Creating an application
Create an app and import issues so that you can track security testing progress against the business impact on your critical web apps.
- Click My Applications > Create App and give the app a unique name.
Edit the attributes and assign them values. You can search all of these attributes when you are
triaging your apps for security testing and vulnerability tracking. You might not need to use all
the attributes for each app, but the following list describes some key ones to consider
- Asset Group: Restrict access to this app by assigning it to an asset group. An app
can only belong to one asset group. See Asset groups for more
information.Note: This asset group drop-down list only appears if the administrator has created one or more asset groups in the user management administration. Otherwise, a newly created app belongs to the default asset group.
- Business Impact: If this app is important, assign it a high or critical value. When you filter your application inventory by this attribute, this particular app appears near or at the top of the list. Then, you can focus your security testing efforts on this app first.
- Risk Rating: The risk rating is based on a combination of highest detected issue severity and business impact. Higher numbers indicate increased risk.
- Testing Status: Indicate Not Started, In Progress, or Completed in this field. This attribute appears as a summary dashboard chart, and contributes to the overall security risk rating.
- Tags: You can add user-defined, shared attributes to new and existing apps. Enter the names that you want to attach to this app; separate multiple tags with commas. You can view all apps that have the same Tags attribute by filtering your display in the Application tab.
- CVSS ratings: Available in Advanced Attributes > Ratings, these attributes contribute to the overall security impact assessment for an application. The values for each metric are mapped to the attribute of an application where the issue was found. You can't delete or modify these attributes, but you can modify their values.
- Asset Group: Restrict access to this app by assigning it to an asset group. An app can only belong to one asset group. See Asset groups for more information.
- Click Save and then create a scan or manually import issues discovered by a third-party scanner.
If you delete an app, all of the scans, findings, and issues are deleted. Historical data in the dashboard is also deleted.