Snyk AppRisk Pro - Using Application Analytics (Tenant->Analytics->Applications)

Snyk AppRisk Pro Analytics provides AppSec teams, management, as well as CISOs, a birds-eye view of their program from a risk exposure and coverage management perspective, complementing the view provided by Enterprise Analytics.

• Does my AppSec Program meet the coverage requirements, and how is it trending?
• What is the issue distribution and trends across asset classes, applications, teams?
• What is the coverage of repos’ cataloging into applications and teams?
• What are the most problematic applications and teams in terms of accumulated issues and coverage gaps?
• Where are my most sensitive assets?

Through filters and View By, AppRisk Pro Application Analytics can provide insights

• By Owner
• By Application, as opposed to by repository, via application context context sources (Backstage, ServiceNow CMDB, etc)
• Asset class These are just to name a few, we will discuss this more in the following sections

Definitions

The following resources can be of assistance if you'd like more information on Snyk AppRisk:

• Risk factors described
• Asset Types
• Application Context from SCM (i.e Backstage, ServiceNow CMDB, etc)

Navigation

• If you are a Snyk Enterprise plan customer, having the correct permissions to have access to Enterprise Analytics and Snyk AppRisk Pro's Application Analytics, the analytic interfaces are accessible from the Tenant section of the menu.
• If you have Snyk Enterprise and Snyk AppRisk Pro, the Tenant->Analytics menu will display two tabs
  • Issues menu for Enterprise Analytics
  • Applications menu for Snyk AppRisk Application Analytics
• If you do not have access to Enterprise Analytics, no tabs will be displayed and your default view will be Application Analytics.

Video: 4m38s

The Coverage panel provides information on coverage and trending of coverage of security product types over time.

• SAST, SCA, Secrets are repository based counts
• Container coverage focuses on images scanned/identified via Snyk CLI, Kubernetes/Runtime or Container Registry integrations.

Video: 1m59s

The Issues panel provides a breakdown by category and trending.

• Consider using the Application and Owner filters/views to compare up to 5 applications/owners
• These views show the top five applications/owners with the most issues by default if specific ones are not chosen
• If you see large number of assets or issues are in class C data points in Snyk AppRisk Application Analytics, it is worth noting that assets are brought in as Class C by default. Consider using, or reviewing, classification policies if you see large growth numbers in that class across any of the views.

Video: 3m10s

The Assets panel provides a distribution of accumulated risk factors and the selected dimension

• Consider filtering by specific owners, application, or classes to understand where your risks reside when the correct view is chosen
• Trending over time is provided to understand import trends

Video: 2m44s

Repository Metadata Completeness provide insights on the completeness of metadata from application context sources for your repositories

• Be proactive and identify what, of your most important repositories, are missing metadata like Owner, that you'll require if an incident occurs.
• Utilize inventory and filtering to create lists you can action on with development to complete that data

Repository Source Distribution provides insights in the distribution among different sources

• Utilize asset class to understand where your most important applications reside, and potentially identify ones where they shouldn't be

• Utilize views and filters to understand where important applications or assets reside, use owner views to understand what owners might own assets in a particular source.

Video: 5m12s