InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Custom Packs

An Overview of InsightCloudSec Custom Insight Packs

Overview

In addition to the built-in Compliance Packs, InsightCloudSec includes the ability to create custom Insight Packs and modify existing Insights. This page includes details on viewing, creating, and editing for Custom Packs.

For details on creating a single custom Insight, check out our instructions here.

A Custom Pack can be organized to provide targeted visibility into a testing environment, to expose custom compliance or security concerns, or to combine important Insights in your environment for the best visibility into your specific cloud resources.

Custom Packs are Insight packs that can be created to suit your specific requirements either based on an existing pack or from a selection of filtered resources. Visiting the Insights landing page and selecting the "Custom Packs" tab will provide you with access to the "Create Pack" functionality.

Creating Custom Packs via InsightsCreating Custom Packs via Insights

Creating Custom Packs via Insights

Custom Pack Actions

From the Custom Packs main landing page, each available Custom Pack is displayed as a list item. The following actions can be accessed via the details menu (three vertical dots) to the left of the Custom Pack:

  • Show Report Breakdown
  • Manage Subscriptions
  • Edit Insight Pack
  • Delete Insight Pack
  • Export Configuration Links
  • Toggle Pack Visibility
Custom Pack ActionsCustom Pack Actions

Custom Pack Actions

Show Report Breakdown

The Show Report Breakdown icon (the bar chart icon) takes you to a summary page of dynamic charts that allow you to view:

  • A time series (up to 90 days) plot of total noncompliant resources; ideally, you will see this trending down as you take actions to resolve compliance issues
  • Noncompliant resources as a percentage of total resources associated with this Insight pack
  • Percent of total noncompliance contributed by component clouds associated with this pack
  • Noncompliant resources as a percentage of total resources within individual clouds associated with this pack
Custom Pack Example ChartsCustom Pack Example Charts

Custom Pack Example Charts

Manage Subscriptions (Notifications)

Email notifications (or subscriptions) associated with Insight packs are available for administration through the Insight landing page.

Note: To read more about setting up SMTP, configuring email notifications, and creating pack-level notifications, check out our documentation on SMTP (Email Notifications).

After selecting the specific Insight Pack, you can select the envelope icon (Manage Subscriptions). This icon opens a page that provides a list of all subscriptions associated with the Insight Pack.

From this page you can add a new subscription, or modify an existing subscription by clicking on the ellipsis menu ("...") to display the following options:

  • Send Now - Send a new report based on your Insight Pack immediately (On-Demand Report)
  • Edit - modify or update your subscription
  • Delete - remove your subscription
Managing SubscriptionsManaging Subscriptions

Managing Subscriptions

Edit Insight Pack

Allows users (with the appropriate permissions) to modify the details of an existing Custom Pack, including the Name, Description, Badges, etc.

Delete Insight Pack

Allows the deletion of the Custom Insight Pack (with appropriate permissions). In addition, if an Organization is removed from InsightCloudSec, all associated Insight Packs will also be removed.

Export Configuration Links

Here you can add, edit, and otherwise manage export configuration links for exporting data. Details on this functionality are available in our Compliance Exporting documentation.

In general we recommend the Compliance Scorecard for the most robust reporting and export capabilities.

Toggle Visibility

This option allows you to disable and hide an entire Insight pack from your organization. You must confirm this selection. To unhide and re-enable the pack, uncheck the Hide Disabled Packs checkbox on the main page and toggle the pack's visibility to "on".

Viewing Custom Pack Details

You can view the details of any pack by clicking on the corresponding list item name. This will take you to the Insights Library, listing the filtered individual Insights included in the pack.

Custom Pack Filtered Insight ViewCustom Pack Filtered Insight View

Custom Pack Filtered Insight View

Insight Summary Page

Clicking on the name of an individual Compliance Pack opens a summary page listing each individual Insight included with the pack.

Results can be filtered, there are pagination controls, and each Insight row includes (for users with the appropriate permissions) several controls/fields, including:

  • An actions menu (Create Bot)
  • The name of the individual Insight(s)
  • A summary of the Impacted (noncompliant Resources)
  • Details on Exempted Resources (when applicable)
  • The associated Compliance Rules
  • Any associated Bots (a total count)
  • Severity details
  • Favorite(s)
  • Author details

Note: This is simply a "filtered" Insight list; clicking on the text "This is a filtered result set. Click here to reset the filters", will reset this list to display all available Insights.

General Pack Controls

Depending on your permissions, you may be able to review and update details around numerous Custom Packs.

Bots and Compliance Reporting (Impacted Resources)

Once you understand specific compliance failures, you can use Bots to notify about or remediate the issue. To learn more about this capability, check out our documentation on BotFactory.

Excluding Resources (Exemptions)

In earlier versions, InsightCloudSec offered the ability to exempt resources from Insight findings using the Resource Group functionality. Check out our documentation on our dedicated Exemptions functionality for details on excluding resources.

Checking for Existing Bots

You can determine whether any existing Bots match the failed Insight(s) by clicking on the Bots listed on the Insight page associated with your Custom Pack.

Custom Pack - Bots configuredCustom Pack - Bots configured

Custom Pack - Bots configured

In the example above, one bot exists for the pack. Clicking on this detail allows you to investigate these Bots on the "Bot --> Listing" page, to see what specific actions they are taking as a result of the failed Insight.

From this page you can choose to modify your Bot--or create a new one--accordingly.

Custom Pack - Bot Listing (from Insight Details)Custom Pack - Bot Listing (from Insight Details)

Custom Pack - Bot Listing (from Insight Details)

Creating a Bot

You may wish to create a Bot to notify of---or remediate---the failed insight. In the example below, clicking the actions menu (three dots) next to a specific Insight, allows you to create a Bot directly from that insight. You can learn more about BotFactory & Automation and Creating Bots.

📘

Authoring & Visibility

Attribution or "Created By" information for any Custom Pack is populated based on the user who created the pack (e.g., whoever was logged in and completed the "Create Pack" process).

*Note that administrators can view all Insights regardless of who created the Insight, even for Insights that were created by a user and marked as "Viewable only by Me."

Toggle Visibility applies to a single pack and a single organization. Enabling a pack as "Global" (see below) relates to a single pack across all child organizations.

Compliance Report

Compliance Scorecard

For best results in viewing, sorting, interpreting, and understanding data associated with the Custom Packs you may create, we recommend taking advantage of our Compliance Scorecard.

Downloading Results

You can download a CSV file that includes the results for the Custom Pack you have created. From the Custom Packs page, click on the name of an individual Custom Pack.

This will take you to a filtered Insights page where you can then select the download arrow.

Download CSVDownload CSV

Download CSV

Creating a Custom Insight Pack

The Custom Insight Pack feature allows users to create custom packs from a base pack or to create an empty Custom Insight Pack and add existing Insights to the Custom Insight Pack a la carte. To create a Custom Insight Pack and add Insights to it:

1. From the Insights page, click on the "Custom Packs" tab and click the "Create Pack" button.

2. In the "Create Insight Pack" dialog window, you will need to complete the following fields:

  • Name - name your pack (up to 64 characters)
  • Description - give your pack a description
  • Base Pack (optional) - choose the base pack to allow you to create a custom pack based on an existing Compliance pack
  • Badges (optional) - Associate the pack with badges and select the "Must Have All Badges" if desired
  • Logo URL (optional) - Provide a URL to include the display of a custom logo with your pack
  • Global Pack (optional) - Select the "Global Pack" checkbox to allow all of your child organizations access to this pack; the pack can only be managed by the parent organization

3. Select "Submit" when finished.

Creating a Custom Insight PackCreating a Custom Insight Pack

Creating a Custom Insight Pack

4. Once your pack is created, it will appear in the list on the Custom Packs tab. It will include your description of the pack, your username (as Created By), the number of Insights in the pack, the number of Badges used by the pack, and more.

5. To add Insights, go to the "Insights Library".

6. Select the Insight(s) you would like to add to your custom pack.

  • Selecting an Insight activates the ACTIONS button.

7. Click the "ACTIONS" button and choose “Add to Pack”. Select your custom pack from the list to add your selected Insights.

Your custom pack will now appear on the "Custom Packs" page with the updated total of Insights.

What's Next

After creating a Custom Pack, you may want to explore more information around Compliance. For that, we recommend taking a look at our documentation around the Compliance Scorecard.

Or to explore more options around automation for your Custom Pack, take a look at our BotFactory documentation!

Updated about a month ago

Custom Packs


An Overview of InsightCloudSec Custom Insight Packs

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.