Does this skill work with both AWS and Google Cloud?

Yes, it uses boto3 for AWS EC2/SSM and google-cloud APIs for GCE to implement workload protection across both major cloud platforms.

What kind of threats can this skill detect?

It is designed to scan for cryptomining software, reverse shells, unauthorized binaries, and suspicious outbound network connections.

How does it detect file integrity issues?

It monitors critical system files and facilitates binary hash comparisons to detect unauthorized modifications or additions to the environment.

Can I use this for compliance auditing?

Absolutely. This skill helps establish and verify security controls aligned with compliance requirements for cloud compute workloads.

Does it require specific cloud permissions?

Yes, it requires appropriate cloud provider credentials, such as AWS SSM permissions, to execute commands and monitor instance states.

Cloud Workload Protection Implementation

Name: Cloud Workload Protection Implementation
Author: micsapp

bymicsapp

0•

Seguridad y Pruebas

Implements runtime security monitoring and threat detection for cloud compute workloads on AWS and Google Cloud.

This skill enables Claude to deploy and configure Cloud Workload Protection Platform (CWPP) capabilities by leveraging boto3 and Google Cloud APIs. It specializes in runtime security monitoring, detecting process anomalies such as cryptominers and reverse shells, and performing file integrity checks on EC2 and GCE instances. By automating security controls and auditing network connections for C2 callbacks, it helps security teams maintain compliance and protect infrastructure from unauthorized binaries and resource-heavy threats.

Características Principales

01Automated security scanning via AWS SSM and GCP APIs

02Runtime process monitoring for cryptominers and reverse shells

03File integrity monitoring (FIM) for critical system files

04Network connection auditing for Command & Control (C2) callbacks

05Resource utilization anomaly detection to identify CPU spikes

060 GitHub stars

Casos de Uso

01Automating the detection of unauthorized binaries and malware on cloud instances

02Establishing runtime security controls aligned with compliance frameworks

03Conducting security assessments of cloud compute environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills implementing-cloud-workload-protection

For use in Claude.ai and ChatGPT

Características Principales

01Automated security scanning via AWS SSM and GCP APIs

02Runtime process monitoring for cryptominers and reverse shells

03File integrity monitoring (FIM) for critical system files

04Network connection auditing for Command & Control (C2) callbacks

05Resource utilization anomaly detection to identify CPU spikes

060 GitHub stars

Casos de Uso

01Automating the detection of unauthorized binaries and malware on cloud instances

02Establishing runtime security controls aligned with compliance frameworks

03Conducting security assessments of cloud compute environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills implementing-cloud-workload-protection

For use in Claude.ai and ChatGPT