Security Group Auditorv1.0.0

An e-commerce company running on AWS EC2 instances needs to audit security groups for web servers and databases to prevent unauthorized access. The skill analyzes exposed ports like 443 for HTTPS and flags risky rules on database ports such as 3306, ensuring only necessary internet access is allowed while tightening internal network rules.

A healthcare provider uses AWS for patient data storage and must comply with HIPAA regulations by minimizing network exposure. The skill identifies open security groups on sensitive ports like RDP or database services, recommends specific IP restrictions, and suggests AWS Config rules for continuous monitoring to maintain compliance.

A fintech startup with microservices on EKS and RDS instances needs to secure its AWS environment against attacks. The skill audits security groups for Kubernetes API ports and database exposures, estimates blast radius for critical services, and provides tightened rule sets to reduce attack surface while enabling secure access for developers.

A media company streaming content via EC2 and load balancers wants to optimize security groups for performance and safety. The skill flags overly broad CIDR ranges on admin ports, recommends cleanup of unused security groups, and advises on VPC flow logs to detect anomalies without disrupting legitimate traffic.

An educational institution migrating on-premises servers to AWS VPCs requires a security audit for student and administrative systems. The skill analyzes exported security group data to identify dangerous exposures like open SSH ports, generates replacement rules with specific IP ranges, and suggests cost-effective monitoring with AWS Config.

Offer this skill as part of a monthly subscription service for small to medium businesses, providing regular security audits and reports. Revenue is generated through tiered pricing based on the number of AWS accounts or resources analyzed, with add-ons for automated monitoring via AWS Config.

Integrate the skill into a consulting package where experts use it to perform one-time or ongoing security assessments for clients. Revenue comes from project-based fees or retainer models, including hands-on help to implement tightened security group rules and set up monitoring.

Provide a free version of the skill for basic analysis, with premium upgrades offering detailed reports, blast radius visualizations, and integration with other security tools. Revenue is driven by conversions to paid plans and enterprise licenses for large organizations.