Skip to main content

AppSec workflows for Northstar

An AppSec team member is typically responsible for:

  • Ensuring applications are tested for vulnerabilities before deployment to production environments

  • Conducting testing and security assessment of all applications

  • Prioritizing and driving remediation of issues and incidents

  • Reviewing data for incidents, issues, and observations data in Northstar

  • Integrate security best practices into the software development life cycle

  • Track compliance and reporting

AppSec workflow steps for Northstar

This workflow provides an example of how an AppSec team member could use Northstar.

Set up the platform

Configure the platform with Deployment Hub.

Assign tasks to developers to onboard applications.

Configure rules and policies, as needed.

Complete administration tasks, as needed.

icon-bug-tracker-arrow.svg

Monitor issues and incidents

View top issues and incidents in the Insights dashboard or the Issues page.

In the issues page, sort the list by Contrast score or severity to prioritize severe events.

View incidents

View observations

Go to Explorer to see a comprehensive view of application layers.

icon-bug-tracker-arrow.svg

Review details for issues and incidents

In the Issues page, expand an issue.

View overview, risk summary, associated assets, incidents, and all other displayed details.

Assign incidents to a developer for remediation.

Notify developers that a task needs their attention

icon-bug-tracker-arrow.svg
icon-bug-tracker-arrow.svg

Verify remediation and confirm resolution

Confirm issue resolution: Monitor the Incidents and Issues pages to see if fixed issues are still getting exploited

When remediation is complete, in the Incidents page, change the status of incidents to Closed. You are prompted to enter a reason and description when you change the status.

icon-bug-tracker-arrow.svg

Adjust ADR rules

If necessary, change modes for ADR rules to manage blocking or monitoring of incidents.

In this section:

An incident is a collection of one or more issues and observations that demands an immediate response from the organization. Contrast creates incidents automatically based on ADR rules.

An issue is a collection of one or more observations and includes all Contrast data about a particular vulnerability or attack.

Raw data that Contrast captures and uses to identify issues and incidents. Individual events or reports from our products, such as vulnerability, probe, attack, or observability come from all Contrast technologies: Contrast IAST, Contrast SCA (runtime and static), Contrast ADR, and Contrast Security Observability.

The Contrast score represents the risk of an issue or incident at a particular point in time.  Contrast determines this score by using information from the Contrast SAST, IAST, SCA, ADR, and Observability technologies.