Purpose

This document describes the creation and management of AppStaks.

Introduction

AppStaks are collections of Assets and contain grouping rules that can be used to group assets in a way that makes most sense to the business. A typical use of an AppStak is to group assets that belong to the same web application, business function or a system. AppStaks in turn can be categorized in to groups that makes more business sense.

In the Dashboard the AppStaks are graphically displayed in the Category Risk card as well as the All AppStaks menu.

AppStaks that is not part of an Category are displayed as Uncategorized. These can be categorized in the AppStak configuration menu.


If there are no AppStaks within a given category or if there is no data for that category, the category will not be displayed in either Category Risk or All AppStaks menu.

OptionDescription
Assets *Number of assets in the AppStak
Business Criticality *

Business Criticality based on <value>

  • Critical
  • High
  • Medium
  • Low
Category *The category the AppStak belongs to.
Findings *

Number of findings detected on that asset.

See Unified View Findings for more information.

Grade *

Risk level on a scale from A to F where F represents the most critical risks.

The following metrics are used and evaluated when calculating the risk level in the following order:

  1. Likelihood (Farsight)
  2. CVSSv3
  3. CVSSv2
  4. Compliance score

This order works as a funnel in a falling order.

Last ScanDate of the last scan.
Name *Lists of the AppStaks in the findings.
RemediationAverage number of days between firstseen and lastseen of Findings in the AppStak.
Solution ProductsThe Solution Products used by the Assets associated with the AppStak.
Tags *

Tags associated with the AppStak.

UUIDThe unique identifier of the Asset.

*) Columns shown by default

Multi Select

When selecting more than one row using the check boxes, an average risk value for the selected rows is displayed in the details view to the right with the number of selected items at the top.

Configure Columns

The Columns can be configured in several ways. Columns can be added and removed and the order in which they are displayed can be changed.

Changing Column Width

All the columns are configurable in width by dragging the dotted area on the right side of the column head.

Changing Column Presentation

By dragging the dotted area on bottom of the column head, the order in which the columns are presented can be changed.

Selecting Columns

By clicking on the + sign in the upper right corner in the column head row, a column menu is displayed where columns can be selected and deselected to configure the findings view.

Reset To Default

  1. To reset to default column presentation, press the Reset icon .
  2. A confirmation box is displayed, click the red Reset button to confirm.



  3. This resets the number of column shown and the order in which they are shown to default.


Creating an AppStak

To configure your AppStaks :

  1. Click on the Configure icon in the left hand menu.
  2. Select AppStaks.
  3. Click on the blue + button in the lower left corner to add an AppStak.
    This opens a column on the right hand side.



  4. Continue by filling in the Name of the AppStak.
  5. Select the category in the Category drop-down menu.
    If the the correct category is not available in the list you can create a new category
    1. Click the + Add Category link.
    2. Enter a new category name.



    3. Click Add.

      This category is available in the Category list once the AppStak is saved.
      To learn more about Categories, see Unified View Configure Categories.

  6. Select the Business Criticality in the drop-down menu.
    Select from:
    • Low
    • Medium
    • High
    • Critical
  7. Select Tags, available tags are presented in a drop down menu.



  8. Continue to Adding Rules to AppStaks.

Adding Rules to AppStaks

The goal of AppStacks is to map Assets and Asset Groups into groups in a logical and useful way for the business. When an AppStak is created, it is empty and does not contain any rules. The rules define the criteria that will be used by the system to group Assets and Asset Groups into AppStaks. A rule consists of an attribute (like name or cloud provider) and a value where the value is a regular expression matching pattern with the following characteristics:


Example

server.* match all assets with names starting with server.

*.server match all assets with names ending on server.

String matching is case-sensitive


To add rules to an AppStak:

An AppStak requires at least one rule.


  1. Click on the + Add Rule to select what type of rule to create, Asset or Asset Group.

  2. Select which Attributes to use in the drop-down menu.
    Select from:
    • Name
    • Host Name
    • Network
    • Provider
    • Tags

      Appstak Asset Attributes

  3. Enter a Value for the selected Attribute.

    Appstak Asset Attributes Value


  4. Click on the + Add Filter button to add more filter entries.

    Appstak Rules

  5. The different entries follow an AND logic so that all need to be true for the rule to apply.
  6. Click on the blue Save button in the bottom right to add the rule.


When multiple rules are defined for a single AppStak, all assets that match either of the rules will be associated with that AppStak.
When multiple criteria are defined within a single Appstak rule, only assets that match all the criteria will be associated with that AppStak.

Examples:

Specifying Provider AWS in one rule and Provider Google Cloud in another rule defined for one and the same AppStak MyApp will associate all assets that are hosted in either AWS or Google Cloud with MyApp.

Specifying Provider AWS and Name cookbook in one rule defined for one and the same AppStak MyApp will associate only assets that have both cookbook in the name and are hosted in AWS.


Editing an AppStak

You can edit an AppStak by selecting it in the list and continue by editing the as in the previous section.

Once you are finished, click on Save.

Removing Attributes from AppStaks Rules

To remove attributes from an AppStak rule:

  1. Select a rule in the table.
  2. In the right hand window, click on the text Rules to open the Define Rule window.
  3. Click on the Bin icon to the right of the Attributes in the rule.

Removing a Rule

To remove a rule from an AppStak:

  1. Select the AppStak from the list.
  2. Expand the rule that should be removed by clicking the arrow to the right.



  3. Click the red Delete Rule button.
  4. The rule is removed from the list of rules.

Deleting an AppStak

You can delete an AppStak by selecting it in the list and the click Delete in the lower right corner.

A confirmation is displayed. Continue by clicking on the red Delete button.

Delete Appstak


Warning!

Deleting an AppStak cannot be undone.


Related Articles





Copyright

© 2023 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.