Introducing Team Based Vulnerability Management
At Nucleus we understand that modern vulnerability management programs are always a team effort. From large multi-national organizations to the smallest of businesses, identifying and remediating vulnerabilities across all of your applications, infrastructure, and cloud environments involves a variety of people in different job roles working on often complex systems. With Teams, Nucleus now gives you the ability to involve all users direct access and capabilities in the vulnerability management process.
With this release, you can now create and manage Teams within each of your Nucleus projects. Teams are groups of users that you can use to represent ownership of both assets and vulnerabilities within the Nucleus platform. Teams can be given meaningful names, and users can be in multiple teams at the same time. Head on over to the Project Administration → Team Management page to start creating teams in your Nucleus console today.
The Teams release started with solving the challenge of who owns an asset. In many organizations, assets have specific teams who own the asset and are responsible for it, but different teams which actually support the asset in terms of patching, fixing vulnerabilities, etc. With the new Teams release, you can represent both of these situations using the Business Owner Team and the Support Team fields, with automation and more being built into the Nucleus asset model directly.
These fields can be set a myriad of ways; including directly in the UI by editing an asset, via the API, uploading a Nucleus Custom Asset File, or (our favorite way) by leveraging the Nucleus Automation Engine. We’ve updated Asset Processing rules to enable you to set the Business Owner Team and/or Support Team on assets from a list of available teams, or by a Nucleus dynamic field (reminder, Nucleus dynamic fields is the built-in Nucleus templating language you can use to access fields from database objects in automation)!
This means that, as an example, you can tag an asset’s support team in AWS, and then when this data is ingested into Nucleus as additional metadata for the asset, use the tag from AWS itself to set the business owner team of an asset in Nucleus automatically with a single automation rule. As always, why do things with 20 rules when you can have one rule to rule them all?
And of course, once you’ve set these fields on assets, you can use them in filters throughout the platform to see the right data for your context, including on the Asset Management page, or by using asset filters on all of the vulnerabilities pages to get to the data that you care about most for your team:
The real problem though, is how to remediate vulnerabilities at scale. To that end, a release of Teams would be incomplete without the ability to assign vulnerabilities to Teams for remediation (and tracking!). You could previously already assign vulnerabilities to users, but now we’ve extended that to allow you to assign vulnerabilities directly to a team to remediate. You can achieve this at both the vulnerability instance level as well as the unique vulnerability level (more on the bulk actions below ). To assign vulnerability instances to a team, you can do this manually via the Vulnerability Details page in the console, or by leveraging a Vulnerability Processing Rule in the Nucleus Automation Engine.
Coupled with Dynamic Fields, you can for example create a single rule that automatically assigns all vulnerabilities on an asset to the affected asset’s business owner team or support team. Check out the full list of all supported Dynamic Fields in our documentation center.
But wait, there’s more! Once the vulnerabilities have been assigned, that opens up a whole new world of filtering opportunities. You can now filter the Active Vulnerabilities page to show you specifically the vulnerabilities based on Team Assignments.
We’ve also launched a new page titled the Assigned to my Team page, where you can now collaborate even further within your Team and work down the list of vulnerabilities assigned to your team to remediate. You can of course leave all the comments, change statuses, and other vulnerability tracking workflows that you can already do today, but now collaboratively within your team.
Asset Processing Rules
Because we were implementing new automation functionality, we took the introduction of Teams as an opportunity to level up the Nucleus Automation Engine even further by bringing the same great (some have even told us that they love our cards <3) experience of action cards in vulnerability processing rules to asset processing.
Creating an Asset Processing Rule now has a refreshed look that channels an if this then that workflow, with asset criteria being set in the Rule Details step, and the ability to chain asset processing actions together.
That’s not all, though, because now all of the other asset processing actions accept Dynamic Fields too! We’ve also brought you the ability to run individual asset processing rules directly from the rule overview page, rather than having to edit and save the rule to force it to run.
We hope you love using Nucleus Teams as much as we’ve enjoyed using it. Stay tuned, as we have more related teams functionality coming in future releases!