mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00

Files

T

mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders

2026-03-10 21:02:12 +01:00

2.3 KiB

Raw Blame History

API Reference: Implementing AWS Security Hub Compliance

Libraries

boto3 -- Security Hub + S3 Remediation

Install: pip install boto3
Docs: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/securityhub.html

Key Security Hub Methods

Method	Description
`enable_security_hub()`	Enable Security Hub with standards
`batch_enable_standards()`	Enable CIS, FSBP, PCI DSS, NIST
`get_findings()`	Query findings with compliance filters
`batch_update_findings()`	Update workflow status and add notes
`create_insight()`	Custom compliance aggregation views
`create_finding_aggregator()`	Cross-region consolidation
`enable_organization_admin_account()`	Org-wide admin delegation
`update_organization_configuration()`	Auto-enable for new accounts

Key S3 Remediation Methods

Method	Description
`put_public_access_block()`	Block all public access on bucket
`get_bucket_encryption()`	Check encryption configuration
`put_bucket_encryption()`	Enable default SSE-S3 or SSE-KMS

Finding Filters

Filter Field	Values
`ComplianceStatus`	PASSED, FAILED, WARNING, NOT_AVAILABLE
`SeverityLabel`	CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL
`WorkflowStatus`	NEW, NOTIFIED, RESOLVED, SUPPRESSED
`RecordState`	ACTIVE, ARCHIVED
`GeneratorId`	Standard-specific prefix for filtering

Compliance Standards

Standard	Generator ID Prefix
AWS FSBP	`aws-foundational-security-best-practices`
CIS AWS	`cis-aws-foundations-benchmark`
PCI DSS	`pci-dss`
NIST 800-53	`nist-800-53`

EventBridge Auto-Remediation Pattern

Source: aws.securityhub
Detail type: Security Hub Findings - Imported
Target: Lambda function for automated fix
Best practice: Only auto-remediate safe controls (S3 public access, encryption)

External References

Security Hub Compliance: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards.html
ASFF Reference: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html
Auto-Remediation Patterns: https://aws.amazon.com/blogs/security/automated-response-and-remediation-with-aws-security-hub/

2.3 KiB Raw Blame History

API Reference: Implementing AWS Security Hub Compliance

Libraries

boto3 -- Security Hub + S3 Remediation

Key Security Hub Methods

Key S3 Remediation Methods

Finding Filters

Compliance Standards

EventBridge Auto-Remediation Pattern

External References

2.3 KiB

Raw Blame History