Cloud Security Knowledge Base Search
Query the Trend Micro knowledge base for cloud provider rules, security best practices, and compliance information.
Instructions
- •
Identify the cloud provider from the user's query:
- •AWS keywords: EC2, S3, Lambda, IAM, RDS, VPC, CloudFront, etc.
- •Azure keywords: Storage Account, VM, App Service, Key Vault, etc.
- •GCP keywords: Compute Engine, Cloud Storage, BigQuery, GKE, etc.
- •Alibaba keywords: ECS, OSS, ApsaraDB, etc.
- •Oracle/OCI keywords: Compute, Object Storage, Autonomous Database, etc.
- •
Determine the query type and select the appropriate URL:
- •Specific service/rule check → Provider-specific KB URL
- •General best practices → Base KB URL
- •Pricing questions → AWS Marketplace URL
- •
Fetch the knowledge base page using WebFetch with the provider URL
- •
Navigate to specific rules if needed:
- •Service index pages list available rules
- •Individual rule pages contain detailed checks and remediation
- •
Extract and present the relevant information including:
- •Rule ID and title
- •Risk level (Low, Medium, High, Very High, Extreme)
- •Description of the security issue
- •Remediation steps
- •Compliance framework mappings
Tools
| Tool | Purpose |
|---|---|
WebFetch | Fetch knowledge base pages and extract rule information |
Knowledge Base URLs
Route queries to the appropriate knowledge base:
Common Workflows
Look Up a Specific Rule
- •Identify the cloud provider and service from the query
- •Fetch the provider's knowledge base index:
{provider_url} - •Find the service section (e.g., S3, EC2, Storage Account)
- •Fetch the specific rule page if needed
- •Present rule details with remediation steps
Find All Rules for a Service
- •Identify the cloud provider and service
- •Fetch the service index page:
{provider_url}{service}/ - •List available rules with risk levels
- •Offer to provide details on specific rules
General Best Practices Query
- •Fetch the base knowledge base URL
- •Search for relevant categories or topics
- •Summarize applicable best practices
Pricing Information
- •Fetch the AWS Marketplace URL
- •Extract pricing tiers and features
- •Present pricing information clearly
Output Format
When presenting rule information:
code
## [Rule ID]: [Rule Title] **Risk Level**: [Low|Medium|High|Very High|Extreme] **Service**: [Cloud Service Name] **Provider**: [AWS|Azure|GCP|Alibaba|OCI] ### Description [What the rule checks and why it matters] ### Remediation [Step-by-step instructions to fix the issue] ### Compliance [Relevant frameworks: CIS, PCI-DSS, SOC2, etc.]
Example Queries
| User Query | Action |
|---|---|
| "S3 bucket encryption best practices" | Fetch AWS KB, find S3 encryption rules |
| "Azure storage public access" | Fetch Azure KB, find storage account rules |
| "GCP firewall rules" | Fetch GCP KB, find VPC firewall rules |
| "What does it cost?" | Fetch AWS Marketplace pricing page |
| "Cloud security best practices" | Fetch general KB |
Security Considerations
- •This skill accesses publicly available documentation only
- •No authentication or API keys required
- •Use alongside
vision-one:cloud-posturefor actual compliance scanning - •Knowledge base content is maintained by Trend Micro security researchers