Make Multi-team Collaboration Easy with Saved Views
Our data driven security governance platform helps security leaders manage multiple teams
Aqsa Taylor | February 5, 2024
Introducing Views
Security processes are often managed by more than just one team. Coordinating the joint efforts of teams is in itself a well-recognized challenge. It is also the bedrock of any effective strategy. The first step towards this goal is getting clarity and data driven visibility into your process. The second step is communicating action items to specific teams in a clear and timely manner. These principles are the obvious foundations of any mature governance strategy and security process.
Ensuring your teams don’t have to guess what their area of ownership is the starting point when fixing a process. Gutsy process views can help you easily direct teams to actions that fall within their specific areas of responsibility and help them fix issues before they lead to breaches. Process views, which are based on Gutsy’s intuitive granular filters, can be saved for future reference and used to trigger alerts.
How it works
Gutsy collects information about relevant events and the corresponding metadata required to recognize activity such as assignee information, ticket metadata, report IDs etc. To learn more about how Gutsy does it, check out our data viewer blog.
Much like database views, Gutsy’s process views are based on saved filter queries and are used to expedite analysis and trigger alerts. While analyzing process data in the Gutsy process explorer, you can save complex queries for future reference as named views.
Views can be continuously adjusted and refined to keep them current and up-to-date, and they are likely to become the cornerstone of your Gutsy workflow. Once you’re satisfied with the cases returned by a view, you can configure a Gutsy action to alert on new cases that meet the view’s conditions and share action items with the relevant teams via Slack.
Real Use Case
Consider an organization that has different teams managing access to different cloud service providers. When an employee leaves the development team, we expect the HR team to order the offboarding process. During offboarding, the team responsible for GCP access needs to remove the employee’s access from GCP, while another team removes access from AWS systems. These two teams work independently of each other in practice, but from the organizational perspective, the efforts are all part of a single offboarding case for a certain employee.
With Gutsy views, managers can proactively monitor and alert if a team misses removing access before the offboarding date is reached and send the relevant team a specific alert for the action items pending on them.
Creating such a view in Gutsy is simple - filter the process by the resource (GCP vs. AWS) and missing events to identify the relevant cases. The governance team can leverage Gutsy views to easily track how many of such access removal cases are still pending and how the teams are improving their SLAs on removing access for off boarded employees.
Ask for a personal Gutsy demo to see this capability in action.