Pending ...

Human Managed hm.works 1.3 released with triage report

Human Managed app hm.works 1.3 released with report on triaged detections


Since its first release on 13 March 2023, the Human Managed web app hm.works has been getting fresh updates every single week.

hm.works' 1.0 journey started with the most fundamental knowledge for any business that operates digitally: intel on existing digital assets (services, products, resources that are in digital form).

Then, hm.works' 1.1 added more intel on a business' digital assets, by reporting on the assets' state, or overall posture. An asset's posture is measured by the controls (checks, rules, policies) that are enabled on the asset.

hm.works 1.2 delivered even deeper layers of intel on a business' digital assets: behaviors discovered and detected, which (positively or negatively) affect the business.

So what can you do with all the intel about asset, posture, and behavior?

Today, we are excited to introduce...

Triage Report

Untitled design (7).png

In our Triage Report, hm.works answers the 3 most important things you need to know about the posture and behavior detections on your assets, so that you can act on them with prioritization:

  1. What is the priority of the detected alert / issue / incident?
  2. How effective is my prioritization of high risk alerts?
  3. What critical assets are affected that requires my immediate attention?

What's triage?

  • What it is: a service that collects, analyzes and prioritizes detected alerts and events from data sources based on customer's unique business models.
  • Why it is important: When done effectively, triage adds as much context as possible up front (e.g. assets affected, priority) and reduces noise and false positive detections from your environment. This enables you and your team to prioritize actions for react and resolve, and reduces time spent on less important alerts and events.

triage gif.gif

* * *

Let's explore each segment of the Triage Report.

Triage Metrics

triage 1.jpg

  • What: This card reports the metrics that are important to understand the status and performance of the Triage service, such as: the number of alerts and events detected, how many of the detections are confirmed to be issues, what is the mean time for the hm.works platform to ingest data from detection sources, and the mean time for the hm.works platform to notify you.

  • Why: Triage metrics help you understand the status and performance of the Triage service, and guide your action to investigate further if something does not meet your expectation or goal.
  • How: Forward data from any sources (e.g. endpoint detection and response tools) that you want to be analyzed as part of hm.works Detect and Triage services. Customize relevant metrics such as your issue management KPIs on the web app.

Detection vs. False Positives

triage 2.gif

  • What: This card reports the number of triaged Issues and False Positive detections over a period of time.
  • Why: Monitoring and measuring the volume based trend improves your performance and directs your operational actions to reduce number of issues and false positives.
  • How: Forward data from any sources (e.g. endpoint detection and response tools) that you want to be analyzed as part of hm.works Detect and Triage services.

Issues Grid

triage 3.jpg
  • What: This interactive grid breaks down the details of all triaged issues, including their priority, confidence score (calculated by hm.works based on the completeness of relevant data), detection type, asset affected, asset criticality, date created, and a link to track status of the issue.
  • Why: Having all open issues in one place allows you to explore the data as you see fit to prioritize your action and/or improve your understanding of issues in your environment (e.g. sort by priority, asset criticality, detection type).
  • How: Forward data from any sources (e.g. endpoint detection and response tools) that you want to be analyzed as part of hm.works Detect and Triage services.

Detection Timeline

triage 4.jpg

  • What: This page shows you the current status and the sequence of events of a triaged issue.
  • Why: Allows you to monitor the current status and progress of the issue in one place without requiring back and forth manual communication.
  • How: Forward data from any sources (e.g. endpoint detection and response tools) that you want to be analyzed as part of hm.works Detect and Triage services.


* * *

And that is hm.works 1.3! We will be releasing more features and updates regularly, so stay tuned.

To get the latest news from Human Managed, follow us on LinkedIn and check out our blog.

* * *

Want to discuss how we can help solve your cyber, digital, or risk operations through data?

Want a test run of the hm.works app?

Have any questions or feedback?

Please contact us at hello@humanmanaged.com.