Our valued customers and their feedback provide the backbone of each and every major release for DivvyCloud by Rapid7. This release is particularly illustrative of the constructive partnerships that we foster with our customers because it includes our first product add-on, the Cloud Identity and Access Management (IAM) Governance module. Last year, a customer approached us and asked us to solve a significant problem involving cloud IAM. While the customer’s problem was extremely complex, they trusted and worked with us to create a best-in-class solution that would allow them to gain control over who and what had access to their valuable cloud resources and assets. We dedicated months of hard work to solving this problem and developed what we believe is a groundbreaking tool that will help many others adopt a least-privileged access approach to cloud IAM.
In addition to the Cloud IAM Governance Module, we’ve introduced the ability to add an API-only user, and an update to the AWS CIS Benchmark pack.
Cloud IAM Governance Module
Our Cloud IAM Governance module is available through a feature called Access Explorer. It enables organizations to manage IAM challenges across the full scope of their cloud footprint. Within AWS, there are many different ways to grant access to an individual resource. At scale, attempting to track these various methods of access across dozens of resource types through separate console interfaces with differing structures is a time-consuming and error-prone process. This module gives you the ability to pull all of this information into a single interface, dramatically improving visibility across your entire cloud and ensuring that you provide the right level of access for all the users and resources in your cloud.
Read more about the value of IAM in cloud security through our white paper, Gaining Control Over Cloud IAM Chaos. You can also check out the IAM Governance page to learn a bit more about the value of this feature and request a demo. Reach out to your customer success rep to learn more, too!
Complete IAM Governance documentation is available here.
Add an API-Only User
As part of our latest 20.5 release, we have introduced the ability for administrators to create API-only users. Using API endpoints and granting an API key, along with preventing console access allows this type of user to programmatically log in to the system. Details are available here.
Updated AWS-CIS Benchmark Compliance Pack
Our new AWS-CIS 1.3.0 Compliance Pack includes Insights (a total of 45!) that map to the latest CIS benchmark requirements. CIS made some changes since the last benchmark (1.2.0), so we’ve updated the pack accordingly. This pack is particularly important for organizations that use AWS and align to CIS benchmarks. Full details are available here.
More, More, More!
As with each major release, we have included several bug fixes along with some new and enhanced filters. For the full rundown, read the 20.5 release notes.
Do you have specific features or capabilities in mind for DivvyCloud? We want to know. Email firstname.lastname@example.org with your suggestions.
DivvyCloud by Rapid7 protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges. With automated, real-time remediation, DivvyCloud by Rapid7 customers achieve continuous security and compliance, and can fully realize the benefits of cloud and container technology