Application Security Module

The Application Security Module Dashboard page allows you to dynamically create Applications in Cisco Vulnerability Management and use application security connectors to bring in vulnerabilities on those applications. After you've set up your applications, you can quickly see their risk score on the Dashboard page. The risk score is calculated based on all highest risk findings for the application multiplied by the priority that you assign to the application.

AppSec-1.png

Create a New Application

1. Click Add Application at the top right of the Dashboard page.

AppSec-2.png

2. On the New Application page, fill in the following fields:

  • Application Name - give your application a name that will be easy for you to identify
  • Repo URL - optional metadata
  • Hostname - optional metadata
  • Owner - optional metadata about the owners of the application
  • Business Units - optional metadata on the business unit responsible for the application
  • Internal or external facing - select internal or external. If the application is external facing, the application risk score will have 200 points added to its total.
  • Priority - select a priority from 1-10. The priority is used in the calculation of the application risk score. The highest finding score is multiplied by the application priority to give you the application risk score. For example, if the Highest Risk Finding for an application is 80 and you assign a priority of 10 to the application, the risk score for the application is 800.
  • Notes - optional field for notes you want to keep on the application
  • Application Identifier - required; the URLs/locator elements for the application you're defining.  Include all URLs/locators that you want as part of your application.

3. Click Save to create your new application.

View Applications Scores

When you've added new applications, you can see their risk score on the main Application Security Module page.  This score is calculated based on all the vulnerabilities found on the application locator identifiers you used as part of your application.

Edit an Application

You can edit your application metadata or component URLs, or consolidate items into a single application.

1. Click pencil-edit-button.jpg.
Edit_App.png

2. Edit the fields that you want to change.
3. If you want to consolidate several items, on the Edit page, click Add Application Identifier and select one or more identifiers.
4. Click Save.

View an Application Overview

Click the Overview button for an application to open the Application Overview page, which outlines the basics of the application and shows the scores and metrics. You can see all the metadata you defined, as well as an overview of how the application is doing. There's also a link to the Explore view where you can see the individual vulnerabilities that contribute to the application score.

AppSec-Application-Overview.png

You can update the Notes field from the Overview page. To update other metadata, use the Edit Application function on the Dashboard page.

AppSec-3.png

Application Security Module Explore page

The Application Security Module Explore page allows you to quickly see the vulnerabilities that contribute to the application score and helps you to remediate the riskiest findings.

AppSec-4.png

On the Explore page, you can toggle between detail and summary views. On the details view, individual vulnerability findings are displayed on each line. The Summary shows a summary of vulnerability findings.

AppSec-5.png

If you click an application on the Dashboard page, the Explore page opens and displays the details about that application's vulnerabilities and fixes.
On the Explore page, you can also use the Custom Query String field and the filters to navigate through the data in your Cisco Vulnerability Management instance. For example, you can search the findings based on a specific CVE identifier such as cve:CVE-123.

AppSec-query-string-field.png

You can use the filters to reduce the number of findings that display. For example, you can move the Risk Score slider to only show findings with a risk score of between 50-80, or you can select the options for 'New', 'Not a Security Issue', and 'CWE' so that only new Common Weakness Enumeration findings that are not a security issue will display in the list.

AppSec-findings-filters.png

Application Security Module Reporting page

The Reporting page provides summary statistics and charts based on your defined applications. The top row provides you with information about your total findings risks core, active applications, open findings, total findings, and mean time to remediate.
The charts on the page provide you with information such as:

  • Total Risk Score Over Time: This chart shows you your total risk score for all your applications over time by risk score.
  • Mean Time To Remediation by Business Unit: This chart shows how each of your Business Units are performing for remediation, if you are using business units metadata on your applications.
  • Today's Application Risk Scatter Plot: This chart shows how your applications are scoring for the present day, to allow for easy comparisons between applications on both risk score and vulnerability count.

AppSec-6.png

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.