23.10.31 Release Notes

Oct 31, 2023

InsightCloudSec is pleased to announce Release 23.10.31

InsightCloudSec Software Release Notice - 23.10.31 Release

⚠️

DivvyCloud Docs Site End-of-Life (EOL) Update

On August 1st, 2023, the InsightCloudSec documentation transitioned to docs.rapid7.com to be with the documentation for the rest of the Rapid7 software portfolio. The old site (docs.divvycloud.com) will continue to exist until a near-future date but will remain static. After this date, any links to the old site will be redirected to their docs.rapid7.com/insightcloudsec/ counterpart, so the old site will functionally not be visible publicly. However, the API reference will still be available until further notice. Visit our Getting Support page for details on contacting support for any questions or issues with the transition.

Release Highlights (23.10.31)

InsightCloudSec is pleased to announce Release 23.10.31. This release includes access to the Federated User LPA Analysis feature for all customers. In addition, 23.10.31 includes vulnerability fixes, performance improvements, one updated Query Filter, and 10 bug fixes.

Self-Hosted Deployment Updates (23.10.31)

Release availability for self-hosted customers is Thursday, November 2, 2023. If you’re interested in learning more about becoming a hosted customer, reach out through our Customer Support Portal . Our latest Terraform template (static files and modules) can be found here . Modules can be updated with the terraform get -update command. The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here ):

latest
23.10.31
23.10.31.083e92a07

Features & Enhancements (23.10.31)

Enabled User Federation Analysis in our Identity Analysis capability for all customers. For specific details, please visit the Identity Analysis documentation . [ENG-32633]
Reduced load times on the Vulnerabilities page for customers with many Host Vulnerability Assessment scans. This also reduces latency on some of the API endpoints. For performance reasons, we removed sorting and filtering on the Last Assessed Date column on the Vulnerabilities page. This will be reintroduced at a later date. [ENG-32240]

User Interface Changes (23.10.31)

Unified the font across the application. [ENG-19544]

Resources (23.10.31)

AWS

Added a new event to Event Driven Harvester to trigger harvesting of API Gateway resources created using the Import method. [ENG-29600]

Insights (23.10.31)

MULTI-CLOUD/GENERAL

Resource with Vulnerability of Any Severity - Deprecated this Insight due to performance concerns. [ENG-32539]

Query Filters (23.10.31)

MULTI-CLOUD/GENERAL

Resource Vulnerability Count By Severity - Made performance improvements to this Query Filter; deprecated associated Insight Resource with Vulnerability of Any Severity (noted above) due to performance concerns. [ENG-32539]

Bug Fixes (23.10.31)

Increased the maximum description size for collection values to 2^16 characters. [ENG-32724]
Fixed a bug involving incorrectly double-quoted descriptions in data collections. [ENG-32723]
Fixed an edge case bug where the CloudMetadataHarvester was failing for some customers. [ENG-32663]
Fixed an issue where the enable_os_login field in commonInstanceMetadata was incorrectly harvested. [ENG-32589]
Fixed edge case errors with Query Filter Access List Exposes Port (Security Group). [ENG-32382]
Fixed bug with AWS StorageContainerHarvester where some buckets were mistakenly flagged as public due to a missing ACL check. [ENG-31740]
Resolved an issue whereby harvesters continued to run on a GCP project for resource types that had the corresponding GCP API disabled. [ENG-30796]
Fixed an edge case with IAC false positives with Insight Storage Container not Enforcing Transit Encryption. [ENG-30668]
Refined handling of a K8s-scan error warning about a missing “create” permissions for “subjectaccessreviews”. A documentation link will be displayed as part of the warning. [ENG-29695]
Fixed an issue with Query Filter Database Cluster Without Audit Logging specifically for Aurora DBs. [ENG-29322]

Required Policies & Permissions

Policies required for individual CSPs are as follows:

Alibaba Cloud

Read Only Policy

AWS

Commercial \t- Read Only Policy \t\t - Part 1 \t\t- Part 2 \t\t- Part 3 \t- Power User Policy
GovCloud \t- Read Only Policy \t\t- Part 1 \t\t- Part 2 \t\t- Part 3 \t- Power User Policy
China \t- Read Only Policy \t\t- Part 1 \t\t- Part 2 \t\t- Part 3

Azure

Commercial \t- Custom Reader User Role \t- Power User Role \t- Reader Plus User Role
GovCloud \t- Custom Reader User Role \t- Power User Role

GCP

For GCP, since permissions are tied to APIs there is no policy file to maintain. Refer to our list of Recommended APIs that is maintained as part of our GCP coverage.

Oracle Cloud Infrastructure

Host Vulnerability Management

AWS Host VM User Policy

For any questions or concerns, as usual, reach out to us through your CSM, or the Customer Support Portal .