In October, Asana announced AI Studio, and it’s been a game-changer for how our security team manages work. By reducing busywork and freeing us to focus on high-priority tasks, AI Studio has literally changed how our team operates—empowering us to take on more impactful, strategic projects in place of time-consuming, low-impact work.
Here’s how our security team uses AI Studio internally.
As we shared in our AI principles and reinforced in the AI Studio announcement, Asana firmly believes that a human-in-the-loop approach is a foundational part of how best to work with AI, both to work around AI's current limitations and to ensure correctness.
On our security team, we review much of what the AI does. This review work is vastly simpler than doing the full scope of work ourselves, which leads to significant productivity gains for our team. With AI, we're able to triage more, read more, assess more than we can do on our own.
AI Studio ist in den Abos Starter, Advanced, Enterprise und Enterprise+ verfügbar.
Steigern Sie Klarheit und Wirkung im großen Maßstab, indem Sie Ihre Arbeit mit den Unternehmenszielen verbinden.
As everyone working in security knows, alert fatigue is real. It’s hard to continually tune alerts in your security information and event management (SIEM) tool to make your false positive rate low enough to make a dent—and hiring more and more people in your security operations center is expensive. Here's how we use AI Studio to help triage alerts and reduce the pressure on our team.
First, we create a custom rule that automatically converts alerts into tasks in an Asana project. This can be done using an existing integration, a custom API integration, or even via email.
Next, we set up a rule in AI Studio to triage these alerts. Based on this rule, when an alert is converted into a task, the AI is configured to add a comment with insights generated based on its prompt.
In this example, the AI adds a comment to the alert task categorizing it as one of the following:
A malicious threat that needs to be further investigated.
A contained threat where malicious activity was blocked and no additional action is needed.
A false positive that can be safely ignored.
You can configure the AI to automatically resolve the alerts or move them forward in the process. In our example:
If the AI determines the alert is a false positive or has been contained, it completes the task and removes it from the project.
If the AI identifies the alert as real and requires further investigation, the task is added to another project so Asana’s Corporate Security team can take action.
What’s more, if the alert is real and the team needs help, we’ve configured the AI to act as an investigator to provide guidance and next steps.
Whenever a comment is added and the AI is directly addressed or referenced, the investigator is triggered to provide support—whether by analyzing additional context, answering team questions, or suggesting follow-up actions.
Here's what it looks like on a real, malicious security alert. First, the Smart workflow identifies the threat as malicious:
Then, the investigator is triggered. It automatically tags the correct user in Asana and asks a follow-up question—just like our security engineers would.
Later, the investigator assigns a task to a member of the Corporate Security team to gather more data so it can further analyze the threat. By working together, the AI and our security team successfully addressed this alert and closed it.
This behavior is fully customizable. If you’d rather the AI not ask follow-up questions, you can easily adjust the workflow to match your preferences. It's important to note that you can use as much—or as little—of these workflows as fits in your security team's program.
AI Studio can do more than just comment. It can also fill out custom fields and read existing documentation. Here's how we use it to triage vulnerabilities:
When a task is added to our vulnerabilities project, we ask the AI to triage it and recommend next steps. To set the AI up for success, we give it context on related vulnerabilities, team responsibilities, and even attach a spreadsheet outlining how we score our vulnerabilities.
With that context, the AI gets to work. It fills out key custom fields such as severity, vulnerability type, affected systems, and even picks a due date. Once complete, it adds a comment with its analysis for the security team to review.
And because this all happens in Asana, it's easy to go back and adjust the severity or any other custom field later if needed. You can also easily build on top of this workflow with additional ones, such as recommending retesting plans when the vulnerability hits the retest stage and similar enhancements.
That's just two simple examples, but we use many more workflows. Here's a short subset:
Auditing access to production: We also use AI to help audit when engineers need to access production. These logs are automatically put into an Asana project, and the AI helps the employee reviewing the request assess whether the reason provided for access matches the commands run or whether it's a potentially dangerous action.
Security reviews: For new product features, we have a workflow that helpfully summarizes details and uses our internal SDLC and threat modeling documentation to point out where security engineers should focus their efforts. Because AI Studio can read Google Docs and other attachments, it has all the context it needs.
Bug bounty routing: AI Studio helps us figure out which product team at Asana is best suited to help us triage bug bounty reports. With more teams than I can remember, it's a big help to have AI Studio review each team's areas of ownership and the details in the bug report to make a good recommendation.
Answering internal questions: Like many security teams, the Asana Security team is asked a lot of internal questions. To save time and ensure consistent responses, we use a Smart workflow to see if the question has been asked before.
The potential for AI Studio is vast—we’ve only just scratched the surface of how far it could go. Here are just a few more use cases we’re considering:
Phishing triage and response
Answering security questionnaires
Analyzing graphs and user behavior logs for anomalies
Automated AI remediation
The possibilities are endless—really, the limit is only our imagination. We're continually experimenting with new Smart workflows to reduce toil on our team and free up our engineers to focus on high-impact work.
AI Studio ist in den Abos Starter, Advanced, Enterprise und Enterprise+ verfügbar.