Prioritization for Snyk AppRisk

Snyk AppRisk provides a centralized view for monitoring risks and automates the collection of compliance data. AppRisk ensures that users prioritize the most critical risks, safeguarding your business and highlighting the effectiveness of your security measures.

You can access Snyk AppRisk via the Issues page from the Snyk Web UI.

Issues are available at the Group level or at the Organization level.

Insights for Snyk AppRisk

The evidence graph is available only for Snyk AppRisk users and only at the Group level.

The Snyk approach looks holistically at your application to understand the following:

What source code and dependencies were built into a container image
The operating system is running on
Where the image was deployed
How the Kubernetes and cloud infrastructure is configured

Issues page for Snyk AppRisk

The Issues page shows a table view of issues prioritized by risk factors.Use the available filters to customize and prioritize the issues list.

The Risk Factor column and filter, and with it, the evidence graph information, are available only for Snyk AppRisk users.

Issues - Snyk AppRisk

The insights presented under the Issues menu for Snyk AppRisk work as illustrated in the following example.

Snyk Open Source has identified issues.
The vulnerabilities were built into a container image, which is deployed onto a production Kubernetes cluster, and the running container is configured to have access to the internet.
The combination of a critical vulnerability in a running image with internet access enables Snyk to determine that this particular vulnerability poses more risk to your application than one that is not deployed.

The following video demonstrates prioritizing issues with Snyk AppRisk using business, application, and runtime context:

PreviousPrioritization for Snyk Essentials NextAssets and risk factors for Snyk AppRisk

Last updated 2 days ago

Was this helpful?