Challenge & Implementation
One of the entity’s departments has already implemented Defensys SOAR and among all other useful features it has the aggregated assets model that SGRC uses via the integration with SOAR. With a rise of the total number of technical equiHaving experience with our software and trusting
Defensys as a reliable vendor, the organization purchased Defensys SGRC for the integration with their internal portal. This portal, created for governmental bodies, is a multifunctional tool for employees of different departments and organizations. Portal allows users to create requests with various purposes. The government entity plays here the managing and approving role.pment within the entity SOAR became increasingly important.
The main function of SGRC in the organization is to automatically fetch all the received requests with the asset model. Thanks to the role model of the SGRC all the necessary asset types can be owned and managed by certain number of employees. Access to a particular asset with all stored requests and created data may be shared between employees of one or several departments.
After receiving and approving portal requests, a new customized entity with a certain status is added to SGRC via API. This asset, depending on type, relates to a relevant asset group automatically.
Furthermore, organization is able to complete information about particular group of assets and to generate a registry to comply with cybersecurity legislation.
Implemented integrations allow SGRC to constantly synchronize information about entity units incl. correct legal information and to create a CSV file with necessary data as a reporting form.
Results
Consequently, Defensys SGRC became an orchestration tool for collecting portal requests and complying with internal directives by applying necessary workflow steps while processing.
Thereby, the government entity effectively utilizes SGRC as a backend for the governmental portal and significantly reduces processing time. Users can instantly assess the compliance status of each asset in the database once there is such a request from their colleagues and department heads.
The SGRC in this organization is also represented as a self-service portal for subsidiaries who have to upload their compliance self-assessments, so the head entity can quickly see the statistics of how their industry meet the cybersecurity requirements. The built-in chat helps to achieve the total transparency between the controlled organization and the head entity.
As a further step, Defensys engineers will implement at the entity the risk assessment process available for all the involved parties.