performing-gcp-security-assessment-with-forseti

Featured

Performing comprehensive security assessments of Google Cloud Platform environments using Forseti Security, Security Command Center, and gcloud CLI to audit IAM policies, firewall rules, storage permissions, and compliance against CIS GCP Foundations Benchmark.

AI & Automation 13,115 stars 1533 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing GCP Security Assessment with Forseti ## When to Use - When conducting periodic security assessments of GCP organizations and projects - When onboarding new GCP projects and establishing security baselines - When compliance mandates CIS GCP Foundations Benchmark evaluation - When auditing IAM bindings, firewall rules, and storage ACLs across multiple GCP projects - When building continuous security monitoring for GCP infrastructure **Do not use** as a replacement for GCP Security Command Center Premium for real-time threat detection, for application-level vulnerability scanning (use Web Security Scanner), or for GKE-specific security (use GKE Security Posture). ## Prerequisites - GCP Organization with Organization Admin or Security Admin IAM role - gcloud CLI authenticated with sufficient permissions (`roles/securitycenter.admin`, `roles/iam.securityReviewer`) - Security Command Center (SCC) enabled at the organization level - ScoutSuite installed for multi-cloud comparison (`pip install scoutsuite`) - Python 3.8+ for custom audit scripts using google-cloud-asset and google-cloud-securitycenter libraries ## Workflow ### Step 1: Enable Security Command Center and Asset Inventory Enable SCC and set up Cloud Asset Inventory for comprehensive resource visibility. ```bash # Enable Security Command Center API gcloud services enable securitycenter.googleapis.com \ --project=PROJECT_ID # Enable Cloud Asset API gcloud services enable cloudasset.googleapis.com \...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Google Cloud · Cloud

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

gcp-security-scanner

GCP security configuration scanning and hardening using Security Command Center, Forseti, and ScoutSuite

1,160 Updated today
a5c-ai
DevOps & Infrastructure Featured

auditing-cloud-with-cis-benchmarks

This skill details how to conduct cloud security audits using Center for Internet Security benchmarks for AWS, Azure, and GCP. It covers interpreting CIS Foundations Benchmark controls, running automated assessments with tools like Prowler and ScoutSuite, remediating failed controls, and maintaining continuous compliance monitoring against CIS v5 for AWS, v4 for Azure, and v4 for GCP.

13,115 Updated today
mukul975
AI & Automation Solid

performing-gcp-penetration-testing-with-gcpbucketbrute

Perform GCP security testing using GCPBucketBrute for storage bucket enumeration, gcloud IAM privilege escalation path analysis, and service account permission auditing

13,115 Updated today
mukul975
DevOps & Infrastructure Featured

cloud-penetration-testing

Conduct comprehensive security assessments of cloud infrastructure across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP).

39,350 Updated today
sickn33
DevOps & Infrastructure Solid

cloud-penetration-testing

This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.

27,705 Updated today
davila7