Get a demo

Plan for Success: Using Process Blueprints to Define Your Security Playbooks

Security processes are the determining factor for success in any cybersecurity program

Jacob Graves | June 4, 2024

decorative image of a person holding a map

With Gutsy, security teams are getting visibility into their live processes for the first time. Many customers are learning that the processes they thought were running smoothly actually never quite lived up to their documented processes. With process blueprints, security teams can define their best practices and measure adherence over time.

Why Security Processes Matter

Security processes are the determining factor for success in any security program. However, these processes are usually somewhat abstract and can be incredibly challenging to visualize and oversee without a tool like Gutsy. Even after modeling your process, you may find that you never observe an acceptable process fully carried out as expected because your organization and security processes simply haven’t matured to that point yet.

Still, security leaders and GRC teams are usually able to clearly visualize in their minds how a process should work. Those idealized processes are the targets we want to set for our teams. These targets say which actions should take place in which order and in which amount of time.

With blueprints, you can easily define these best practices with a simple point-and-click UI. You can measure time and order of steps, and report on how conformant your process executions are to your blueprints.

Blueprint Features

Point-and-Click Blueprints

Across your different processes, you might create a handful of blueprints for each process. We made creating blueprints quick and easy.

Using the blueprint editor, you can select event types from a ready list and chain them into a process blueprint. Depending on your preference, you can choose whether to set the expected times for each step. You can even pick which cases this blueprint should apply to, based on their severity. For instance, you might have one blueprint for critical and high-severity vulnerabilities but another for low severity ones.

How to use process blueprints to define your security playbooks.

Since you may want to store these blueprints as code outside Gutsy, we make it easy to export and import blueprints as YAML files. This lets you keep those blueprints in your source code repository and even create or update blueprints via the Gutsy API.

Blueprint Conformance Tracking

Once your process blueprints are defined, you can easily track how often your security process is meeting the standards set by the relevant blueprints. Equipped with ready-made charts with hard conformance metrics, you will have what you need to drive change in your security organization and push teams to meet your best practices and reduce risk.

Using dashboards, you can track this conformance over time to show improvement as you make changes in how your security programs approach these problems.

See the breakdown of cases the conform to optimal and acceptable variants or blueprints

Blueprints on the Process Map

Process blueprints can be viewed in the process map just like any other process variant. Gutsy will compare each variant to the blueprint and highlight directly on the process map which steps adhered to the blueprint and which deviated from it.

Process blueprints can be viewed  in the process map like any other process variant

This comparative view helps security leaders quickly identify which steps are being properly followed and where risk is introduced due to skipped procedures.

Learn more

Article: Optimizing Security Through Process Data Organization

Article: Dashboards That Actually Show you What You What You Want to See

Demos: Gutsy's Components

ebook: Process Mining: The Security Angle