Release Summary
InsightCloudSec is pleased to announce release version 25.1.7. This release includes expanded source document support, new Query Filters and Insights, and a resource renaming.
New Permissions: AWS
The following permission were missing and are required to support the API Gateway resource.
"apigateway:GET"
Details for self-hosted customers
- Release Availability - Self-hosted customers are able to download the new version of InsightCloudSec usually 2-3 days after SaaS customers are upgraded. The estimated date for this version's self-hosted availability is January 13, 2025.
- The latest Terraform template (static files and modules) can be downloaded from our public S3 bucket: https://s3.amazonaws.com/get.divvycloud.com/prodserv/divvycloud-prodserv-tf/example-usage/aws/release/divvycloud-tf-release.zip
- Modules can be updated with the
terraform get -updatecommand.
- Amazon Elastic Container Repository (ECR) Image Tags - You can obtain the ECR build images for this version of InsightCloudSec from the InsightCloudSec ECR Gallery: https://gallery.ecr.aws/rapid7-insightcloudsec?page=1
New
- Added the following Query Filters:
Cloud Account GCP CIS Monitoring MissingCloud Account GCP CIS Notification Channels MissingCloud Account GCP CIS Alerting MissingCloud Account without DLP Enabled
- Added source document support for AWS IAM Certificates.
- Added the following Insights:
Cloud Account without DLP Enabled
Improved
- Updated
API Keys Not Rotated Within 90 DaysInsight to include a generic multi-cloud overview section and include Center for Internet Security (CIS) remediation steps. - Updated
Cloud User Assigned Service Account User/Service Account Admin PermissionsInsight for CIS remediation steps. - Updated
Encryption Key Exposed To PublicInsight for CIS remediation steps. - Updated
Cloud User Assigned Service Account User/Service Account Token Creator Permissionsfor CIS remediation steps. - Updated
Cloud User Without KMS Separation of Dutiesfor CIS remediation steps. - Updated
Cloud Credential For Disabled APIfor CIS remediation steps. - Discontinued calculating risk scores for the Threat Findings, Threat Finding Resources, Recommendations, and Recommendation Findings resources.
- Updated the Google Cloud Platform (GCP) Network Firewall resource name to Firewall Rule to more accurately reflect GCP's nomenclature.
- Added a Create Database Instance Snapshot action for GCP Database Instance resources in the Inventory > Resources view.
- Added a policy processor to the Infrastructure as Code (IaC) scanner.
Fixed
- Fixed an issue that was preventing the
Send Email Summary with Details CSVsBot Action from operating on Instance data. - Added missing
"apigateway:GET"permission to the AWS onboarding script. - Fixed the Container Instance resource ID for Kubernetes resources that are not removable.
- Fixed an issue that caused Host Vulnerability Assessment (HVA) to re-assess instances even though they had been assessed recently.