Purpose

This document describes the creation and management of AppStaks.

Introduction

AppStaks are collections of Assets and contain grouping rules that can be used to group assets in a way that makes most sense to the business. A typical use of an AppStak is to group assets that belong to the same web application, business function or a system. AppStaks in turn can be categorized in 10 numerical categories as 1-10.

In the Dashboard the AppStaks are graphically displayed in the Category Risk card as well as the All Appstaks menu.


Note

If there are no AppStaks within a given category or if there is no data for that category, the category will not be displayed in either Category Risk or All AppStaks menu.


OptionDescription
Appstak NameLists of the AppStaks in the findings
Risk

Risk level on a scale from A to F where F represents the most critical risks.

The following metrics are used and evaluated when calculating the risk level in the following order:

  1. Likelihood (Farsight)
  2. CVSSv3
  3. CVSSv2
  4. Compliance score

This order works as a funnel in a falling order. 

Business Criticality

Business Criticality based on <value>

  • Critical
  • High
  • Medium
  • Low
Category

Which category group the AppStak belongs to displayed as 1-10 or left as Uncategorized.

Affected assetsNumber of assets affected.
Findings

Number of findings detected on that asset.

See Unified View Findings for more information.


Creating an AppStak

To configure your AppStaks :

  1. Click on the Configure icon in the left hand menu.
  2. Click on the blue + button in the lower left corner to add an AppStak.
    This opens a column on the right hand side.
  3. Continue by filling in the Name of the AppStak.
  4. Select the category number from 1 to 10 in the Category drop-down menu.
  5. Select the Business Criticality in the drop-down menu.
    Select from:
    • Low
    • Medium
    • High
    • Critical
  6. Select Tags, available tags are presented in a drop down menu.



  7. Continue to Adding Rules to AppStaks.

Adding Rules to AppStaks

The goal of AppStacks is to map Assets into groups in a logical and useful way for the business. When an AppStak is created, it is empty and does not contain any rules. The rules define the criteria that will be used by the system to group Assets into AppStaks. A rule consists of an asset attribute (like name or cloud provider) and a value where the value is an SQL string matching pattern with the following characteristics:

  • An underscore (_) matches any single character.
  • String matching is case-insensitive

To add rules to an AppStak:

Note

An AppStak requires at least one rule.

  1. Select which Asset attributes to use in the drop-down menu.
    Select from:
    • Name
    • Host Name
    • Network
    • Provider
    • Tags



  2. Enter a value for the selected Asset Attribute.




  3. Click on the + Add Asset Filter button to add more filter entries.



  4. The different entries follow an AND logic so that all need to be true for the rule to apply.
  5. Click on the blue Save button in the bottom right to add the rule.


When multiple rules are defined for a single AppStak, all assets that match either of the rules will be associated with that AppStak.
When multiple criteria are defined within a single Appstak rule, only assets that match all the criteria will be associated with that AppStak.

Examples:

Specifying Provider AWS in one rule and Provider Google Cloud in another rule defined for one and the same AppStak MyApp will associate all assets that are hosted in either AWS or Google Cloud with MyApp.

Specifying Provider AWS and Name cookbook in one rule defined for one and the same AppStak MyApp will associate only assets that have both cookbook in the name and are hosted in AWS.


Editing an AppStak

You can edit an AppStak by selecting it in the list and continue by editing the as in the previous section.

Once you are finished, click on Save.

Removing Asset Attributes from AppStaks Rules

To remove attributes from an AppStak rule:

  1. Select a rule in the table.
  2. In the right hand window, click on the text Rules to open the Define Rule window.
  3. Click on the X to the right of the Asset Attributes in the rule.

Removing a Rule

To remove a rule from an AppStak:

  1. Select the AppStak from the list.
  2. Expand the rule that should be removed by clicking the arrow to the right.



  3. Click the Delete Rule button.
  4. The rule is removed from the list of rules.

Deleting an AppStak

You can delete an AppStak by selecting it in the list and the click Delete in the lower right corner.

A confirmation is displayed. Continue by clicking on the red Delete button.

Warning!

Deleting an AppStak cannot be undone.




Copyright

© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.