When working with the Application Security Module, applications that are scanned by your application scanner platform within the your environment will inherit the name of the application as it is stored on the scanning platform. At some point, you may desire to make changes to the application names as your organization or vulnerability management program changes. If planned properly, these changes do not need to result in orphaned assets, or duplicated assets/applications within Cisco Vulnerability Management. This article helps to describe how the stacking works in Cisco Vulnerability Management and how changes should be done to ensure it is seamless.
The way the applications are stacked in Cisco Vulnerability Management depends on 3 items:
-
The application name (such as the top-level folder name)
-
The application identifier tied to the application name, and
-
The application identifier tied to the asset.
Making an Application Name Change
To make an application name change on your scanning platform, you will need to change the application name, the application identifier tied to the application, and the application identifier tied to the asset. By following the steps outlined below, you will make sure to preserve the score history of the application and ensure that when data from the renamed application is brought in, the assets are not duplicated.
The methodology to be followed is:
-
After a new name has been selected, update the application name / folder name within the Application Security Module.
-
Update the application identifier tied to that application.
-
Update the application identifier tied to the assets under that application.
The application score will be preserved and when you import fresh data from the scanner, the imports will update those assets without creating new assets, or leaving the old ones orphaned.
API Automation
This process can be automated using the API, which an help in situations where there are multiple applications or the applications have many assets associated with them.
The methodology to be followed using the API is:
-
Search for assets tied to an application using the Search Assets API.
-
Update the application name and application identifier using the Update Application API endpoint.
-
Update the application identifier tied to each asset (under the application) using the Update Asset API endpoint.
Finally, to automate the API process, refer to the information here.
Comments
Please sign in to leave a comment.