Nucleus uses the concept of projects in order to more effectively organize your vulnerability data. There are two main benefits to using projects within Nucleus:
- Manage access to the vulnerability information in each workspace independently from each other (ie give access to different information to different users)
- Easily analyze, report, and see metrics for specific data in which you are interested
- You can divide the vulnerability information in any way you wish, such as by team, geographic location, business unit, etc.
- Please Note: you can organize your data within projects as well via asset groups
Adding a Project
To add a project or a new workspace in which to manage vulnerability data, you do so in the following way:
1. Navigate to Global Dashboard.
2. Click the Add Project button.
3. Fill out the project name and project description.
4. Click Save.
5. You will automatically be directed into that project to start managing vulnerability data!
Example Project Layouts
This section provides two examples of how you can use projects to manage your vulnerability data. The first is a large enterprise with multiple locations around the world, and the second is an AppSec team which is managing their different Development teams in their transition to DevSecOps
Acme Corporation is a global enterprise with locations all around the world. They have a vulnerability management team for each continent on which they are based who is responsible for all the offices in that region. The enterprise also has made multiple acquisitions that they have not been able to manage.
One recommended way of setting up the Nucleus Projects, in this case, is to create one project for every vulnerability team, and for each acquisition. Each project would contain all of the data for that continent and acquisition within it, and the project-level organization features would be used to manage the vulnerability data within the project.
The project structure would be as follows:
North America Project
South America Project
Acquisition #1 Project
Acquisition #2 Project
In this case, there would be 6 projects, allowing the vulnerability data to be organized by both region and business unit.
Note: You could create more specific projects as well, a project is just a collection of data that you would like to analyze independently from the other vulnerability data.
ACME AppSec has a full suite of applications they develop in-house. They manage 4 development teams that run themselves independently of each other. One recommended way of creating projects in Nucleus.
Dev Team 1
Dev Team 2
Dev Team 3
Dev Team 4
All applications for which each Development team is responsible will be contained within their project. This layout will allow a vulnerability management team to assign access to users based on the vulnerability information which is relevant to them.