Stacks is a new AppSec offering, allowing users to group and organize their applications and risk groups into single combined views. With this release, we have a new set of APIs that will handle the basic Create, Read, Show and Update functions for users to programmatically interact with Stacks.
You can create a stack in order to pair applications and risk groups into a singular view. You can create as many stacks as you would like in order to compare and contrast different stacks performance and risk. Risk groups and applications can be added to different stacks multiple times.
This Stack card above shows the average scores of the risk groups and applications included in the stack. It also shows how many risk groups and applications are included in each grouping.
Creating a Stack is a simple process. Navigate to the Stacks page via the AppSec dropdown in the upper left hand corner of the UI.
Once in the Stacks page, before you have any Stacks, you will see a blank Stacks view that informs you what Stacks does. You will see a large button to create you first stack.
There is also an “Add Stack” button in the upper right corner of your Kenna Instance.
By clicking any of these buttons, a modal will appear with an input field to name the stack, as well as two fields to add risk groups and applications. When you have filled out all three of these fields, the blue “Create Stack” button will become active.
When a stack is successfully created, a dismissible banner message will appear at the top of the screen to validate that your stack was successfully created.
If you need to update a Stack, change its name, add or remove risk groups or applications, from the Stacks page hover over the corresponding Stack Card and a dropdown will appear.
Click the “Edit Stack” option and make the necessary changes. Once you are done modifying the name, risk groups and applications, save the edits.
Deleting a Stack
To delete a Stack, click the “Delete Stack” option on the Stack Card dropdown. A warning will appear asking you to confirm the deletion.
Important: This action cannot be undone.
Card View vs Detail View
There are two different viewing options in Stacks.
Stacks will appear in a card view similar to VM Dashboard. Each stack card will summarize risk groups and applications scores.
Clicking on the name of the stack or the “View Stack” button will take you to the individual stack view. Each individual stack has its own summary towards the top of the page, that includes the overall score of the scoped stack’s risk groups, as well as the overall score of the scoped stack’s applications.
Edits and deletion can be done from this view too. Hovering over the selected stack name will show “Edit” and “Delete” options as a pencil and trashcan respectively.