Skip to main content
Managing Business Groups
Updated over a week ago

About Business Groups

Business Groups bring your organization's business context into the Vulcan Platform and impact your vulnerability management and security posture. You can think of a Business Group as a collection of assets, defined by you, that represents a Business Unit in your organization. Business Groups segment your environment into more manageable, meaningful chunks. For example, "Finance" or "Production".
For more context about Asset Tags and Business Groups, click here.

Business Groups Hierarchy

The Business Group Hierarchy feature lets you reflect your organizational structure on the Vulcan Platform.

To access and manage Business Groups:

  • Go to Settings > Business Groups

Through the Business Groups setting page, you can:

  • Create new Business Groups and assign them within the hierarchy.

  • Edit and reorder Business Groups by clicking on them. Users can modify associated assets and reorganize the hierarchy using a simple drag and drop functionality.

The Business Group Hierarchy provides a clear visual representation of the organizational structure:

  • View the hierarchy using the Org tree format.

  • Each parent card displays important details such as the group name, number of associated assets, business impact, and number of children.

Navigating and exploring the Business Group Hierarchy is made easy:

  • Expand the hierarchy by clicking on the arrow beneath each business group.

  • Scroll horizontally and vertically to view the complete tree.

  • Adjust the zoom level to observe the entire hierarchy without losing important information.

  • Utilize the search function located at the top-right corner to quickly find a specific business group by name.

Creating Business Groups

Creating a Business Group from scratch

  1. Go to Settings > Business Groups

  2. Click on New Business Group.

  3. In the Business Group info:

    1. Give your business group a meaningful and unique Name.

    2. Set Business Impact score – high, low, medium, or leave it unassigned. This will allow Vulcan’s risk algorithm to rank asset vulnerabilities with a business impact in mind.

    3. Select the SLA Policy the business group will be entitled to.

    4. Select the business group's Parent (Where do you want it in the organizational hierarchy?). If this is not your first Business Group, and you already have other Business Groups, you can select the place of the Business Group in the Business Groups hierarchy and set the parent.

  4. Click Next.

  5. In the Asset selection:

    1. Select the conditioning method:

      • Match All (the "and" condition): Only results that match all filters

      • Match Any (the "or" condition): Results that match at least one of the filters

    2. Select how to match the tag:

      • Naming convention: Enter a text string to match an asset's name. Any asset whose name contains the string will be tagged.

      • Subnet: Enter a subnet formatted as an IP address and a CIDR. Any asset with IP in that subnet will be tagged.

      • Follow other tags: Choose an existing tag or tags. Assets with the selected tags will be tagged.

      • Follow a saved search

        Note: If your saved search includes a risk filter, the Business Group will get updated in the next sync cycle (next day).

      • Specific assets: define specific assets

      • External facing: External facing assets are usually recognized automatically by the Vulcan platform and tagged as "External Facing". You can also manually define the asset that can be accessed from outside the organization. Read all about it here.

      Optional: You can manually include Code Project or Website assets to these matches. This allows you to create a unified, hybrid tag comprised of infrastructure and AppSec assets.

  6. After creating your conditions, look at the preview section to see if the results match your created conditions.

    The created business Group dynamically updates any new/existing assets that match the conditions.

  7. When done, click Create.

Promoting an Asset Tag to a Business Group

You can promote (convert) any asset tag (manually created or imported) to a business group.

  1. Go to Assets > Tags > Select the relevant Tag

  2. Click on "Convert to Business Group".

  3. Follow the regular process of creating a Business Group as described here.

Creating an AppSec Business Group

Suppose you’re creating and benefiting from digital assets like applications and websites. In that case, the Application Security report helps understand the risk impact and SPR of AppSec assets, i.e., Code Projects and Websites, on your organization. Many customers create dedicated AppSec Business Groups to learn about and visualize better the impact of their AppSec assets vulnerabilities on the SPR of the organization.

To create an AppSec-dedicated business group, follow the procedure described in "Creating a Business Group". Keep in mind the conditions to include only AppSec assets.

Creating a dedicated AppSec Business Group also helps you utilize the Application Security Report insight and value.

Demoting a Business Group to an Asset Tag

  1. Go to Setting > Business Groups.

  2. Select the relevant Business Group.

  3. Click on "Demote to Tag" and confirm.

Reordering Business Groups

To reorder your Business Groups:

  1. Go to Settings > Business Groups.

  2. Option 1: Click on a Business Group and modify the Business Group Parent. Then, click Save.

    Option 2: Click on Reorder Business Groups and drag-and-drop business groups to reorder the structure.

Modifying Business Group

When modifying a Business Group on the platform, you have the flexibility to adjust its configuration, rename it, or even demote it to a tag.

Business Groups across the Vulcan Platform


My Business Group’s impact differs from the Asset Tag impact it follows. So what determines the final impact of the Business Group?

If, for example, you have a High Impact Business Group comprised of Low-Medium impact Asset tags, the unit with the highest impact determines the actual severity. In this case, the final impact is High.

The same would be true if it were the other way around.

How do users usually define their business groups?

One recommended way to set the groups is by the organizational groups that own the different assets and are responsible for the assets’ remediation.

Another option is to set groups by the OS, e.g., Windows desktop, Windows server, Linux, etc.

Another option, for application security purposes, is to set the business groups based on the different applications managed within the organization.

What happens once you convert/promote an Asset Tag to a Business Group and vice versa?

When converting an Asset Tag into a Business Group (or vice versa) on the Vulcan Platform:

  • Processing Time: The transition isn't instantaneous. The platform requires time to compute and apply the change across its system. This delay ensures accurate updates are reflected platform-wide. Depending on the scale of the environment, the update process could take up to a full day. This is also true in case you change the Business Group name.

  • Visibility Shift: Upon conversion, the entity will shift categories; an Asset Tag promoted to a Business Group will vanish from the Asset Tags list and emerge within the Business Groups section. The reverse occurs when a Business Group is demoted to an Asset Tag.

  • Search and Filtering Differences: The platform treats Asset Tags and Business Groups distinctly in terms of navigation and searchability. While Business Groups are accessible through their specific search and filter bar, Asset Tags are integrated into the platform's Magic Search, found under Assets > Asset Tags. This differentiation streamlines the search process, allowing for more efficient data management and access.

    Business Groups Search bar:

    Asset Tags Search bar:

What happens if I change the Business Group name?

While renaming a Business Group will visually update its name on the platform instantly, the change may not be immediately searchable. The system needs time to process and propagate the new name across the platform, which ensures that all updates are accurately reflected throughout.

Did this answer your question?