FinalDivvyCloud

An insight is a specific behavior, condition, or characteristic of a cloud resource. Using insights to view all of your clouds provides an in-depth understanding of your infrastructure's security, compliance, optimization, or other characteristics that you specify. Insights can be used to report on resources, or to instruct bots as to which resources require actions. Tracking insights over time gives great visibility to your most important issues. Some examples of common insights include:

  • Storage Container Exposing Access to the World
  • Database Instance Publicly Accessible
  • Volume Encryption Not Enabled

Insights can be used individually or in packs. DivvyCloud comes with a library of over 200 individual insights into potential security or compliance issues, best practices, and optimizations, as well as 12 industry-regulation compliance packs for CIS, ISO 27001, NIST 800-53, and others.

You can also create your own insights--and insight packs--for specific application to your organization. You can create these from scratch or from existing insights or insight packs that you use as templates for your customizations.

Library

DivvyCloud's Insights Library contains more than 200 individual insights. In the library, you can view all available insights at once, or you can limit your view by choosing to look only at insights marked as favorites (by clicking the Favorites box), or by choosing the insights' Source (All, DivvyCloud, Custom) or Scope.

The Insights Library - Viewing Your Insights as Favorites, by Source, or by Scopes

The Insights Library - Viewing Your Insights as Favorites, by Source, or by Scopes

Each line in the insights listing provides multiple options for obtaining details about or taking actions on your insights. These options are described below.

A Typical Line in the Insights Library Listing

A Typical Line in the Insights Library Listing

Checkbox - Selects a specific insight for further inspection or action. Checking here activates the Action menu for this insight. (See Action menu description.)

Impacted Resources Indicator - Indicates whether any (red "!") or no (green "check") resources fail to meet the requirements of the selected insight.

Create a bot - Allows creation of a bot linked to the selected insight. See BotFactory.

Edit exemptions - Allows addition or removal of Resource Groups (and their component resources) as exceptions for this insight. See "Exemptions" callout below.

Insight name - Clicking it opens the insights report for the selected insight. See Insights Report.

Number of bots - If at least one bot is associated with this insight, the number of associated bots will appear in blue. Clicking on the number will open the BotFactory Listing page, detailing all of the bots linked to the selected insight.

Insight severity - Shows color-coded severity indicator for selected insight: Minor (teal), Moderate (purple), Major (yellow), Severe (orange), and Critical (red).

Favorite indicator - Indicates whether this insight has been flagged as a favorite. Clicking the star will toggle between choosing this insight as a favorite (solid star) or not (outlined star).

Number of impacted resources - Gives the number of resources (out of total resources) failing to meet the conditions of the selected insight. Clicking the blue number opens the Resources page showing details for the impacted resources.

Exemptions - Gives the number, if any, of exempted resources for this insight. Clicking the number opens the Resources page showing details for the exempted resource. See also the Exemptions callout below.

Exemptions

Resources listed as 'Exempt' are harvested as any other resource scoped to a particular insight. If exempt resources fail to meet the conditions of the insight, however, they are not counted as "Impacted Resources".

For example, an insight may be looking for storage containers exposing access to the public, but some of your resources are static websites which can be open to the public. Exempting those static website resources from your insight prevents them from being included as 'impacted', i.e., giving false positives on your report.

Actions on Insights

Selecting the checkbox for one or more individual insights enables the Action button from which you can:

  • Edit metadata. This feature requires you have appropriate permissions.
  • Set the severity. This feature requires you have appropriate permissions.
  • Add the insight to your Favorites.
  • Remove the insight from your Favorites,
  • Delete the insight (with verification).
The Insights Library: Actions on Insights From the Actions Menu

The Insights Library: Actions on Insights From the Actions Menu

Metadata

Metadata allows you to annotate insights associated with an insight pack. NOTE: Metadata only relates to insights within packs.

For example, your organization uses a particular insight within a pack to verify your resources' adherence to a specific organization policy, e.g., "AcmeCorp Policy 7A.1". You might then edit the metadata for this insight to read "AcmeCorp 7A.1".

Ordering your Insight Listing

You can reorder your insight listing by clicking the up arrow that appears as you hover your cursor over a column heading.

For example, clicking a down arrow next to 'Impacted Resources' will order the insights in descending order by the number of resources impacted; clicking an up arrow next to 'Severity' will order the insights from least severe to most severe.

Insights Report

Clicking on an individual insight name in the library listing will open the Insights Report. Here you can view:

  • Results by Cloud - a breakdown of impacted resources for this insight by cloud.
  • Insight Information - an overview of the insight, including specific compliance frameworks associated with this insight, included filters, and (where applicable) suggested remediation and recommended bot workflow for remediation.
  • Noncompliant Resource Totals - a time series display of noncompliant resources by cloud; here, you are looking for a downward trend in the number of noncompliant resources as you take actions (use bots) to remediate.
  • Bot Lifecycle Actions - displays the previous week's worth of bot actions taken against this insight. Typically you should see a correlation between bot actions taken and decrease in number of noncompliant resources.
Insights Report: Results by Cloud and Insight Information

Insights Report: Results by Cloud and Insight Information

Insights Report: Noncompliant Resource Totals and Bot Lifecycle Actions

Insights Report: Noncompliant Resource Totals and Bot Lifecycle Actions

Modifying and Creating Insights

To modify existing insights or create custom insights, use the Resources page. (See also Resources: Modifying and Saving Insights.) On the Resources page you can scope resources; you can also add, delete, or modify filters linked to your scoped resources. You can then save your insight, giving it a name, description, a severity level, and marking it as a favorite.

Once you’ve saved your insight, it will appear as a Custom Insight in the Insights Library. You can then use Source:Custom in the library to display only custom insights.

Featured Packs

DivvyCloud features insight packs--collections of related insights--that allow you to quickly confirm your organization’s compliance with industry requirements and standards, or with your own organization's rules and policies. The Featured Packs tab on the Insights main page displays both prepackaged and custom packs.

DivvyCloud comes prepackaged with more than 12 insight packs focused on various regulatory frameworks, including the CIS Benchmark, NIST 800-53, and ISO 27001.

These 12 compliance packs display in card format at the top of the Featured Packs page. Each card provides a brief description of the pack's contents, and notes the number of insights in the pack.

Featured Insight Packs Include 12 Packs Focused on Compliance

Featured Insight Packs Include 12 Packs Focused on Compliance

You can view details of any pack by clicking on its card. This will take you to the Insights Library, listing the individual insights included in the pack. (See Insights:Library for more information on navigating through the Library.)

The Insights Library view of the Center for Internet Security (CIS) - AWS Compliance Pack

The Insights Library view of the Center for Internet Security (CIS) - AWS Compliance Pack

Also on the Insights: Featured Packs page, each insights pack provides options for you to:

  • Show Charts
  • Run On-demand Email Reports
  • Manage Subscriptions
Options for Prepackaged Insight Packs

Options for Prepackaged Insight Packs

Show Charts

The Show Charts icon (the bar chart icon) takes you to a summary page of dynamic charts that allow you to view:

  • A time series (up to 90 days) plot of total noncompliant resources; ideally, you will see this trending down as you take actions to resolve compliance issues
  • Noncompliant resources as a percentage of total resources associated with this insight pack
  • Percent of total noncompliance contributed by component clouds associated with this pack
  • Noncompliant resources as a percentage of total resources within individual clouds associated with this pack
Charts Displayed for Compliance with Insight Packs

Charts Displayed for Compliance with Insight Packs

Run On-Demand Email Reports

To run an on-demand report on a specific insight pack, click the envelope icon (on the insight card, Insight Packs page). Here you will see a list of all subscribers to reports on this insight pack. Choose the subscribers who will receive this on-demand report.

Running--and Sending--On-Demand Email Reports

Running--and Sending--On-Demand Email Reports

Subscribers will receive an email with a breakdown of all the insights that pertain to the selected insight pack. This report also includes:

  • The number of noncompliant resources over total resources over each of the previous 3 days
  • A brief description of the compliance rule(s) which this insight validates

You can include your auditors in the email list, so they can view the control item number (or compliance rule) that directly correlates with each insight.

An Example On-Demand Email Report

An Example On-Demand Email Report

Manage Subscriptions

You can manage subscriptions to insight pack reports from the Manage Subscriptions icon (also on the Insights: Featured Packs page). Here you can edit or delete existing subscribers. You can also add subscribers by:

  • Giving a nickname to the team you’d like to email
  • Choosing the notification schedule (daily or weekly)
  • Entering the email of the recipients you’d like to include
Managing Insight Subscriptions: Adding a Subscriber

Managing Insight Subscriptions: Adding a Subscriber

Creating a Custom Pack

You can also create custom insight packs. At the bottom of the Insights:Featured Pack page you will find example DivvyCloud-created custom packs.

DivvyCloud-Created Custom Insight Packs

DivvyCloud-Created Custom Insight Packs

Additional Actions for Custom Packs

Note that in addition to options to Show Charts, Send On-Demand Reports, and Manage Subscriptions, custom packs can also be edited (pencil icon) or deleted (trashcan icon). Custom packs are only deleted after verification.

To create your own pack, click Create Pack. On the Create Insight Pack dialog window you will:

  • Name your pack
  • Give your pack a description
  • Associate the pack with badges (optional)
  • Provide the url for a logo to personalize your pack (optional)
Creating a Custom Insight Pack

Creating a Custom Insight Pack

Once your pack is created, it will appear as a card on the Insights Featured Packs page, under the "Customer Packs" section. It will initially show "0 Insights" associated with it.

Newly-created Insight Pack with 0 Insights

Newly-created Insight Pack with 0 Insights

To add insights, go to the Insights Library. From there, select the insights you would like to add to your custom pack. Selecting an insight activates the ACTION button; click this and choose “Add to Pack”. Then, you can select your custom pack to add your selected insights.

Adding Insights to a Custom Pack from The Insights Library

Adding Insights to a Custom Pack from The Insights Library

Your completed custom pack will now appear on the Insights: Featured Packs page.

Newly-created Insight Pack with Insights Added

Newly-created Insight Pack with Insights Added

You can use this approach to create custom packs based on entire existing packs. For example, if you want to make a custom pack that has many insights from the HIPAA compliance pack, you can use the HIPAA pack’s library view and choose as many insights as you want to add to your own custom pack.