AppSec workflows for NorthstarNorthstar
An AppSec team member is typically responsible for:
Ensuring applications are tested for vulnerabilities before deployment to production environments
Conducting testing and security assessment of all applications
Prioritizing and driving remediation of issues and incidents
Reviewing data for incidents, issues, and observations data in NorthstarNorthstar
Integrate security best practices into the software development life cycle
Track compliance and reporting
AppSec workflow steps for NorthstarNorthstar
This workflow provides an example of how an AppSec team member could use NorthstarNorthstar.
Set up the platform Configure the platform with Deployment Hub. Assign tasks to developers to onboard applications. Configure rules and policies, as needed. Complete administration tasks, as needed. |  | Monitor issues and incidents View top issues and incidents in the Insights dashboard or the Issues page. In the issues page, sort the list by Contrast score or severity to prioritize severe events. Go to Explorer to see a comprehensive view of application layers. | | Review details for issues and incidents In the Issues page, expand an issue. View overview, risk summary, associated assets, incidents, and all other displayed details. Assign incidents to a developer for remediation. Notify developers that a task needs their attention | |
| Verify remediation and confirm resolution Confirm issue resolution: Monitor the Incidents and Issues pages to see if fixed issues are still getting exploited When remediation is complete, in the Incidents page, change the status of incidents to Closed. You are prompted to enter a reason and description when you change the status. | | Adjust ADR rules If necessary, change modes for ADR rules to manage blocking or monitoring of incidents. |