Manage Application Security Posture Across Development Teams
The Service Catalog enables organizations to seamlessly incorporate security into every development stage, ensuring a strong security posture across teams, applications, and systems.
Service Catalog surfaces and centralizes security signals, enabling developers to prioritize actions and address vulnerabilities promptly. Meanwhile, managers can oversee risks, drive improvements, and ensure organizational compliance.
Build secure applications by design
Service Catalog provides default paths and guardrails to helps teams create, assess, and improve secure processes. Developers can scaffold new services or integrate cloud resources confidently, assured that security standards are enforced at every step.
For services instrumented with APM, APM Security Views automatically detect services vulnerable to application attacks, such as SQL injections, SSRF, or Log4Shell attacks. You can use APM Security Views to investigate each service and type of attack your organization encounters, understand the associated security risks, and effectively manage your application attack surface with runtime context.
Track third-party software and dependencies
Service Catalog organizes and highlights third-party dependencies, ranging from open-source libraries to programming languages. Teams can monitor versions, launch upgrades, and proactively address vulnerabilities.
- DevSecOps: Use Service Catalog to track dependencies and spearhead upgrade initiatives.
- Managers: Access real-time reports on upgrade progress and compliance.
- Developers: Incorporate dependency updates into daily workflows with minimal disruption.
Configuration details
- Click a service in Service Catalog to open the service side panel.
- Select the Performance tab at the top of the panel.
- Find the Libraries sub-tab, which lists all external libraries used and their versions.
Further reading
Additional helpful documentation, links, and articles: