The following workflows define the recommended operating procedures for maintaining and improving your Application Security posture.
Workflow 1: Coverage management and gap resolution
Context: Coverage measures the gap between discovered entities and active security oversight. coverage is tracked across four critical dimensions:
Onboarding: Ensuring all repositories and infrastructure are discovered and integrated
Scanner enablement: Verifying that security tools are actively scanning all onboarded assets
Code to cloud: Maintaining visibility across the entire lifecycle, from source code to runtime environments
Application mapping: Linking technical assets to their specific business applications for context
Incomplete coverage creates blind spots and reduces the accuracy of prioritization.
Posture review (AppSec manager): Use the Coverage page to identify blind spots. Ensure Providers are at 100% to confirm all repositories are onboarded, and verify that scanners reach 100% to ensure those onboarded assets are being properly monitored.
Execution (AppSec practitioner): Select Increase Coverage to remediate identified gaps. From here, you can enable missing scanners for existing assets. To integrate unmonitored repositories into the platform, launch the onboarding wizard.
For more information about Coverage refer to Coverage.
Workflow 2: Posture hardening
Strategy (AppSec manager): Review the Open After Guardrails section of the Prioritization and Aggregation funnel to identify where issues bypass automated gates. Approve AI guardrails to harden the posture.
Execution (AppSec practitioner): Apply recommended guardrails. Each applied recommendation becomes a prevention policy. The policy enforces automatically at the configured triggers (PR scan, CI/CD build scan, and periodic scan), blocking matching findings before they progress through the pipeline.
For more information about Application Security policies, refer to Unified Application Security policies.
Workflow 3: Issue remediation
Prioritization (AppSec manager): Analyze prioritized issues and SLA violations to determine the highest risk based on business impact, breach impact, and breach probability.
Execution (AppSec practitioner): Use the Issues and Cases view to assign and track delegated items according to the urgency ranking.
Validation (AppSec manager): Verify that no Urgent or Top Urgent issues have exceeded your organization's defined SLAs.
For more information about Cases, refer to Overview of cases.
Workflow 4: SLA and MTTR tracking
Monitoring (AppSec practitioner): Review SLA and MTTR metrics to ensure remediation aligns with internal SLA targets. Select SLA Violations to drill into overdue cases.
Escalation (AppSec practitioner): Escalate persistent SLA violations with specific remediation deadlines and priority overrides.
Validation (AppSec practitioner): Confirm that SLA violation counts are decreasing over time.
For more information on Application Security SLA, refer to Service Lead Agreements (SLA).