• Log inStart now

Manage vulnerabilities as a developer

This document covers how to:

  • Maintain a single or a few healthy applications/services
  • Identify the most urgent vulnerabilities in your software stack
  • Understand the severity of vulnerabilities
  • Surface tasks from your security team in your daily workflow so it's easy to deliver more secure software with less toil.

If this workflow doesn't sound like you, check out our document on managing vulnerabilities as a security team.

Prerequisites

Vulnerability data sent through one of our integrations.

Maintain the vulnerability health of your application

Once vulnerability data starts flowing into New Relic, you can access your data through various scoped views.

To monitor the health of specific applications or services, use our entity scoped view by navigating to one.newrelic.com > APM & services > (select an entity) > Triage > Security. For a larger scope, see our document on managing vulnerabilities as a security team.

The security summary page for an entity gives you a high level overview of the security of your application or service. Curated dashboards such as the number of critical vulnerabilities, visualizations of historical new vulnerabilities, and average time to remediation provide a general summary of the current and historical security of your application or service.

Identify and remediate vulnerabilities

There are two main ways to prioritize vulnerabilities:

  • Triage and prioritize vulnerabilities yourself
  • Remediate vulnerabilities assigned to you by your security team or others

Triage and prioritize

To view all vulnerabilities open for your service or application, select the Vulnerabilities tab from the entity security overview page:

This page shows you all open vulnerabilities and allows you to filter them attributes such as severity and source. Clicking into a specific vulnerability provides detailed information about its severity, scope, source, and steps to remediation:

Remediate assigned vulnerabilities

Your security team or others may triage vulnerabilities and assign the remediation of individual vulnerabilities to you. To find vulnerabilities assigned to you select the Vulnerabilities assigned to me from the entity security summary page:

This screen will show you all the vulnerabilities assigned to you. Select a vulnerability for detailed information about its impact and steps to remediation.

Copyright © 2022 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.