Overview
Assigning the right people to your software environment increases DevSecOps collaborations' efficiency.
After assigning defined ownership teams to hosts, services, and other entities, all associated teams will be shown in the respective unified analysis screen.
Dedicated workflow actions allow quick and easy retrieval of this information and usage in automated workflows. They can be used, for example, for targeted notifications in case of a detected problem or security vulnerability.
Get started
To quickly get started with ownership information to enhance transparency and simplify collaborations between teams, the following steps are needed:
-
Create an ownership team on the Settings>Ownership Teams page.
-
Add desired team information, such as contact information (Slack, email, Jira, MS Teams), responsibilities, and further team information.
-
Associate ownership team to selected entities, such as hosts, services, and Kubernetes objects via metadata (recommended) or tags using the key prefix "owner" and the unique team identifier. Information about how to use metadata and tags are provided in the respective documentation. The ownership information is immediately shown on the respective entity screens.
-
Add dedicated workflow actions, such as "get owners" to your workflows, to query the needed information from specific entities, in order to automate collaboration and incident management processes.
Details
Dedicated workflow actions enable the automation of the incident management and response processes via targeted notifications to the right people and hence reduce the noise.
The workflow actions only need the entityID of the selected entity to return the ownership information incl. their contact information, as long as the selected entity has an owner assigned to it.
The result of the workflow actions can be used for further processing as needed, for example for sending an email, Slack message, or creating a Jira ticket, while assigning already the responsible team.
Use cases
- Providing contact information at the entity level to enhance automated remediation actions, such as targeted notifications via, for example, Workflows
- Enabling team and dependency transparency
- Reducing mean time to recovery (MTTR) to automatically inform the right teams about new incidents.