With each DivvyCloud release, we have a chance to demonstrate our customer-first mentality and reaffirm our opposition to pushing prescriptive, one-size-fits all cloud security solutions to our customers. We strive continuously to align our customers’ needs and priorities to our product roadmap, with the ultimate goal of enabling innovation in a way that makes sense and complements our customers’ unique business models, goals, and strategies.
With that in mind, we are pleased to announce the first major release of the year, Release 20.1. This release includes some significant improvements—and also some changes—to our platform.
This highlights from Release 20.1 include:
- Changes to Exemptions Management
- Microsoft Teams Integration Optimization
- Modifications to Pack-Level Notifications
- Divvy Badge Improvements and Optimizations
As usual, we highly recommend that you read the full release notes.
Based on our customers’ valued feedback, we have overhauled the exemptions system in this release. Exemptions provide our customers with a way to exclude specific resources from Insight findings. Prior to this release, exemptions were managed through Resource Groups. While this option worked well in certain scenarios, it did not provide a great overall user experience because it lacked approval logic, the ability to set expiration parameters, and unified viewing capabilities. As of this release, exemptions are managed through Insights, which ameliorates aforementioned flaws and creates a more intuitive user experience.
Building momentum on the support to our Microsoft Azure customers that we released late last year, we have implemented a new method for integrating DivvyCloud with Microsoft Teams. Leveraging the use of webhooks, DivvyCloud is able to integrate more smoothly into environments using Microsoft Teams.
Pack-level Notifications to Better Understand Insights
A major component of DivvyCloud’s value is delivered through insights, which are specific behaviors, conditions, or characteristics of cloud resources. Insights provide an in-depth understanding of an infrastructure’s security, compliance, and optimization. Insights can be individual or part of a “pack.” Our out-of-the-box compliance packs are curated collections of related insights focused facilitating compliance with industry requirements and standards, including HIPAA, PCI DSS, and many more. Another key DivvyCloud feature, bots, allow users to orchestrate automated action, such as sending notifications, based on specified insights.
In this release, users can configure bots deliver information pertaining to a category of insights instead of only at the individual insight level. This includes our out-of-the-box compliance packs as well as any custom packs specific to your environment.
We’ve also added hourly to the existing notification cadence setting options (daily and weekly). By consolidating notifications at the pack level and giving you more options for notification cadence, we are helping you cut down on the “noise” that notifications often generate. Read more about using Bots for email notifications here.
Divvy Badge Improvements and Optimizations
DivvyCloud roles have the ability to scope access to cloud accounts by badge. We’ve added a new checkbox to the badges form that, when enabled, matches the role of cloud accounts with all selected badges. Otherwise, the role matches cloud accounts with any of the selected badges.
To make this change, we had to rework some permission functions behind the scenes. We did this in conjunction with changes to minimize the surface area of the internal API and realize considerable performance improvements for customers with large numbers of users, groups, and roles. For customers using the Python module directly through a plugin, we have documentation to guide you around breaking changes. Reach out to us directly for details.
In addition to the highlights described here, Release 20.1 offers visibility and support for new resources, enhancements to support for existing resources, new filters, and much more.
DivvyCloud protects cloud and container environments from:
- Policy violations
- IAM challenges
With automation that drives real-time remediation, DivvyCloud customers achieve continuous security and compliance, and can fully realize the benefits of cloud and container technology.
*** This is a Security Bloggers Network syndicated blog from DivvyCloud authored by Jamie Gale. Read the original post at: https://divvycloud.com/feature-release-20-1/?utm_source=rss&utm_medium=rss&utm_campaign=feature-release-20-1