Skip to content

Code Owners and Routing

Every asset Escape discovers gets mapped back to the team that owns the code. That mapping is what turns a finding from "somebody's problem" into "your problem" and lets Workflows route issues to the right queue without manual triage.

Where Ownership Comes From

Escape resolves the owning team from whichever source is available, in this order:

  1. CODEOWNERS files in the linked source-control integration. GitHub, GitLab, and Bitbucket all surface the same schema.
  2. Repository tags and topics set in the SCM integration.
  3. Manual assignment on the asset, either through the UI or via the Public API.

When the same asset matches multiple rules, the most specific match wins: a CODEOWNERS entry for /services/payments/ takes priority over an org-wide default.

What Routing Unlocks

Once ownership is known:

  • Workflows can trigger on asset ownership ("if owner is payments-platform, open a Jira ticket in that team's project").
  • Reporting breaks down findings by team so the monthly posture review starts from the right slice.
  • Notifications go to the right Slack channel or on-call rotation automatically.
  • SLAs attach to the team, so the triage clock starts when the right person is paged.

See Workflows for the action catalog, and Asset Management for how ownership fields are stored on each asset.

Fallback When Nothing Matches

Assets without an owner are routed to the default triage queue you configure at the organization level. The UI surfaces them as "unassigned" so nothing silently drops on the floor.