Maker and Checker

Instead of just taking an action on a vulnerability, it is important to be able to leave a comment on why this action was taken. And in enterprise settings, GuardRails supports Status update approval (maker/checker) functionality, which means that a user making an action requires another person to check/approve the action before it takes effect.

You can use this feature with 3 simple steps:

Enable the Maker/Checker (Status Update Approval) setting
Update the vulnerability status with a comment
Review (Approve/Decline) the update

Enable the Status Update Approval (Maker/Checker) setting

Access the Settings -> General -> Status Update Approval section

Select Apply approval process option then click on Save button to apply the setting

Immediately, you will see the Actions page on the left global menu

Enable Maker/Checker setting

Update the vulnerability status with a comment

After enabling the feature, you will have the ability to provide notes while updating the vulnerability status

Update vulnerability status

The Note field is mandatory when updating the vulnerability status
The update status request needs to be reviewed (Approved/Declined) by other members with either the Security Engineer, Admin, or Owner role

Review (Approve/Decline) the update

The pending request to update vulnerability status will be listed on the Actions page

Security Engineer / Admin / Owner users can go to this page to review the pending request

Approve => the status of vulnerability will be changed accordingly
Decline => the status of vulnerability remains the same

Review update request

Enable the Status Update Approval (Maker/Checker) setting​

Update the vulnerability status with a comment​

Review (Approve/Decline) the update​

Enable the Status Update Approval (Maker/Checker) setting

Update the vulnerability status with a comment

Review (Approve/Decline) the update