Application
The Application Analyzer provides AppSec teams with visibility and actionable insights into the security and compliance posture of business-critical applications. It identifies applications whose security profiles have changed, highlights high-risk apps, monitors compliance risks, tracks new deployments, and detects gaps in SAST coverage.
Required Blueprints: GitHub, Azure DevOps, Azure, AWS, Bitbucket, DAST, Kubernetes
Sightlines
| Sightline | Description |
|---|---|
| Applications | Key metrics for business-critical application security, including security profile changes, high-risk apps, complianc... |
| API BOM | API layer risk visibility, surfacing applications with critical API vulnerabilities, total critical vulnerability cou... |
| Dynamic Application Security | Visibility into the dynamic security posture of applications by surfacing DAST metrics and trends. |
Explorer Node Types
Use these node types in Explorer or KAI to query resources surfaced by this analyzer:
sca.apibom.APIEndpoint, dast.scan.InfoBlock
Related Analyzers
- Repository — Source code repositories backing applications
- Code — Application code vulnerabilities
- Software Composition Analysis — Application dependency risks
- Artifact — Container images deployed by applications
- Kubernetes — Application runtime environment
Insight Feed Alerts
Apps With Critical API Vulnerabilities
Highlights applications with API endpoints that have critical vulnerabilities, enabling prioritized remediation efforts.
Critical Vulnerabilities Discovered in API Endpoints
Identifies API endpoints with critical vulnerabilities, enabling immediate action to mitigate risks.
Vulnerable API Endpoints
Identifies API endpoints affected by vulnerabilities of varying severities, providing a clear view of the attack surface.