High-level overview of groups in RiskSense.
RiskSense Groups serve two main purposes within the platform. Groups provide the ability to create organizational folders within RiskSense, allowing for convenient and logical options for reporting and filtering subsets of assets and their vulnerabilities. Groups can be configured based on any asset commonality, such as device type, location, team, or business unit. Assets can be assigned to multiple groups. For example, a Windows 2016 Server running MS SQL and housed within the Sunnyvale office could be assigned to the Windows Servers, Databases, and Sunnyvale Office groups.
The second purpose of a group is to serve as a security boundary within the platform. User accounts, just like assets, are assigned to one or more groups. To which groups a user is assigned will dictate the assets and vulnerabilities they can view and manipulate, allowing for granular data management and visibility options. Using the Windows 2016 server example mentioned above, that asset would be visible to any user accounts members of at least one of the groups to which the host is assigned (Windows Servers, Databases, or Sunnyvale Office). If a user is not a member of any of those three groups, that Windows 2016 asset and any vulnerabilities identified in scans of that device will not appear on any of their RiskSense dashboards, list views, or filter results. The host and scanner findings will not be included in that user’s total asset or vulnerability counts either, nor will that host’s RS³ calculation impact their overall score.
RiskSense recommends creating several groups to move assets into as new hosts and web applications are brought online within your environment. As the scan files containing fingerprints of the new assets are uploaded into the Platform, newly identified assets are assigned the Default Group within RiskSense. Users can then apply list-view filters for categories such as Host Name, IP Address, and Operating System to gather the new assets and then assign them to the appropriate group or groups. This leaves the Default Group to easily find new hosts/assets as they are scanned and surfaced in RiskSense.
Group creation, management, and user assignment to groups can be performed within the Organize > Groups view. Adding assets to or removing assets from groups is conducted within the Manage > Hosts or Manage > Applications list views.
For more information, see the Groups Page: Overview article for details on all elements of the Groups page.