17
1.1.0
Yokohama, Xanadu, Washington DC, Vancouver
Not all vulnerabilities are risks. Apiiro’s application security posture management (ASPM) platform helps teams determine which are by unifying application risk visibility, prioritization, remediation, and assessment.
Powered by its proprietary Risk Graph, Apiiro contextualizes security findings from third-party tools and native solutions based on the likelihood and impact of risk to minimize backlogs and time spent triaging. By tying risks to their root cause and code owners and providing LLM-enriched remediation guidance, Apiiro improves remediation cycles and reduces friction with developers. To help AppSec teams enforce governance policies and make risk assessments more proactive, Apiiro enables risk-based workflows and development guardrails.
Apiiro integrates with your source control manager (SCM) with an API-based integration to create a complete inventory of your application and supply chain components, their risks, and their changes over time. Apiiro also connects with your existing security tooling to aggregate risks and your productivity and ticketing systems, such as ServiceNow, to streamline your AppSec processes.
- Unified risk visibility and prioritization: Ingest and correlate risk insights from Apiiro in ServiceNow for centralized risk management across your entire organization. Deep, code-to-runtime context and risk insights like risk likelihood, business impact, and root cause in code from Apiiro are automatically populated as AVITs (Application Vulnerable Items) or added to existing items in SNOW for deeper risk context, coalescing application risk and vulnerability status, including remediation progress, into one unified view of risk.
- Streamlined remediation with workflows: Leverage SNOW workflows and automation to route tasks to the relevant teams across the entire organization.
- Application risk measurement and tracking: In addition to leveraging Apiiro dashboards and reports, you can measure and track key metrics with dedicated ServiceNow dashboards, including metrics on the Apiiro ingested risks (e.g. New AVITs by severity, Resolved AVITs) and on the connector health (e.g. success rate, throughput, ingestion runs in the past month).
- Control over what you integrate: Customize which risks to ingest with various filters (e.g. risk level, risk category), set ingestion cadence or run on-demand, and log each run for tracking and auditing.
- Added support for dynamic filters.
- Added filters like Source, RiskStatus, Policy tags, Application tags, Repository taags, Insight (Include), Insight (Exclude), Delay AVIT Creation, Minimum CVSS Score, Maximum CVSS Score etc.
- Added properties in the AVIT table
- Added more granular triaging check in ServiceNow.
- Added scheduled job to send health status of risk integration run to Apiiro platform
- Minor bug fixes
NA