InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

IAM Security Packs

An Overview of the IAM Security Packs

The new IAM Security Packs include two pack options:

  • IAM Security (with Access Explorer)
  • IAM Security (without Access Explorer)

The first pack IAM Security (with Access Explorer) includes a total of 39 Insights, with three Insights that are included with our Cloud IAM Governance - Access Explorer add-on module, and as such, will require licensing for that module.

The second pack IAM Security (without Access Explorer) includes 35 Insights, all of the same Insights included in the original pack, but omits the three Insights that require licensing for the Cloud IAM Governance (Access Explorer) add-on module. Allowing customers that may not have the module access to InsightCloudSec's out-of-the-box compliance pack for IAM Security.

The IAM Security Packs provide prescriptive guidance for configuring IAM security options with an emphasis on IAM security best practices. The three Insights that require the IAM licensing support AWS. The other 41 insights provide broader coverage spanning seven CSPs.

Prerequisites

Before you get started with any compliance packs, you will need to have the following:

  • A functioning InsightCloudSec platform installation
  • The appropriate permissions to apply this Compliance Pack to your desired infrastructure
    • Note that licensing for the Cloud IAM Governance Module is required to access/implement all of the Insights included in the IAM Security (with Access Explorer) pack
  • Familiarity with your organization’s compliance requirements

If you have questions about implementing this compliance pack or other general questions, reach out to us via [email protected].

Packs Summary

The IAM Security (with Access Explorer) Compliance Packs includes three Insights that require licensing for the IAM Governance (Access Explorer) add-on module. These Insights provide these valuable risk visibility:

  • Show me the Principals with the most Wildcards for Services. Or those with most Services for which
    they have 90% (user defined threshold) or more of the total actions in a service.
  • Show me the Principals with the most Wildcards for Resources.
  • Show me Resource Policies that are not protected by Conditions

The remaining 41 Insights are included in both Packs (IAM Security (with Access Explorer) and IAM Security (without Access Explorer) and cover a broad range of IAM security best practices over 7 CSPs including:

  • API Access Key is Inactive
  • Password Complexity Checks
  • Cloud Account with Active Root account
  • Unused Policies
  • Unused Groups
  • Principal Unused in 90 Days
  • Cloud Role trusting unknown external account
  • Resource Policy using NotAction or NotPrincipal
  • Cloud User is Deprecated

*If you have specific questions on this capability or need more information around our Cloud IAM Governance (Access Explorer) add-on module, reach out to [email protected].

What's Next

To learn more about using both out-of-the-box Compliance Packs and our Custom Insight Packs, take a look at our Insights documentation.

In addition, to explore more details around our automation capabilities, take a look at our documentation on BotFactory.

Updated about a month ago

IAM Security Packs


An Overview of the IAM Security Packs

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.