Welcome to InsightCloudSec

What is InsightCloudSec?

InsightCloudSec is a fully-integrated cloud-native security platform CNAPP (Cloud Native Application Protection Platform)—your whole cloud security toolbox in a single solution.

InsightCloudSec helps teams protect even the most complex multi-cloud and container environments from misconfiguration, policy violations, threats, and identity and access management (IAM) challenges. The solution features automated, real-time remediation to help you quickly respond to security and compliance risks.

What's a CNAPP?

A CNAPP (Cloud Native Application Protection Platform), is a fully-integrated cloud-native security platform—your whole cloud security toolbox in a single solution. InsightCloudSec provides standardized visibility for multiple clouds to enable a single policy and single automation strategy to detect and remediate risk. We can provide event-driven harvesting to identify change in real time and assess risk in 60 seconds.

Data collection and visibility

Harvesting is the term for collecting data or the process of connecting with your clouds and pulling in the data stored there. InsightCloudSec provides a suggested harvesting schedule but also includes the flexibility to adjust your harvesting strategy based on your organizational needs.

After InsightCloudSec harvests and normalizes data from your cloud accounts, you will start to see the resources, virtual services, utilities, or functions that make up your clouds displayed in the resource section of InsightCloudSec. This section provides visibility into your cloud footprint and allows you to drill down and inspect specific resources.

Environment configuration

The following table describes the different features related to configuring your environment.

Application ContextInsightCloudSec has the ability to dynamically group infrastructure into Applications. An Application is a collection of resources/infrastructure that’s dynamically built and maintained as infrastructure scales up/down to support the customers' workloads. These collections are built based on the presence of a specific tag key that is configured within InsightCloudSec. While on the surface they seem similar to Resource Groups, Applications go much further, providing customers with a real time view of the infrastructure backing their apps while also providing data.
BadgesBadges are key-value pairs that allow you to customize the organization of your cloud accounts within InsightCloudSec. Badges, as key-value pairs, are similar to AWS tags or GCP labels. However, where tags and labels are applied to resources, badges are applied to entire cloud accounts.
IntegrationsInsightCloudSec is designed to integrate with external systems for both inbound (data aggregation, data collection) and outbound (notifications, ticketing) actions. Integrations within InsightCloudSec enables easy configuration of third-party integrations, such as those for Slack, PagerDuty, ServiceNow, and others.
General AdministrationInsightCloudSec uses a number of general administrative settings that can help you manage your organization and system information. Take a closer look at our documentation on topics like:

Risk analysis

The following table describes the different features related to exploring and analyzing risks.

Insights and Compliance PacksUse Insights (checks) to understand where you may have misconfigurations, and to know how compliant you are using our built in 'Compliance Packs'. A built-in group of Insights can be organized around a specific compliance standard (Compliance Pack) for powerful custom analysis.
Layered ContextLayered Context provides a holistic view of the most critical resources found in all environments that are connected to InsightCloudSec. It provides capabilities including:
  • High-level visualizations around the most critical high risk resources
  • A resource-centric view of risk across multiple security domains in a unified, consolidated framework
  • Easy access to details of risk surrounding a specific resource
  • Filtering for context with Clouds and Applications, and on specific resource types, severities, and security domains for better triaging/risk prioritization
Container Vulnerability AssessmentContainer Vulnerability Assessment can continuously assess all container images specified in production workloads to detect installed packages with known vulnerabilities.
Infrastructure as Code (IaC) SecurityIaC Security employs the IaC Analyzer to analyze, or scan, your preconfigured infrastructure templates against Insight packs to gain specific feedback about violations and determine compliance before infrastructure is deployed. Each scan can be performed locally using the CLI IaC Scanning Tool or in an automated fashion via a CI/CD pipeline integration and will generate a detailed report of the results.
Cloud IAM Governance - OverviewCloud IAM Governance functionality is available through IAM-related Query Filters, Insights, Principal Activity (for AWS & Azure), detailed views through the Principal Explorer through our Resources page and the Identity Analysis feature.

Learn more about different ways to explore IAM and security with the Identity Analysis feature.
Threat FindingsThreat Findings provides a single view that collects all runtime threat detection findings from various sources. The unified view provides various filtering options, while offering security context by associating the findings with the relevant cloud resource(s) and resource properties. This uniform solution allows users to explore findings using filters and Bot automation.

Get Started with InsightCloudSec

To get started with InsightCloudSec, review the onboarding overview and then onboard a cloud account.

You must connect a cloud account to access InsightCloudSec

When you open InsightCloudSec for the first time or if you have not successfully connected an account, you are prompted to onboard a cloud account through an onboarding wizard. If you close the wizard before completing account onboarding, you can resume onboarding from the page you were on last.

Go to Onboard a Cloud Account to get started.

Supported Cloud Service Providers (CSP)

InsightCloudSec includes support for:

We also support Amazon Elastic Container Service for Kubernetes (Amazon EKS), Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), and Kubernetes.

Potential for differences between CSP and InsightCloudSec documentation

Cloud Service Providers (CSPs) are constantly adding services and capabilities. As a platform with support for multiple CSPs, we are committed to continually updating both our product and our documentation to reflect those changes.

We do our best to keep things up-to-date and provide the content you need around new features and capabilities. However, if you find content that you have questions about or don't find information that you're looking for in our documentation, reach out to us through the Customer Support Portal.

InsightCloudSec Deployment

InsightCloudSec can only be deployed in AWS.

For SaaS/hosted customers InsightCloudSec can be deployed in any of the following AWS regions:

  • us-east-1
  • us-east-2
  • us-west-2
  • ca-central-1
  • eu-central-1
  • ap-northeast-1
  • ap-southeast-2

Supported compliance standards

InsightCloudSec enables organizations to evaluate compliance with hundreds of out-of-the-box policies that map to compliance and industry standards, including the following:

  • GDPR
  • SOC 2
  • ISO 27001
  • CIS Benchmarks for AWS, GCP, Azure, Kubernetes, NIST CSF, NIST 800-53, FedRAMP CCM, and CSA CCM.

Click to learn more about our out-of-the-box Compliance Packs.

Third-party integrations

InsightCloudSec includes Integrations with a number of tools for inbound functionality (data aggregation and data collection), and outbound for things like notifications and ticketing. Integrations include the following: