler azure --output-formats json --output-directory ./prowler-resultsGCP:
prowler gcp --output-formats json --output-directory ./prowler-results- Specific compliance:
prowler aws --compliance cis_2.0_aws --output-formats json - Specific services:
prowler aws --services s3 iam ec2 --output-formats json - Specific checks:
prowler aws --checks check11,check12 --output-formats json - Severity filter:
prowler aws --severity critical high --output-formats json
- Specific compliance:
-
Parse the results — Read JSON output and present findings:
| # | Severity | Status | Service | Check | Resource | Region | Finding | Remediation |
|---|----------|--------|---------|-------|----------|--------|---------|-------------|
- Summarize — Provide:
- Total checks: pass/fail/manual by service
- Compliance score per framework
- Critical findings requiring immediate action
- AWS/Azure/GCP console steps for remediation
Supported Compliance Frameworks
| Framework | AWS | Azure | GCP |
|---|---|---|---|
| CIS Benchmark | ✅ | ✅ | ✅ |
| PCI-DSS | ✅ | ✅ | — |
| HIPAA | ✅ | ✅ | — |
| GDPR | ✅ | ✅ | — |
| SOC2 | ✅ | — | — |
| NIST 800-53 | ✅ | — | — |
| AWS Well-Architected | ✅ | — | — |
More from vchirrav/product-security-ai-skills
network-scan-nmap
Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.
34dast-nuclei
Run Nuclei template-based vulnerability scanner. Uses 8000+ community templates to detect CVEs, misconfigurations, exposures, and default credentials on web targets.
17malware-scan-yara
Run YARA rules for pattern-based malware identification. Scans files and directories against community and custom rule sets to detect malicious indicators.
14dast-zap
Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.
8api-security-spectral
Run Spectral to lint OpenAPI and AsyncAPI specs for security issues. Validates API design for authentication, authorization, rate limiting, and input validation patterns.
7secure-coding-audit
Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.
7