Plan for Success: Using Process Blueprints to Define Your Security Playbooks
Security processes are the determining factor for success in any cybersecurity program
Jacob Graves | June 4, 2024
With Gutsy, security teams are getting visibility into their live processes for the first time. Many customers are learning that the processes they thought were running smoothly actually never quite lived up to their documented processes. With process blueprints, security teams can define their best practices and measure adherence over time.
Why Security Processes Matter
Security processes are the determining factor for success in any security program. However, these processes are usually somewhat abstract and can be incredibly challenging to visualize and oversee without a tool like Gutsy. Even after modeling your process, you may find that you never observe an acceptable process fully carried out as expected because your organization and security processes simply haven’t matured to that point yet.
Still, security leaders and GRC teams are usually able to clearly visualize in their minds how a process should work. Those idealized processes are the targets we want to set for our teams. These targets say which actions should take place in which order and in which amount of time.
With blueprints, you can easily define these best practices with a simple point-and-click UI. You can measure time and order of steps, and report on how conformant your process executions are to your blueprints.
Blueprint Features
Point-and-Click Blueprints
Across your different processes, you might create a handful of blueprints for each process. We made creating blueprints quick and easy.
Using the blueprint editor, you can select event types from a ready list and chain them into a process blueprint. Depending on your preference, you can choose whether to set the expected times for each step. You can even pick which cases this blueprint should apply to, based on their severity. For instance, you might have one blueprint for critical and high-severity vulnerabilities but another for low severity ones.
Since you may want to store these blueprints as code outside Gutsy, we make it easy to export and import blueprints as YAML files. This lets you keep those blueprints in your source code repository and even create or update blueprints via the Gutsy API.
Blueprint Conformance Tracking
Once your process blueprints are defined, you can easily track how often your security process is meeting the standards set by the relevant blueprints. Equipped with ready-made charts with hard conformance metrics, you will have what you need to drive change in your security organization and push teams to meet your best practices and reduce risk.
Using dashboards, you can track this conformance over time to show improvement as you make changes in how your security programs approach these problems.
Blueprints on the Process Map
Process blueprints can be viewed in the process map just like any other process variant. Gutsy will compare each variant to the blueprint and highlight directly on the process map which steps adhered to the blueprint and which deviated from it.
This comparative view helps security leaders quickly identify which steps are being properly followed and where risk is introduced due to skipped procedures.
Learn more
Article: Optimizing Security Through Process Data Organization
Article: Dashboards That Actually Show you What You What You Want to See
Demos: Gutsy's Components