Xygeni User Guides
  • Welcome to Xygeni
  • Getting Started
    • Create a Free Trial Account
    • Quick start with your code repository
    • Quick start with Xygeni CLI
    • Quick start with a preloaded project
    • Log in to Xygeni
    • Subscribe to Xygeni
  • Introduction to Xygeni
    • Key Concepts
      • Projects in Xygeni
      • Project Baseline
      • Detected Issues
      • Remediation Actions
      • Policies
      • Risk Level
      • SDLC Inventory
      • Standards Compliance
      • GuardRails
    • Xygeni Products
    • How Xygeni works
    • Xygeni Web UI Overview
      • Projects Screen
        • Risk Level
    • Integrating Xygeni into your Workflow
    • Prioritization Funnels
      • Custom Funnels
      • Prioritization Criteria (Stages)
        • Reachability
        • Exploitability
        • Fixable
    • Guardrails
    • Generate a SBOM
    • Reports
      • Trends
      • Scan History
    • Supported Integrations
    • Customizations
  • Xygeni Products
    • Application Security Posture Management (ASPM)
      • ASPM User Interface Guide
      • All Risks
        • Statistics
        • Issues Evolution
        • Issue Comparison Between Different Scans
      • Governance
      • Inventory
        • All Assets
        • Repositories
        • Components
        • CI/CD Assets
        • Delivery Assets
        • Systems & Tools
        • Collaborators
      • Health Check
      • Inventory Scanner
        • Inventory Scanner Configuration
        • Inventory Collaborators Scan
      • Importing reports from 3rd party tools
        • External Scanners Supported
          • Report upload for Kiuwan
            • ExportRule (.java)
    • Code Security (SAST)
      • Code Security (SAST) User Interface Guide
        • Risks (SAST)
        • Malicious Code
      • Malware Scanner
        • Malware Scanner Configuration
        • Malware Detectors
      • SAST Scanner
        • SAST Scanner Configuration
    • Open Source (SCA)
      • Open Source (SCA) User Interface Guide
      • Open Source Components
      • Supported Package Managers for dependency resolution
      • Risks (SCA)
      • OSS Prioritization Funnels
      • OSS Auto-Remediation
      • Malware Early Warning (MEW)
        • How Malware Early Warning works
        • Common types of Malware found in open source packages
      • Dependency Scanner
        • Dependency scanner configuration
        • Dependency Analyzers
      • Suspect Dependencies Scanner
        • Suspect Deps Scanner Configuration
        • Suspect Deps Detectors
    • CI/CD Security
      • CI/CD Security User Interface Guide
      • CI/CD Details
      • Build Attestations
      • CI/CD Scanner
        • CI/CD Misconfigurations Scanner Configuration
      • Compliance Scanner
        • Supported compliance standards
    • Secrets Security
      • Secrets User Interface Guide
      • Secrets Scanner
        • Secrets scanner configuration
      • Secret Leaks Handling
        • Secret Leaks Handling
        • How to Prevent Hard-Coded Secrets
        • Secret Leaks Handling CheatSheet
      • Secrets Auto-Remediation
    • IaC Security
      • IaC User Interface Guide
      • IaC Scanner
        • IaC Scanner Configuration
    • Malware
    • Build Security
      • Build Security Concepts
      • Build Attestations
      • Attestation format
      • How SALT works
      • Installing Salt CLI
      • Salt Command-Line Reference
      • SALT Architecture
      • SALT How To…​
    • Anomalous Activity Detection
      • Anomalous Activity Detection User Interface Guide
      • Xygeni Sensors
        • Xygeni Sensor for Azure
        • Xygeni Sensor for BitBucket
        • Xygeni Sensor for GitHub
          • GitHub Audit Log Processing
        • Xygeni Sensor for GitLab
        • Xygeni Sensor for Jenkins
        • Anomaly Detection's Detectors
      • Code Tampering Scanner
        • Code Tampering Scanner Configuration
    • Compliance & Malware Insights
      • SSCS Compliance
      • Malicious Packages DB
  • Scan Management
    • Manage Scans
    • Scan History
  • Xygeni Scanner CLI
    • Xygeni Scanners
    • Xygeni CLI Overview
      • Xygeni CLI Prerequisites
      • Xygeni CLI Installation
      • Xygeni CLI Docker Image
      • Xygeni CLI Authentication
        • CLI Authentication with Xygeni
      • SCM, CI/ CD and Container Registry tokens
      • Xygeni CLI Operation Modes
        • Single scan
          • Scanning a docker image
        • Multi Scan
        • Organization scan
      • Xygeni CLI Configuration options
      • Xygeni CLI Output Formats
      • Exporting Xygeni results to 3rd party tools
      • Automatic Remediation
      • Generate SBOM with the Xygeni CLI
      • CLI utils
        • Credentials Encryption
        • Central Configuration
      • Xygeni Guardrails
        • CI/CD Audit Analysis
      • Xygeni CLI Error Codes
      • Xygeni Scanner Reference
  • Xygeni Administration
    • Platform Administration
      • Profile
      • Subscription
      • Users Management
      • Projects Management
      • Groups Management
      • Policies
      • Integrations
        • Xygeni Single Sign-On (SSO) Authentication
          • SSO - OKTA
          • SSO - Microsoft Entra ID
        • Integrate Scanner CLI into CI/CD Systems
          • Azure Pipelines Integration
          • BitBucket Integration
          • CircleCI Integration
          • GitHub Actions Integration
          • GitLab Runner Integration
          • Jenkins Integration
          • Travis CI Integration
        • Git Hooks with Xygeni
        • Collaboration & communication Tools
        • Ticketing Systems
        • Remediation systems
      • Notifications
    • Rest API
  • Support
  • Changelog
    • Version 5.11 - April 11, 2025
    • Version 5.9 – March 26, 2025
Powered by GitBook
On this page
  • Automated Asset Discovery and Inventory Management
  • Users and Contributors Analysis
  • Advanced Dynamic Prioritization
  • Integration of 3rd-Party Security Reports
  • Audit Trail of Security Events
  • Quick and Efficient Remediation Process
Export as PDF
  1. Xygeni Products

Application Security Posture Management (ASPM)

PreviousCustomizationsNextASPM User Interface Guide

Last updated 1 month ago

Xygeni’s Application Security Posture Management (ASPM) tool enhances how your teams visualize, prioritize, and remediate risks. The Xygeni platform delivers real-time visibility and contextualization that simplifies security, ensuring your applications are protected from development through deployment.

For a full description of ASPM in the Xygeni UI please go to

Automated Asset Discovery and Inventory Management

Xygeni provides automated solutions for comprehensively identifying and cataloging assets within your software supply chain, enhancing visibility and control over your development and deployment processes.

Furthermore, Xygeni automatically identifies and continuously monitors these assets, assessing their interdependencies as well as the individual and overall security posture of each asset, application, and customer defined group or category.

Users and Contributors Analysis

This analysis is essential for the effective management of administrative users, contributors, and collaborators associated with software repositories. By monitoring user activity and evaluating each user's role, we can ensure we follow best practices and resolve these issues as soon as posible.

Xygeni also helps organizations implement a least privilege strategy by identifying risks associated with inactive or overprivileged users.

Some key features are:

Visit these pages for further info:

Advanced Dynamic Prioritization

Customers can define up to eight stages in their prioritization funnel. Tailored by severity, issue type and category. This flexibility ensures that each organization can focus on the vulnerabilities that pose the highest risk according to their specific security policies and operational needs.

The funnel system supports the integration of customer-defined properties alongside pre-configured stages such as reachability or exploitability, among others. This allows organizations to further refine their security focus and manage vulnerabilities more effectively.

Integration of 3rd-Party Security Reports

Xygeni’s Application Security Posture Management (ASPM) platform can also seamlessly integrate reports from third-party security tools, including Static Application Security Testing (SAST) and Software Composition Analysis (SCA) tools.

This capability enables organizations to optimize their current technology infrastructure. Offering a unified perspective on security threats across various tools and platforms ensuring that all potential vulnerabilities are identified, prioritized, and addressed efficiently.

Key benefits of this integration include:

  • Unified Security Dashboard: Consolidates findings from various tools into a single dashboard for monitoring and analysis.

  • Enhanced Threat Detection: Combines data from multiple sources to provide a more complete assessment of security risks.

  • Efficient Remediation: Enables quicker and more coordinated responses to security issues by centralizing vulnerability management.

Audit Trail of Security Events

Xygeni’s Application Security Posture Management platform includes a robust security audit trail feature that provides a comprehensive timeline of events associated with each asset.

This feature tracks and logs all significant activities, such as changes, updates, and security incidents. Ensuring that users have a clear and detailed view of the security history for each asset within their software environment.

Some notable capabilities of our security audit trail feature are:

  • Event Log: Every modification, update, or security event related to an asset is logged. Creating a chronological record that can be crucial for troubleshooting, compliance audits and security investigations.

  • Comprehensive Coverage: The audit trail captures a wide range of events, from code commits and build configurations to deployment activities and configuration modifications, ensuring that all aspects of the asset lifecycle are monitored.

  • Effortless Access and Visualization: Users are able to efficiently access and visualize audit trails, facilitating the identification of specific events or patterns.

  • Enhanced Security and Compliance: By maintaining a detailed record of all actions taken on each asset, Organizations can strengthen their security framework and ensure adherence to regulatory standards, facilitating the verification of procedural compliance and enabling the early detection of a security breach.

Quick and Efficient Remediation Process

Xygeni’s ASPM platform optimizes the remediation process by providing detailed guidelines and automated actions for addressing each risk and vulnerability.

Integration with ticketing and tracking systems streamlines the process of updating workflows, ensuring that vulnerabilities are promptly addressed.

Visit these pages for more information:

From source control management (SCM) systems to build tools, CI/CD workflows, and distribution mechanisms, Xygeni captures a detailed of assets. As well as identifying code repositories, open-source and private dependencies, package managers, pipelines and jobs, scripts and build files, plugins and tools, Infrastructure as Code (IaC) templates and cloud resources.

Visit the documentation page for further details

Xygeni enhances its Inventory capabilities by integrating a comprehensive feature.

: Xygeni scans for all SCM (Source Control Management) user accounts that have read, write, or manage permissions on repositories. This includes permissions assigned directly to users or inherited from groups with access to the repositories.

: The system registers all SCM groups, including any users with significant permissions, ensuring that all potential access points are monitored and controlled.

: Xygeni also identifies git users who are not linked to an SCM account but have made commits to the git history. Xygeni tracks contributions across all branches, providing a complete picture of every user that has modified the codebase.

.

.

Xygeni's provide extensive customization and precise filtering options.

Visit the page for further info.

Visit the page for further information.

Visit the page for further information.

.

.

inventory
Inventory
Group and User Tracking
Non-SCM Contributors
Inventory Collaborators
dynamic funnels
Prioritization Funnels
Uploading reports from 3rd party tools
Remediation Actions
Automatic Fix
Xygeni ASPM Web UI
Collaborator Analysis
Comprehensive Permissions Review
Heath Check Collaborators
Detailed view of the dependency graph of a real project.
Findings and Audit Trail