InsightCloudSec Release Notes / Aug 22, 2023

Aug 22, 2023

23.8.22 Release Notes

InsightCloudSec Software Release Notice - 23.8.22 Release

DivvyCloud Docs Site End-of-Life (EOL) Update

On August 1st, 2023, the InsightCloudSec documentation transitioned to docs.rapid7.com to be with the documentation for the rest of the Rapid7 software portfolio. The old site (docs.divvycloud.com/docs) will continue to exist until Tuesday, August 22nd, 2023, but will remain static. After this date, any links to the old site will be redirected to their docs.rapid7.com/insightcloudsec/ counterpart, so the old site will not be reachable. However, the API reference (docs.divvycloud.com/reference) will continue to be available until further notice. Visit our Getting Support page for details on contacting support for any questions or issues with the transition.

Release Highlights (23.8.22)

InsightCloudSec is pleased to announce Release 23.8.22. This release includes the addition of Source Document support for several more GCP resource types, an update to the Oracle Cloud onboarding flow, and seven bug fixes.

Self-Hosted Deployment Updates (23.8.22)

Release availability for self-hosted customers is Thursday, August 24, 2023. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal. Our latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):

  1. latest
  2. 23.8.22
  3. 23.8.22.737da453f

Resources (23.8.22)

GCP

  • Added GCP Source Document support for:
    • Site-to-Site VPN resources. [ENG-28640]
    • Private Images. [ENG-28634]
    • App Runner Service. [ENG-28626]
    • Notification Topics. [ENG-28592]
    • Autoscaling Group resources. [ENG-28605]

Oracle

  • Updated content to the Oracle Cloud onboarding flow. [ENG-29576]

Bug Fixes (23.8.22)

Validation for Regex Fields

Validation has now been added for regex fields before creating a Bot in Botfactory. At present, the following filters now have this validation available:

  • Resource Name Regular Expression (Regex)
  • Resource Name Regular Expression Exclusion (Regex)
  • Resource Name Multiple Regular Expressions (Regex)
  • Resource Namespace Id Regular Expression (Regex)
  • Resource In Resource Group (Regex)
  • Resource with Package Installed

Please note the state of a bot which is currently configured with invalid regex will be marked invalid upon this fix. Therefore please check the state of the bots which use the mentioned filters. They can be reconfigured as normal in BotFactory. [ENG-28993]

  • Fixed an issue where deleting Insight-scoped exemptions would delete all exemptions. [ENG-30844]

  • Fixed: AWS EDH consumer failing while creating some service event records for unhandled user agents. [ENG-30612]

  • Fixed an edge case that was causing a failure while linking EFS resources with some of their EDH events. [ENG-30609]

  • Fixed an issue where Insight exemptions for Cognitive Service Account resource types could not be created. [ENG-29875]

  • Fixed a NoneType error in the Container Image With High Severity Vulnerability Query Filter, which was occurring when a days setting was not set. [ENG-29607]

  • Fixed an issue where a custom pack was selected in the summary dashboard and the user switched to a different ICS organization. The issue was the result of the form inputs being cached between views and the customer pack being invalid in the other organization. The cache was not ICS organization specific. [ENG-29496]

Required Policies & Permissions

Policies required for individual CSPs are as follows:

Alibaba Cloud

AWS

Azure

GCP

Oracle Cloud Infrastructure

Host Vulnerability Management

For any questions or concerns, as usual, reach out to us through your CSM, or the Customer Support Portal.