InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Insights - Quick Reference

A Quick Reference Guide for InsightCloudSec Insights

Overview

This page is a quick reference to answer common questions related to InsightCloudSec Insights. An Insight (located under "Security --> Insights") is a check built from a filter or filters, on a specific behavior, condition, or characteristic of a cloud resource.

If there's a topic or question you think belongs here that you don't see - we want to know! Reach out to us through [email protected] or use the "Suggested Edits" button at the top right of the page to submit your feedback directly.

For detailed information refer to Insights, and Filters.

How do I create my own Insight?

  • From Resources, select a target Resource, use the "Filters" option, at the top right of the resources page, and select any one or more filter(s) you want to apply to the selected resource. Choosing a resource narrows the filters automatically to display only those that apply.
    • This "filtered" resource view updates to include a "Save Insight" button.
    • You also have the ability to use an existing Insight as a starting point. You can clone a Custom Insight directly, or use the "Record Changes" option to create a modified Insight with any Insight as the starting point.
Saving an InsightSaving an Insight

Saving an Insight

Can I clone/edit/modify an existing Insight?

Only custom Insights (or those not included out-of-the-box) can be cloned. From the "Insight Library" ("Security --> Insights") select the checkbox to the left of the Insight name. Select the "Actions" button and scroll to the "Clone" option on the actions menu.

Where can I see the Filters that were used to create an Insight?

Filters are listed on the "Insight Report" details, in the Insight information panel. Scroll to the bottom of that content pane to view the list of filters.

This is the best option if you want to use an out-of-the-box Insight as a starting point to create your own.

Insight - List of filtersInsight - List of filters

Insight - List of filters

Can I reset an Insight (e.g., modify the scope or filters)?

To modify the scope or filters of an existing custom Insight to make permanent changes to that Insight, you can "record the changes".

Open a Custom Insight and then locate the "Resource Breakdown" column; clicking on the "Findings/In Scope" count navigates to a filtered page displaying the resources that apply to the Insight.

Once you are on this page, if you want to edit or modify the existing Custom Insight, you must first click on the "Record Changes" button before you select any new scope or filtering.

Refer to the complete instructions here.

How do I create an Exemption?

Exemptions are Insight-driven. Refer to Exemptions (Insights) for detailed documentation on this capability.

You have two options.

Option 1: From the Insight Report view of a selected Insight under the "Results by Cloud" select view all or;

Option 2: Select the "Findings/In Scope" count

Either of these selections will open a filters view of applicable resources. From this view, select the box next to the target resource, and click on the "Add Exemption" button.

Add an ExemptionAdd an Exemption

Add an Exemption

Can I change an Insight's severity?

Modifying an Insight's severity (or other attributes) is available for Custom Insights. From the Insight Library, select the box next to the target Insight to enable the "Actions" menu. Select the desired action (e.g., set severity) from the list.

Check out the full list of actions here.

Updated 2 months ago

Insights - Quick Reference


A Quick Reference Guide for InsightCloudSec Insights

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.