With the first few weeks of January underway, we were excited to ramp up after the holidays and end of the year. Our first release of 2021 was packed with updates after the longest release break we had taken in a while. As usual, each release is built with our customers and their needs in mind, making an effort to collaborate along the way. We were happy to get back to it, delivering a mix of upgrades (Ubuntu), announcements about coming changes, support for another Cloud Service Provider (CSP), more Insights, support for additional resources, and a ton of features, enhancements, and a pile of unexciting but always necessary bug fixes. Check out some of the highlights below.

Support for Oracle Cloud Infrastructure (OCI)

Beginning with 21.1, DivvyCloud by Rapid7 includes support for Oracle Cloud Infrastructure (OCI). While initial support is limited, we expect to rapidly expand the supported features and services for OCI over the course of 2021. You can check out additional details here.

New Compliance Packs for PCI DSS and for OCI compliance

As with previous releases, we are consistently working to provide expanded out-of-the-box support for common compliance checks. 21.1 included two new Compliance Packs, one in support of our new OCI coverage and a vastly improved update to our existing PCI DSS Compliance Pack.

  • The new Center for Internet Security (CIS) – Oracle Cloud Infrastructure (OCI) 1.1.0 Pack includes DivvyCloud Insights that can map to the OCI CIS Benchmark requirements. This pack is important for organizations that use the Oracle Cloud Infrastructure (OCI) and align to the Center for Internet Security Benchmarks.
  • Our new Payment Card Industry Data Security Standard (PCI DSS) Pack includes DivvyCloud Insights that can map to the PCI DSS requirements; it is important for organizations that are required to align with the Payment Card Industry Data Security Standards. It includes an impressive 373 individual Insights.

AWS Outposts Support

We’ve added visibility into AWS Outposts, AWS’ fully managed service that offers the same AWS infrastructure, services, APIs, and tools to virtually any data center, co-location space, or on-premises facility for a truly consistent hybrid experience. We’ve also included a new filter “Resource Running On Cloud Outpost” to identify volumes, instances, network interfaces and subnets that are associated with an Outpost.

Group-level entitlements

In an effort to continuously improve our user and permission management, we introduced  support for group-level entitlements. Enabling the assignment of entitlements to defined groups instead of just at the individual user level, provides a much better overall experience, particularly for large enterprise customers with complex groups and roles.

During the transition to this new feature we’re providing support for both types of entitlements (individual and group), with plans to phase out individual entitlements with our next major release (21.2) near the end of February.

New and enhanced Insights

Beginning with 21.1, our Release Notes now include a section highlighting any enhanced or new Insights. This first release of 2021 was a big one, and this ended up being quite a long list.

Enhanced Insights are typically  improved or updated in a number of ways, including expanding or refining the associated filters, adjusting or refining the logic, or expanding the Insight to include support for additional Cloud Service Providers (CSPs).

21.1 included improvements to 19 Insights and 16 brand new Insights. As of our 21.1 release, the DivvyCloud platform includes over 500 individual Insights.

General features and enhancements

AWS

  • Added Terraform support for AWS DMS Replication Instances and EC2 AMIs within the Infrastructure-as-Code module. [ENG-6235]
  • Added the ability to view/update tags on Cloud Event Rules. [ENG-6142]
  • Added support for three new S3 GuardDuty checks: Discovery:S3/MaliciousIPCaller, Exfiltration:S3/MaliciousIPCaller, and Impact:S3/MaliciousIPCaller. [ENG-6107]
  • Added visibility into AWS Route53 Zones with/without DNSSEC. [ENG-6100]
  • Reworked Application Load Balancer (ALB) harvesting to use boto3 for more efficient harvesting and better support with EDH. [ENG-5964]
  • Added visibility, tag, and delete lifecycle capability for AWS Lightsail instances, relational databases, disks and load balancers. [ENG-5617]
  • Expanded the Bot action “Modify Database Attribute” to work with AWS Redshift so that the publicly accessible and enhanced VPC routing actions can be updated. [ENG-5670]

AZURE

  • Added visibility into the Azure Allow Public Access property on Storage Accounts and created a new Insight Storage Account Allows Public Blob Access to audit this. The property is also taken into consideration when evaluating public access for child Blob Containers. [ENG-6197]
  • Added support for Azure Shared Image Galleries. This requires new permissions for the DivvyCloud Standard User Role: “Microsoft.Compute/galleries/read”, “Microsoft.Compute/galleries/images/read”, and “Microsoft.Compute/galleries/images/versions/read”. [ENG-5636]
  • Added visibility into AWS Application Gateway resources which are configured to use the Websocket/HTTP protocols. [ENG-5470]

GCP

  • Added the ability for customers to perform string replacement for Email tags within the actions Send Delayed Email and Send Bulk Email. This can be useful for GCP customers given that Google does not allow the . and @ characters in tags. [ENG-5834]

Multi-Cloud/General

  • Administrators can now require a valid authentication session for Infrastructure-as-Code (IaC) scanning by toggling the setting in the System Administration panel. [ENG-6210]
  • Improved BotFactory logging for on-demand scans, specifically when scopes are invalid because of their lifecycle state. [ENG-6255]
  • Added visibility into Kubernetes Namespaces and their annotations. [ENG-6183]
  • Added visibility into Kubernetes Secrets and a new filter to identify default secrets. [ENG-6182]
  • Added the resource exemption count into the Compliance Scorecard tooltip. [ENG-6102]
  • Added optional SMTP screen to initial admin creation (FTUX) workflow. [ENG-5972]
  • Added the ability for customers to perform string replacement for Email tags within the actions Send Delayed Email and Send Bulk Email. This can be useful for GCP customers given that Google does not allow the . and @ characters in tags. [ENG-5834]
  • Insight Pack membership is now displayed in the Insight Notes when viewing an Insight. [ENG-5844]
  • Made the Network’s Resource Listing column, Instance Count, sortable. [ENG-5820]
  • Modified filter Resource Exposing Specific Ports to look for Egress or Ingress rules for specified ports. [ENG-5785]
  • Customers can now change the look back period when sending themselves information on their billable resource counts. Instead of examining the past 180 days, customers can look back at shorter time periods. [ENG-5756]
  • Credentials are now refreshed during long-running jobs. [ENG-5663]
  • Load Balancer listener configuration information is now included in the CSV export. [ENG-5615]
  • Added Base URL to the FTUX/Onboarding workflow that admins go through as they create their account for the first time. [ENG-5364]

You can check out the release notes with details on all of the items for 21.1 and our subsequent minor releases here.

Learn more about how DivvyCloud by Rapid7 can help secure your cloud and multi-cloud environments.

Get Started