Get Started

Getting Started

Deploy

Onboard and Manage Accounts

Amazon Web Services (AWS)

Google Cloud Platform (GCP)

Microsoft Azure

Oracle Cloud Infrastructure (OCI)

Additional Providers

Collect and Integrate Data

Harvesting & Event-Driven Harvesting

Integrations

Understand Data

Visibility & Reporting

Inventory

Query Filters & Insights

Manage and Act on Data

Bots & Automation

Infrastructure as Code (IaC) Security

Cloud IAM Governance

Vulnerability Management

Workload Security

Manage System Settings

InsightCloudSec System Configuration

Developer Resources

APIs

Support

Getting Started with InsightCloudSec

Welcome to InsightCloudSec! To get started, onboard a cloud account to begin harvesting and normalizing cloud data. After harvesting, you can review your data, tune your environment, and explore and analyze risk.

Step 1: Connect cloud data

You must connect a cloud account to access InsightCloudSec

When you open InsightCloudSec for the first time or if you have not successfully connected an account, you are prompted to onboard a cloud account through an onboarding wizard. If you close the wizard before completing account onboarding, you can resume onboarding from the page you were on last.

Go to Onboard a Cloud Account to get started.

After installing InsightCloudSec you will need to connect the platform to your cloud data by onboarding one or more cloud accounts. InsightCloudSec includes support for the following Cloud Service Providers (CSP):

Amazon Web Services, including AWS GovCloud and AWS China
Microsoft Azure, including Azure GovCloud and Azure China
Google Cloud Platform
Alibaba Cloud (Ali Cloud)
Oracle Cloud Infrastructure

We also support Amazon Elastic Container Service for Kubernetes (Amazon EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), and Kubernetes.

Data harvesting

After connecting your cloud account(s), InsightCloudSec will start the process to collect or harvest that cloud account and normalize the data.

Harvesting is the term for collecting data or the process of connecting with your clouds and pulling in the data stored there. InsightCloudSec provides a suggested harvesting schedule but also includes the flexibility to adjust your harvesting strategy based on your organizational needs.

Normalizing data

Normalizing the data means that we ingest and identify any resource that is part of your cloud with standard vernacular in simple categories regardless of provider.

Normalizing allows us to combine the data from all of your different cloud accounts and display this data through a single pane of glass through our Resources page and features like Layered Context.

Step 2: View your data (Resources)

After InsightCloudSec harvests and normalizes data from your cloud accounts, you will start to see the resources, virtual services, utilities, or functions that make up your clouds displayed in the resource section of InsightCloudSec. This section provides visibility into your cloud footprint and allows you to drill down and inspect specific resources.

Learn more about Resources and Resource Terminology.

Step 3: Configure your environment

The following table describes the different features related to configuring your environment.

Feature	Description
Application Context	InsightCloudSec has the ability to dynamically group infrastructure into Applications. An Application is a collection of resources/infrastructure that’s dynamically built and maintained as infrastructure scales up/down to support the customers' workloads. These collections are built based on the presence of a specific tag key that is configured within InsightCloudSec. While on the surface they seem similar to Resource Groups, Applications go much further, providing customers with a real time view of the infrastructure backing their apps while also providing data.
Badges	Badges are key-value pairs that allow you to customize the organization of your cloud accounts within InsightCloudSec. Badges, as key-value pairs, are similar to AWS tags or GCP labels. However, where tags and labels are applied to resources, badges are applied to entire cloud accounts.
Integrations	InsightCloudSec is designed to integrate with external systems for both inbound (data aggregation, data collection) and outbound (notifications, ticketing) actions. Integrations within InsightCloudSec enables easy configuration of third-party integrations, such as those for Slack, PagerDuty, ServiceNow, and others.
General Administration	InsightCloudSec uses a number of general administrative settings that can help you manage your organization and system information. Take a closer look at our documentation on topics like: Users, Groups, and Roles (Identity Management) Platform Configuration & Settings System Settings

Step 4: Explore and Analyze Risks

The following table describes the different features related to exploring and analyzing risks.

Feature	Description
Insights and Compliance Packs	Use Insights (checks) to understand where you may have misconfigurations, and to know how compliant you are using our built in 'Compliance Packs'. A built-in group of Insights can be organized around a specific compliance standard (Compliance Pack) for powerful custom analysis.
Layered Context	Layered Context provides a holistic view of the most critical resources found in all environments that are connected to InsightCloudSec. It provides capabilities including: High-level visualizations around the most critical high risk resources A resource-centric view of risk across multiple security domains in a unified, consolidated framework Easy access to details of risk surrounding a specific resource Filtering for context with Clouds and Applications, and on specific resource types, severities, and security domains for better triaging/risk prioritization
Container Vulnerability Assessment	Container Vulnerability Assessment can continuously assess all container images specified in production workloads to detect installed packages with known vulnerabilities.
Infrastructure as Code (IaC) Security	IaC Security employs the IaC Analyzer to analyze, or scan, your preconfigured infrastructure templates against Insight packs to gain specific feedback about violations and determine compliance before infrastructure is deployed. Each scan can be performed locally using the CLI IaC Scanning Tool or in an automated fashion via a CI/CD pipeline integration and will generate a detailed report of the results.
Cloud IAM Governance - Overview	Cloud IAM Governance functionality is available through IAM-related Query Filters, Insights, Principal Activity (for AWS & Azure), detailed views through the Principal Explorer through our Resources page and the Identity Analysis feature. Learn more about different ways to explore IAM and security with the Identity Analysis feature.
Threat Findings	Threat Findings provides a single view that collects all runtime threat detection findings from various sources. The unified view provides various filtering options, while offering security context by associating the findings with the relevant cloud resource(s) and resource properties. This uniform solution allows users to explore findings using filters and Bot automation.

Did this page help you?