InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Summary Page

Details on the Summary Landing Page inside the InsightCloudSec Platform

Overview

The Summary page (formerly the Dashboard) provides high-level compliance details based on findings throughout your cloud footprint. It's a quick way to filter your data and visualize the status of your infrastructure's most important characteristics. The Summary page opens by default when you first log in and is also available from the main navigation.

Summary Landing PageSummary Landing Page

Summary Landing Page

FAQ

The questions below offer some high-level summary information about the Summary page. If you have questions or concerns we don't address here, reach out to us through [email protected].

When is the data collected?
Currently the data that displays is collected at the end of the previous day.

For example, your Daily Summary may say "Daily Summary (end of day - Tuesday, May 11 2021)" to indicate that the data you are viewing is data collected on the 11th of May, 2021.

What is my Compliance Score? How is that calculated?
The Compliance Score is calculated by the number of resources scanned, relative to the number of applicable checks (or Insights) in the Insight Pack. There is no weighting associated with the checks, and they are all treated as equal, relative to the calculation of the score.

The percentage (e.g., 47%) is based on the data from yesterday compared to the day before yesterday, for a day-to-day data comparison.

Note: the Compliance Score will update to reflect the Insight Pack/Filters you select.

Example Compliance Score calculation
You have 100 S3 buckets and the selected Insight Pack has ten checks that focus on S3. Of those checks, there are 10 buckets failing three of the ten checks:

  • The number of checks that would be executed during the scan would be 1,000 (100 * 10)
  • The number of failed checks would be 30 (3 * 10)
  • The Compliance Score for the daily run would be 97% ([1000-30]/100)
    • This logic extends across multiple resource types so that checks in the pack only count as successful or unsuccessful depending on whether the resource type exists.

What is a Finding?
The term "finding" indicates a single Insight check against a resource. If the resource matches any Filter included in the Insight, it is counted as a "finding". A single resource may be valid for multiple Insights, and as a result, may have multiple "findings".

How do I view the latest results? What happens when I select "View Latest Results"?
Selecting the "View Latest Results" option under the Overall Compliance section navigates to the Compliance Scorecard using the Filters applied on the Summary page.

Selecting the “View Latest Results” option under an individual Severity navigates to the Compliance Scorecard using the Filters applied on the Summary and filtered for the selected severity (e.g., Critical, Severe, etc.)

Summary - View Latest OptionsSummary - View Latest Options

Summary - View Latest Options

Summary Displays

📘

First-Time User Display

When InsightCloudSec is first installed, the Summary displays are blank. You will need to complete your Cloud Account Setup and initiate data harvesting before the Summary page can display data.

Daily Summary

The top of the Summary provides a daily summary (with data compiled at the end of the previous day). You can select the scope for the data you would like to display. The available filters are:

  • A drop-down menu of Insight Packs, including Compliance Packs or Custom Packs unique to your Organization
  • A drop-down for badges you would like to apply (along with a checkbox to enforce the inclusion of all badges)
  • A drop-down menu of cloud accounts

Using the Filters
You must select an Insight Pack first to enable the other options (Badges & Clouds).

Changing the filtering criteria activates the "Submit" button, which, when selected, updates the displays.

Filters - Daily Summary (Populated with data from the previous day)Filters - Daily Summary (Populated with data from the previous day)

Filters - Daily Summary (Populated with data from the previous day)

Check out the FAQ above for details on the Compliance Score, Findings, and Viewing Latest Results.

Trends Over Time

This area of the Summary provides a number of compliance scores over a specific range of time. Users can select a starting point and ending point (date range). The available data includes the previous 180 days or the start date for data collection, whichever is greater.

  • Note that the data here will still be based on the filters selected at the top of the page (Compliance Pack, Badges, Clouds).

Changing the date values for "Trends Over Time" will update the displays related to compliance over time, including:

  • Compliance Score Over Time: Displays a percentage-based compliance score over time for the specified duration. This display can be filtered to display data for a specific severity.
Compliance Score Over TimeCompliance Score Over Time

Compliance Score Over Time

  • Findings by Insight Severity Over Time: Displays the trends for the number of findings by severity over time for Insights.
    • Hovering over a single data point provides specific data on the exact date and number of applicable findings.
Findings by Insight Severity Over TimeFindings by Insight Severity Over Time

Findings by Insight Severity Over Time

  • Insight Count Over Time: Displays the number of unique findings by severity for the Insights over time, including designations (differentiated by color) between Custom Insights, Built In Insights, and Exemptions.

  • Cloud Accounts Over Time: Displays the number of cloud accounts over time, color-coded by cloud service provider.

Favorite Insights

This area of the Summary allows users to specify and view details for favorite Insights. This includes the Insight severity, name, description, findings, Bot count, and action (this navigates to the Insight Report page so you can view details for the selected Insight).

  • Selecting the number under "Findings" navigates to a filtered view of the Resources that apply to the selected Insight.
  • Selecting the number under "Bot Count" navigates to a Bot Listing page with all of the Bots created that apply to the selected Insight.
  • Selecting "View Details" navigates to the Insight Report page for the Insight.
Favorite InsightsFavorite Insights

Favorite Insights

Additional Data (Top 5 Displays)

Below the Compliance Trend displays there are four summary displays. These include:

  • A list of the Top 5 Clouds by Billable Instance Count
    • Billable Instances include: Instances, Database Instances, Memcache Instances, Big Data Instances, and Elastic Search Instances
  • A list of the Top 5 Clouds by Resource Count
  • A list of the Top 5 Clouds by Bot Count
  • A list of the Top 5 Regions by Resource Count

Selecting an item with blue text (clickable link), navigates to a filtered display.

Top 5 Content DisplaysTop 5 Content Displays

Top 5 Content Displays

Global Navigation Menu

The Global Navigation Menu, or "main navigation", persists throughout the system and includes access to all of the features/sections available within the InsightCloudSec Platform.

Note: Access to some functions on the "Navigation Menu" (e.g., Provisioning, Identity Management, System Administration) require specific permissions. If a user does not have the required permissions, these functions will not appear on the navigation menu.

Refer to User, Groups, and Roles (Administration) for more details on permissions.

Global NavigationGlobal Navigation

Global Navigation

User Profile Administration

Just above the "Summary" page link, is your Username and Organization data. Clicking on your Username/Organization opens a sub-menu that provides access to view your individual profile, a link to the public release notes, a link to the product documentation, and provides you with access to select a different organization (with the appropriate permissions).

Accessing Your Profile, Links, and OrganizationsAccessing Your Profile, Links, and Organizations

Accessing Your Profile, Links, and Organizations

Check out System Settings for details on general configuration and User, Groups, and Roles (Administration) for additional details on configuring users.

Updated 15 days ago

Summary Page


Details on the Summary Landing Page inside the InsightCloudSec Platform

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.