๐ ApplicationPackage in ASPM
๐ง Overview: What Is an ApplicationPackage?โ
An ApplicationPackage (or AppPackage) is the central unit used to represent and manage an application as a complete business and technical entity within the Kscope Asset Registry.
Rather than being a single file or executable, an ApplicationPackage encompasses:
- Front-end interfaces (UIs)
- APIs and backend logic
- Data storage and workflows
- Integration points
- Infrastructure and hosting information
- Security and business ownership
It is the logical container for all components that deliver a discrete business function or service.
๐ก Why Application Packages Matter in ASPMโ
In Application Security Posture Management (ASPM), understanding an application's structure and business context is essential for:
- Identifying critical business systems for prioritization
- Applying CIA ratings to assess security posture
- Tracking application lifecycle, ownership, and compliance posture
- Enabling governance, risk assessment, and remediation across deployments
Application Packages serve as the anchor for linking related deployments, components, risk ratings, and business impact data.
๐ ApplicationPackage โ Element Type Details
๐ Description:โ
The ApplicationPackage entity represents a structured model of the application. It includes technical and business metadata that supports lifecycle, classification, and risk evaluation.
๐ฏ Significance in ASPM:โ
Application Packages are foundational to all ASPM activities. They are where organizations define:
- Security posture (CIA)
- Business importance (RTO/RPO)
- Strategic alignment (TIME model)
- Ownership and accountability
๐งพ Schema Tableโ
| Attribute | Type | Description |
|---|---|---|
applicationName | String | Unique, human-readable name of the application |
description | Text | Detailed explanation of the application's functionality and purpose |
lifecycleStatus | Enum | Current stage in the lifecycle: Active, Retired, Pending Active, etc. |
ciaRating | Enum | Security classification for Confidentiality, Integrity, Availability |
rto | Duration | Recovery Time Objective: Max downtime allowed before business impact |
rpo | Duration | Recovery Point Objective: Max data loss tolerated before business impact |
timeClassification | Enum | Strategic value classification: Tolerate, Invest, Migrate, Eliminate |
applicationType | Enum | Origin type: Homegrown, End-user Computing, COTS, SaaS |
architectureType | Enum | Type of architecture: Non Platform Application, Platform Application, Platform Host |
platformHost | String (nullable) | Required if architectureType is Platform Application; identifies the host system |
installType | Enum | Hosting type: On Premise, Cloud, Hybrid, Third Party Hosted |
createdDate | DateTime | Timestamp when the AppPackage was first recorded |
lastUpdatedDate | DateTime | Most recent update timestamp |
owner | String | Owner or accountable person/team for the application |
โ Summaryโ
An ApplicationPackage is the core construct in ASPM that enables unified modeling of business applications. By capturing ownership, lifecycle, architecture, and criticality, it supports:
- Risk-based prioritization
- Lifecycle governance
- Strategic alignment
- Security posture evaluation
In short, everything else in ASPM โ deployments, components, CIA ratings, business impact โ starts with an ApplicationPackage.