InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Harvesting Strategies

Information on Developing Strategies to Customize Your InsightCloudSec Harvesting

InsightCloudSec provides a way to create and modify harvesting strategies by cloud, by region, and by resource. In this way, you can better match your harvesting resources with your harvesting needs. For example, you can lower the harvesting cadence in regions where you do not deploy to ensure you are still monitoring for unauthorized usage in those regions.

Previously, harvesting cadences were fairly limited because users couldn't specify resource types to harvest faster or slower than another resource type or even specify the multiplier. Configuring all resources in a single region was the only way to adjust harvesting times and only region-based services were configurable.

InsightCloudSec is putting this power capability in the hands of administrators to allow these fine-tuned configurations on harvesting strategies for each resource type, either per region or globally, for any cloud provider.


Note to Existing Customers

Existing customers who have used previous methods for overriding harvesting cadences via the Clouds page will have a blue banner at the top of their screen after logging in. This is meant to be a call to action to configure harvesting strategies quickly, as this new feature will override those configurations and have all resources in all regions harvesting at default speed.

We recommend setting up a harvesting strategy when you are connecting and configuring your cloud accounts. End users with appropriate permissions can access Harvesting Strategies from the navigation menu under Administration.

Creating a Harvesting Strategy

Refer to the following steps to create a new harvesting strategy:
1. Navigate to "Administration --> Harvesting Strategies" and select the "New Strategy" button on the upper right of the page.

2. Provide a name for your strategy, select the provider and click "Create."

Creating a New Harvesting StrategyCreating a New Harvesting Strategy

Creating a New Harvesting Strategy

3. On the "Strategy Configuration" page review and update the parameters as follows:

  • Select the region where a new strategy applies (from the "Region" drop-down box at the top right of the page).
  • Select an overall percentage change (faster or slower) to the default cadence (from the "Cadence" slide bar).
  • Select overrides (in minutes) for specific resource types or harvesters. Default overrides (in minutes) are shown for reference.


Override Settings

Overrides cannot be less than 1 minute or greater than 24 hours.

For AWS EDH-enabled resources and regions, InsightCloudSec sets a maximum harvesting frequency of four hours.

Strategy Configuration for a New Harvesting StrategyStrategy Configuration for a New Harvesting Strategy

Strategy Configuration for a New Harvesting Strategy

4. Click "Save & Copy to Regions" to apply your strategy to other regions for easier configuration. (This applies when a region other than "Global Harvest" was initially selected.)


Limiting Regions

If you want to create a custom strategy or modify the default strategy in order to exclude a specific region or regions (e.g., working backwards by removing rather than adding regions), you can also create or copy an existing strategy and modify that strategy using the Admin option.

Copying Harvesting Strategies From One Region to OthersCopying Harvesting Strategies From One Region to Others

Copying Harvesting Strategies From One Region to Others

5. Once you have completed your changes to the entire strategy, click "Save Changes."

6. Click "Harvesting Strategies" to return to the main page and assign resources.

  • Select the "Assign" (clipboard) icon (under the Admin options) to open the "Strategy Assignment" window.

7. Select the cloud accounts to be harvested by this strategy. You can scope the strategy by cloud account or by badge.


Any existing strategy previously assigned to selected accounts will be overwritten.

Modifying an Existing Strategy

Refer to the steps below to modify an existing strategy.



Domain Admin permissions are required for the majority of these changes. Contact your administrator or [email protected] if you have issues or questions.

1. Locate the strategy you want to modify from "Administration --> Harvesting Strategies" on the Harvesting Strategy - Listing page.

  • Note: You can scope this list by cloud or by strategy name.

2. From the "Harvesting Strategy" page under "Admin," you can do the following:

  • Configure the strategy (wrench icon) - This navigates to the Strategy Configuration page.
  • Assign (or reassign) - This strategy connects to a cloud account (note pad icon)
  • Make Default (check mark) - Will make the target strategy to default for the clouds selected as they are added; this option is available for each cloud type
  • Edit Strategy (pencil icon) - Allows you to modify the strategy name and exclude specific regions from harvesting. Note: Currently, the ability to limit regions is only available for AWS.
  • Delete the strategy - Allows you to delete the strategy with the appropriate permissions and confirmation.
Modifying an Existing Harvesting StrategyModifying an Existing Harvesting Strategy

Modifying an Existing Harvesting Strategy

Selecting Harvesting Strategy for Newly Added Accounts

Once a strategy has been set up, an administrator can assign any cloud account to it, including new accounts as they are added. For details on adding a new cloud account, refer to details on the Cloud Account Setup page.

  • Note: If you don't specify a harvesting strategy when adding the cloud account, it will be assigned to the default strategy for that cloud provider.

1. When adding a cloud account via the UI, click "Show Advanced" (at the bottom) and a drop-down menu will display strategies applicable to the type of cloud you are adding.

2. Click the desired strategy and select "Submit" when the remainder of the "Add Cloud" pane is complete.

  • Note: The "Harvesting Strategy" drop-down option will only appear for organizations that have additional harvesting strategies configured; otherwise, the default is applied and no drop-down menu appears.
Selecting a Harvesting Strategy While Adding a Cloud AccountSelecting a Harvesting Strategy While Adding a Cloud Account

Selecting a Harvesting Strategy While Adding a Cloud Account

Harvesting Strategy Example

In the following example, harvesting times are slowed for Amazon Web Services (AWS) outside the Continental US.

1. First, we create a new harvesting strategy named "New Strategy" for AWS.

Example - Creating a New Harvesting StrategyExample - Creating a New Harvesting Strategy

Example - Creating a New Harvesting Strategy

2. Second, we decrease the cadence of all harvesting in one region by the following:

  • Choosing one region outside the US (ap-northeast-1).
  • Decreasing the overall harvesting cadence; in this case, we have decreased the cadence by 1000% from default values.
  • We can also override harvesting times for specific resources by entering those numbers (minutes) into the boxes next to the specific resource.
    3. Select "Apply" to save the changes.
Example - Decreasing the Harvesting Cadence for One RegionExample - Decreasing the Harvesting Cadence for One Region

Example - Decreasing the Harvesting Cadence for One Region

4. Next, we apply this newly created strategy to all regions by copying that strategy to everything except regions within the Continental US (us-east-1 and 2, us-west-1 and 2).

  • We've used the copy icon, next to the Region box, to open the "Region to Copy to" pane and select (or deselect) the appropriate regions.
Example - Copying a Harvesting Strategy to all Regions Except the Continental USExample - Copying a Harvesting Strategy to all Regions Except the Continental US

Example - Copying a Harvesting Strategy to all Regions Except the Continental US

5. Finally, we return to the "Harvesting Strategy" listing to assign cloud accounts to the new strategy.

  • On the first return to this listing, you will see that "New Strategy" is assigned to no clouds.
  • Clicking the clipboard icon opens the "Assign Strategy" pane, where we have added one of our AWS cloud accounts.

Updated 15 days ago

Harvesting Strategies

Information on Developing Strategies to Customize Your InsightCloudSec Harvesting

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.