Skip to main content

AppSec workflows for Contrast NorthStar

An AppSec team member is typically responsible for:

  • Ensuring applications are tested for vulnerabilities before deployment to production environments.

  • Conducting testing and security assessment of all applications.

  • Prioritizing and driving remediation of issues and incidents.

  • Reviewing vulnerability data and observations in Contrast .

  • Integrate security best practices into SDLC.

  • Track compliance and reporting.

This workflow provides an example of how an AppSec team member could use Contrast NorthStar.

AppSec workflow steps for Contrast NorthStar

Set up

Configure the platform with Deployment Hub.

Assign tasks to developers to onboard applications.

icon-bug-tracker-arrow.svg

Start monitoring

View top issues and incidents in the Insights dashboard or the Issues page.

In the issues page, sort the list by Contrast score or severity to prioritize severe events.

View observations

View incidents

icon-bug-tracker-arrow.svg

Review details for issues and incidents

In the Issues page, expand an issue.

View overview, risk summary, associated assets, incidents, and all other displayed details.

Assign incidents to a user for remediation.

icon-bug-tracker-arrow.svg
icon-bug-tracker-arrow.svg

Review details for issues and incidents

In the Issues page, expand an issue.

View overview, risk summary, associated assets, incidents, and all other displayed details.

Assign incidents to a user for remediation.

icon-bug-tracker-arrow.svg

Verify remediation and confirm resolution

Confirm resolution: Monitor Incidents and Issues pages to see if fixed issues are still getting exploited

When remediation is complete, change status of incidents to Closed.

icon-bug-tracker-arrow.svg

Adjust ADR rules

If necessary, change modes for ADR rules to manage blocking or monitoring of incidents.