Objective: Share Results
You're getting stuff done. Share your progress with stakeholders by leveraging InsightAppSec reports to provide app, scan, vulnerability, and compliance-related updates.
One of the biggest challenges SecOps professionals face is communicating the importance of improving their business's security posture, while showing the value of its investments to various groups within the organization. InsightAppSec makes it easy with reports that target the priorities of different groups within an organization. For example, you can present the Vulnerability Summary report to the leadership group for tracking improvements while app developers can use a CSV export which they can import into their issue tracking tool.
Example PCI report
For an example, see the PCI Compliance Report guide which describes how you can create a report for the Payment Card Industry standards.
You can generate reports from 3 different places in InsightAppSec. Where you are determines what reports you can generate and the level of information they contain. Here's a brief description of what you get in each place.
- Applications (All Apps)
- InsightAppSec All App Executive Report: Executive data on all the apps scanned by InsightAppSec for a selected calendar month
- Combined InsightAppSec and InsightVM Executive Report: Executive data on the apps and assets scanned by InsightAppSec and InsightVM for a selected calendar month
- Application (Individual App)
- InsightAppSec (App) Executive Report: Executive data for an individual app scanned by InsightAppSec for a selected date range
- Scan Vulnerabilities Reports: Basic or detailed vulnerability data on a scan run for a specific application
- Scan Compliance Reports: Show compliance with standards, laws and regulations set by regulatory bodies and governments
Additional report information
Success! You shared vulnerability results
Now that you've shared your results, it's time to guide, monitor, and test the remediation.