Skip to Content
Release NotesInsightcloudsecIndex

May 14, 2024

This release includes the ServiceNow CMDB integration, an improved Bulk Email Bot action, more detailed AWS Instance Interface harvesting, and several bug fixes.

Release Summary

InsightCloudSec is pleased to announce release version 24.5.14. This release includes the ServiceNow CMDB integration, an improved Bulk Email Bot action, more detailed AWS Instance Interface harvesting, and several bug fixes.

Details for self-hosted customers

  • Release Availability - Thursday, May 16, 2024
    • The latest Terraform template (static files and modules) can be found here. Modules can be updated with the terraform get -update command.
  • Amazon Elastic Container Repository (ECR) Image Tags - The Amazon Web Services (AWS) Elastic Container Repository (ECR) build images for this version of InsightCloudSec can be obtained using the following tags (all versions can be found here):
    • latest
    • v24.5.14
    • v24.5.14.5e9493d80
  • ECR Build ID - 5e9493d80dd7232f41b377d4aa90ffeead514179
⚠️

Permissions Update: AWS

These permissions were missing from the AWS onboarding CloudFormation Template (CFT).

For AWS Read-Only Users:

  • \"elasticfilesystem:DescribeTags\"
  • \"sagemaker:ListTags\"
  • \"rds:DescribeDBSnapshotAttributes\"
  • \"rds:DescribeDBClusterSnapshotAttributes\"
  • \"route53:ListTagsForResources\"
  • \"elasticache:ListTagsForResource\"
  • \"workspaces:DescribeTags\"
  • \"acm:ListTagsForCertificate\"
  • \"ec2:DescribeImportImageTasks\"
  • \"es:ListTags\"
  • \"route53:ListTagsForResource\"
  • \"ec2:DescribeSnapshotAttribute\"
  • \"rds:ListTagsForResource\"
  • \"redshift:DescribeTags\"

New

  • Added the ServiceNow CMDB Integration to synchronize data between InsightCloudSec and ServiceNow CMDB. The Rapid7 InsightCloudSec for CMDB application provides end-to-end integration for managing cloud asset inventory and cloud configurations. For more information, review the documentation.

Improved

  • Updated the Load Balancer Without Any Associated Security Groups Query Filter to take into consideration Load Balancers of network type.
  • Added a new option to the Send Bulk Email Bot action to ignore recipient refusals.
  • Added Source Document support for Azure NAT Gateway Resources.
  • Updated the AWS Instance Interface harvesting process to collect data related to the requester ID (who requested the network interface for load balancer interfaces) and the type of network interface (for example, network load balancer interface). This change will trigger any Bot workflows that are set up to monitor for modifications.

Fixed

  • Fixed an issue where Host Vulnerability Assessment (HVA) errors were not displaying in the Assessment Coverage window.
  • Fixed an issue where some Google Cloud Platform resources were missing parts of their Source Documents.
  • Fixed an issue where HVAs would fail if performed in a different region than the resource.
  • Fixed a misspelling in the title of the FFIEC Compliance Pack.
  • Fixed an issue with harvesting AWS Glue’s custom connections.
  • Updated the AWS onboarding CFT for missing permissions.