In this article, you'll find out how to use the concept of scopes to organise your technical watch.SUMMARY
- Using scopes to structure your cybersecurity watch
- Create a scope
- Use the parent scope feature to structure your technical watch
- Special aspects of the parent scope :
What is a scope ?The scope is the central elemet of your technology watch. It consists of 3 distinct elements :
- A list of associated technologies : the technologies you wish to monitor for this scope.
- A list of users subscribed to this scope. They will receive an email when one of the technologies associated with the scope is subject of a bulletin.
- An action plan listing all the actions to be taken for your patch management for this scope (a patch to be applied, a workaround until a ptach is released).
Thus, when a PATCH bulletin is written, yuno :
looks at which scope(s) contain(s) the technology concerned by the bulletin
sends an email containing the bulletin to the users subscribed to these scopes
creates an action ticket for each scope concerned and automatically assigns it to the owner of the scope.
NB: When the technology which is the subject of the bulletin is present in several perimeters followed by a user, we send only one email containing the bulletin and the perimeters concerned.
NB: When the technology which is the subject of the bulletin is present in several perimeters followed by a user, we send only one email containing the bulletin and the perimeters concerned
Using scopes to structure your cybersecurity watch
The notion of perimeter is flexible enough to adapt to any type of organisation. Our clients generally organise their monitoring around 4 distinct models:
Cas 1 : A scope per publisher
You associate the technologies of a publisher you follow with each scope.
This approach can be practical when your information system is fairly homogeneous or if you work within a small structure.
Case 2 : A scope per technical team
You associate technologies with each area according to their use within your information system.
This approach is recommended in the context of a small structure with an information system whose technologies are fairly heterogeneous within your technical divisions.
Case 3 : A scope for a business vertical
You associate each perimeter with a business vertical in your company, associate the technologies used in this vertical and the users concerned.
This approach is recommended in the context of a siloed internal organisation with a fairly heterogeneous information system. It allows you to provide contextual information to each user according to the technologies they use.
Case 4 : A scope for a subsidiary
You associate each perimeter with a subsidiary of your company.
This approach is recommended in the context of a complex or even international organisation where each subsidiary is independent in maintaining the Information System in secure condition.
Tips: Adopt a hybrid organisation using parent perimeters for an ever more personalised watch structure
Using the parent scopes, you can create a hierarchy
between your different perimeters to mix approaches. Follow this link
to learn more.
When it comes to technical watch, good scopes organisation is essential to ensure that each user receives only the information they need. However, the proliferation of perimeters can quickly make your list of scopes unreadable.
To solve this problem, you can manage your scopes in the form of a tree structure using the Parent Scopes feature.
Create a scope
To create a scope you can follow this guide.
Use the parent scope feature to structure your technical watch
To create a Parent scope, all you need to do is create a classic scope.
Once this scope has been created, you need to associate it with one or more child scopes.
Case 1 : Associating existing scopes to a parent scope
To associate an existing scope with your parent scope, go to the list of your scopes from the portal and select the scope you want to associate.
On the perimeter configuration page, go to the Details tab and choose the parent perimeter to which to associate this perimeter from the Parent Perimeter drop-down menu.
Don't forget to click on the Update button to save your configuration !
Case 2 : Creating a new child scope within a parent scope
To add a scope within a parent scope, go to the list of your scopes from the portal and add a new scope.
In the creation window, go to the "Parent scope" field and select the scope to which you want to attach the scope you are creating.
Special aspects of the parent scope :
The parent and child scopes have no inheritance system. This means that :
- A user present in a parent scope will not automatically receive the watch bulletins corresponding to the child scope.
- The action plan for a parent scope does not contain the action tickets for child scopes.
Note: You can create an unlimited number of levels in your tree.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article