Cloud Posture

Manage cloud security posture, compliance scanning, and security settings across cloud environments using Trend Micro Vision One. This skill includes both read and write operations for posture management.

Instructions

•
When the user asks about cloud posture, compliance, or cloud security configuration, use this skill to query and manage posture data.
•
Check posture status: Start with get_cloud_posture_overview to understand the current compliance and posture state.
•
List compliance findings: Use list_cloud_posture_findings to identify misconfigurations and compliance violations.
•
Review templates: Use list_cloud_posture_templates to see available compliance templates and standards.
•
Before write operations: Always confirm with the user before executing any write operations (scan triggers, settings updates).
•
Trigger scans: Use trigger_cloud_posture_scan to initiate compliance scans when requested by the user.
•
Update settings: Use update_cloud_posture_settings to modify posture configurations with user approval.
•
Track remediation: Help users track which findings have been addressed and which remain open.

Tools

This skill uses the following Vision One MCP tools:

Read Operations

Tool	Purpose
`get_cloud_posture_overview`	Get overall posture and compliance summary
`list_cloud_posture_findings`	List misconfigurations and compliance violations
`list_cloud_posture_templates`	List available compliance templates

Write Operations (Require User Confirmation)

Tool	Purpose
`trigger_cloud_posture_scan`	Initiate a compliance scan
`update_cloud_posture_settings`	Modify posture configuration settings
`update_cloud_posture_template_settings`	Update compliance template settings

Common Workflows

Compliance Assessment

•Get posture overview for current state
•List findings grouped by severity
•Identify critical misconfigurations
•Map findings to compliance frameworks
•Prioritize remediation activities

Compliance Scan Request

•List available templates to identify scan scope
•Confirm with user before triggering scan
•Trigger cloud posture scan
•Monitor scan progress
•Review new findings after completion

Posture Configuration Update

•Review current settings
•Discuss proposed changes with user
•Get explicit user approval for changes
•Apply settings update
•Verify changes were applied successfully

Remediation Tracking

•List findings filtered by status
•Identify findings marked for remediation
•Check if remediated findings have been rescanned
•Report on remediation progress
•Highlight remaining open items

Output Format

Posture Overview

code

## Cloud Posture Summary

**Overall Compliance**: [%]
**Last Scan**: [Timestamp]

### Findings by Severity
- Critical: [count]
- High: [count]
- Medium: [count]
- Low: [count]

### Compliance by Framework
| Framework | Score | Pass | Fail |
|-----------|-------|------|------|
| CIS | [%] | [count] | [count] |
| SOC 2 | [%] | [count] | [count] |
| PCI DSS | [%] | [count] | [count] |

Compliance Finding

code

## Finding: [Title]

**Severity**: [Critical/High/Medium/Low]
**Framework**: [CIS/SOC 2/etc.]
**Rule ID**: [ID]

### Description
[Finding description]

### Affected Resources
- [Resource type]: [Resource ID]

### Remediation
[Steps to remediate]

### Compliance Impact
- [Framework]: [Control ID]

Write Operation Confirmation

code

## Action Required: [Operation Type]

**Operation**: [Description of what will be changed]
**Scope**: [What resources/settings will be affected]

### Current State
[Current configuration]

### Proposed Change
[What will change]

**Do you want to proceed with this operation? (yes/no)**

Security Considerations

•Write operations require explicit user confirmation before execution
•Scan triggers may impact cloud API rate limits
•Settings changes affect security policy enforcement
•Document all configuration changes for audit purposes
•Critical findings should be addressed promptly
•Coordinate posture changes with cloud operations teams
•Test settings changes in non-production environments first when possible