November 14, 2016 | Written by: Miriam Fitzgerald
Categorized: How-tos | Security
Share this post:
Application security is about protecting your organization’s valuable assets, such as intellectual property, strategic plans, and customer data. Protecting this information is critical for your organization to operate, be competitive, and meet regulatory requirements.
To manage the challenge of addressing application security at the enterprise level, security teams must take a risk-based approach. The team must rank assets, identify high risk applications, and reduce risks. But addressing application security at an enterprise level goes beyond just scanning applications for vulnerabilities. If you’re like many organizations, your security team is small and overwhelmed. That makes it difficult to stay on top of managing application security.
How about using the IBM Application Security on Cloud service to build an application inventory? Then you can classify and prioritize these assets by business impact before you even start any security testing. After you assess your applications for security vulnerabilities, you rank them by a security risk score. This prioritizes vulnerabilities and focuses on fixing issues with the biggest impact on your organization’s security risk. With Application Security on Cloud, you can easily identify security vulnerabilities in your mobile, web, and desktop apps to keep them secure.
How to import an application inventory
Save time and reduce manual work by importing an application inventory list into Application Security on Cloud. Start with our sample spreadsheet of application attributes or merge it with your own existing list. The sample file includes attributes such as Name, Business Impact, Testing Status, and Business Unit. These attributes appear in the application view as column headers.
- Import a list of apps.
- In the My Applications tab, click Import Apps.
- Download the sample CSV file to see the attributes that Application Security on Cloud is expecting.
- Modify the attributes (column headers) in the CSV file if necessary. If you add multiple values for an attribute, use a comma to separate them. Add your list of apps to the file and make any other customizations.
- Choose the file to import and assign these apps to an asset group. (If no asset group list appears, the apps are automatically assigned to the default asset group.)
- Click Import and import your CSV file.
Application Security on Cloud automatically creates profiles for each imported app. After you build your application inventory, you can create and run scans in an app, edit application attributes, and assign access permissions for each application.
Try the free trial
Check out our videos on application security
Connect in the Application Security Developer Center
Sign up for Bluemix. It’s free!