1. Home
  2. Application Management
  3. Applications Management

Applications Management

This guide aims to explain the different parts of the Applications Management page as well as the steps to perform different actions to manage your Applications on your AppSec Phoenix Dashboard.

1. Introduction

AppSec Phoenix monitors your Applications so you can take action if one of them goes above the threshold level. The Application Management page lets you add, edit, and delete your Applications in your AppSec Phoenix instance. 

The Applications Management is divided into two sub-pages, namely: 

  1. Application Risk View
  1. Application Risk Details

2. Application Risk View Sub-Page

The Application Risk View page gives you a general risk assessment overview of your applications as well as the options to perform several actions such as adding new applications, editing existing applications, deleting applications, and export or import application data.

The Application Risk View sub-page

The Application Risk View page is divided into two parts: Overall Summary and Applications List.

A. Overall Summary

The first part is the summary that provides an overview of the risk status of each of the Applications using a combination of speedometer-type dials and pie and doughnut graphs. Each of which are colour-coded with large text captions indicating the vulnerability status to catch your attention more easily.  

The Application Risk View Page – Overall Summary

The Overall Summary section consists of the following parts:

Overall Application Risk Score – takes into consideration the Application’s overall risk assessment. It uses a speedometer-type dial indicator and the risk level written in large font. Both are colour-coded to get your attention easily for any Applications with critical or high risk.

Overall Risk Breakdown – displays the breakdown of vulnerabilities per to risk level. It uses a colour-coded pie chart with labels showing the percentages of each risk level.

Risk Status Per Vulnerability Type – displays the risk status per vulnerability type in the form of colour-coded speedometer-type dials

Apps Above Tolerance and Apps Below Tolerance – displays a list of Applications in two columns. The first column lists the Applications above the threshold level, while the second column lists the Applications below the threshold level.

B. Applications List

The second part of the Application Risk View sub-page is a list of the existing Applications with their corresponding Application Risk Status, Criticality, and Accountable User. Each Application also has its own Edit and Delete buttons so you can edit the Application or remove it respectively.

The Application Risk View Page – Applications List

C. Additional Options

There are also additional options available within the Applications List.

Additional Options for Applications List
  1. Export Applications – lets you download the Applications list as a CSV file.
  1. Download Template – lets you download the CSV template you can use to import  Applications into your AppSec Phoenix Dashboard. 
  1. Import CSV – this button lets you upload multiple Applications at once into your AppSec Phoenix Dashboard using this option.  
  1. Add Application –  this button lets you manually add a new Application within AppSec Phoenix using the Create Application page.

3. Application Risk Details Sub-Page

The Application Risk Details sub-page lets you dig deeper into the status of each Component per Application in your AppSec Phoenix Dashboard. A drop down menu at the top left corner of the sub-page lets you easily switch from one Application to another.

The Application Risk Details sub-Page

Similar to the Application Risk View sub-page, it is also divided into two parts: The Overall Risk Summary and the Components List.

A. Overall Risk Summary

As the name states, the Overall Risk Summary section provides a high-level view of the selected Application’s overall risk status.

The Application Risk View sub-page – Overall Risk Summary

You can switch from one Application to another using the dropdown menu at the top left corner of this sub-page.

Application Switcher

At the top right side of the sub-page, you also have the option to add a new Application, edit the selected Application, and print the report by clicking the “New”, “Edit”, and “Print Report” button respectively.

This section includes the following parts:

Overall Application Risk Score – takes into consideration the Application’s overall risk assessment. It uses a speedometer-type dial indicator and the risk level written in large font. Both are colour-coded to get your attention easily for any Applications with critical or high risk.

Overall Risk Breakdown – displays the breakdown of vulnerabilities per to risk level. It uses a colour-coded pie chart with labels showing the percentages of each risk level.

Risk Status Per Vulnerability Type – displays the risk status per vulnerability type in the form of colour-coded speedometer-type dials.

Risk Progression Charts – composed of two 30-day charts that can be used to track Applications that demonstrate trends of gradually increasing or decreasing risk levels. The two charts are as follows:

  1. Application Risk Progression – shows the daily critical severity level of the selected Application.
  2. Risk Progression – shows the Component count per risk or severity level in the selected Application.

B. Components List

The Application Risk View sub-page – Components List

The Components List section displays the Components of the selected Application including details for each such as the current Risk level, Name, Scanner Name, Exposure, and Error (if any).

4. Managing Applications

Here are the steps to perform basic Application-related actions in your AppSec Phoenix instance.

a. Creating an Application

  1. On the Navigation Menu, click Applications.
  1. Scroll down and go to the Applications section. Then click the “Add Application” button.
  1. Complete the following fields:
  • Application Name – name assigned to the Application.  
  • Threshold – sets the tolerance level for the Application.  
  • Criticality – determines how critical the Application is (low, medium, or high). 
  • Value – sets the cost equivalent of the Application. 
  • Accountable User – assigns the person or user primarily accountable for the Application. 
  • Tags – assigns tags to help identify and search for the Application.

You also have the option to check the “Link to Jira Project” if you have Jira already integrated into your AppSec Phoenix account.

  1. Click the “Create Application” button.

To create multiple Applications, you can use the CSV Import feature using these steps:

  1. On the Navigation Menu, click Applications.
  1. Scroll down and go to the Applications section. Then click “Download Template” 
  1. Open the CSV template and follow the format to enter the Application details.
  1. Save the CSV template and upload it to AppSec Phoenix by clicking the “Import CSV” button.

A message confirms that you have successfully uploaded the file and added the new Applications.

b. Updating an Application

  1. On the Navigation Menu, click Applications.
  1. Scroll down and go to the Applications section. Look for the Application that you want to update and click Edit (pencil icon)
  1. Edit the field(s) you want to update in the Update Application form.
  1. Click “Save” or “Save and Show Applications”.

c. Deleting an Application

  1. On the Navigation Menu, click Applications.
  1. Scroll down and go to the Applications section. Look for the Application where you want to delete and click Delete (bin icon)
  1. Confirm that you want to delete the Application by clicking the “Delete” button.

d. Viewing, Exporting, and Importing Applications

  1. On the Navigation Menu, click Applications.
  1. Scroll down until you see the Applications list.

The Application Risk View Page – Applications List

3. To export the Applications list, click “Export Applications” link at the top left corner of the list.

4. To import a list of new Applications into AppSec Phoenix, click “Download Template” to download the CSV template you will use to import the new Applications.

  1. Open the CSV template file and follow the format to enter the Application details.
  1. Save the CSV template and upload it to AppSec Phoenix by clicking the “Import CSV” button.

A message confirms that you have successfully uploaded the file and added the new Applications.

Updated on September 9, 2021