detecting-s3-data-exfiltration-attempts
OfficialAutomate detection of data exfiltration attempts from AWS S3 buckets.
Authorbalsm-health
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Detects unauthorized bulk downloads and cross-account data transfers from AWS S3 buckets.
Core Features & Use Cases
- CloudTrail Event Analysis: Inspects S3 data events to identify bulk download patterns.
- GuardDuty and Macie Integration: Correlates GuardDuty findings and Macie alerts for sensitive data access.
- VPC Endpoint Policy and Bucket Policy Configuration: Recommends VPC endpoint and bucket policies to limit data movement paths.
Quick Start
Analyze the CloudTrail and GuardDuty logs using this skill to identify S3 data exfiltration attempts.
Dependency Matrix
Required Modules
boto3botocorepandasnumpy
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detecting-s3-data-exfiltration-attempts Download link: https://github.com/balsm-health/Balsm-AI/archive/main.zip#detecting-s3-data-exfiltration-attempts Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.