New treatment policies for your organization

You may have noticed that, in the past few days, a new label appeared in the Integrates Home screen, titled " My Organizations".

This is a new feature in Integrates that is being actively developed, which aims to become that administrative panel where you can view overall information across the several groups you may have, and from where you can set policies which will be enforced in all said groups.

If you access your organization, you will find yourself looking at three tabs:

  • Charts: shows overall indicators for the organization, extracted from all the groups that belong to it.
  • Policies: set of rules that can be enforced across all the groups of the organization.
  • Users: manage users that are members of the organization and their respective role (much like the Users tab in the Group context).

Let’s take a look into the Policies tab:

For the time being, there are three policies you can enforce in your groups, all of them related to the treatment that can be applied to a finding:

  • The maximum number of calendar days that a finding can be temporally accepted, up to 180 days (roughly 6 months). This setting pretty much speaks for itself.
  • A temporal CVSS score range between which a finding can be accepted. With this rule you can make sure that critical vulnerabilities are not accepted, making the developers only course of action to fix it.
  • The maximum number of times a finding can be temporally accepted. Put a stop to developers postponing the fix of a vulnerability indefinitely.

We hope you enjoy these new features and keep an eye out for new functionalities that may appear any day :wink: