This document covers how to:
- Maintain a single or a few healthy applications/services
- Identify the most urgent vulnerabilities in your software stack
- Understand the severity of vulnerabilities
- Surface tasks from your security team in your daily workflow so it's easy to deliver more secure software with less toil.
If this workflow doesn't sound like you, check out our document on managing vulnerabilities as a security team.
Vulnerability data sent through one of our integrations.
Once vulnerability data starts flowing into New Relic, you can access your data through various scoped views.
To monitor the health of specific applications or services, use our entity scoped view by navigating to one.newrelic.com > APM & services > (select an entity) > Triage > Security. For a larger scope, see our document on managing vulnerabilities as a security team.
The security summary page for an entity gives you a high level overview of the security of your application or service. Curated dashboards such as the number of critical vulnerabilities, visualizations of historical new vulnerabilities, and average time to remediation provide a general summary of the current and historical security of your application or service.
There are two main ways to prioritize vulnerabilities:
- Triage and prioritize vulnerabilities yourself
- Remediate vulnerabilities assigned to you by your security team or others
To view all vulnerabilities open for your service or application, select the Vulnerabilities tab from the entity security overview page:
This page shows you all open vulnerabilities and allows you to filter them attributes such as severity and source. Clicking into a specific vulnerability provides detailed information about its severity, scope, source, and steps to remediation:
Your security team or others may triage vulnerabilities and assign the remediation of individual vulnerabilities to you. To find vulnerabilities assigned to you select the Vulnerabilities assigned to me from the entity security summary page:
This screen will show you all the vulnerabilities assigned to you. Select a vulnerability for detailed information about its impact and steps to remediation.