Cloud App Analyzer Application Discovery

This topic explains Cloud App Analyzer’s Application Discovery feature. Application discovery helps you identify applications and their component microservices within your AWS and Azure environments. This makes it easier to understand how these applications and microservices connect and interact, including identifying potential security issues.

Cloud App Analyzer Application Discovery supports AWS EKS (Elastic Kubernetes Service) and Azure AKS (Azure Kubernetes Service). It provides detailed visualization of applications, including clusters, nodes, pods, deployed containers, and other Kubernetes resources.

A microservice, as defined in the context of Cloud App Analyzer, consists of an interconnected set of cloud resources that collectively perform a set of functions or services. These resources can include compute, networking, and database components among others. Microservices work together to form a larger application.

Cloud App Analyzer analyzes applications and represents them in a dependency graph that clearly visualizes connections between microservices. Microservices are shown as clouds with a dotted outline.

Clicking on a microservice in the Application map opens a dependency graph for the selected microservice. The Microservice map clearly visualizes connections and dependencies among resources. The root node is identified by the red flag .

This graph details the application’s structure and highlights elements with security issues, offering a view of the complex relationships within the cloud environment. By showing where vulnerabilities occur within the application, this visual tool helps prioritize security issues based on their placement and impact.

View Discovered Applications

To access the list of discovered applications:

Do the following:

  1. Click Application Discovery in the left side menu, below Discovered Applications. Select the AWS tab.

    The Account IDs of accounts with discovered applications is shown.

  2. Click an Account to open its Discovered Applications list.

    This list provides detailed information about each application, including:

    Column Description

    Region

    Specifies the geographic location of the AWS data center hosting the application.

    Application Name

    Provides a reference name for the set of resources identified as an application.
    Microservices Number of microservices that make up the application.

    Application's Main Workload ID

    Describes the application's primary function or service.

    Workload Type

    Indicates the types of resources used.

    Application discovery works for the workloads based on Lambda functions, ECS clusters, ECS tasks and task definitions, ECS services, EC2 instances, and EKS clusters.

    Findings

    Shows high-level findings including:

    Security Issues

    Lists the total detected security issues or misconfigurations.

    You can view these affected components highlighted in the application dependency graph.

    Action

    Click to open the dependency graphs of the application.

  3. open the application dependency graphs: On the row of an application in the Discovered Application List, click .

    The dependency graphs of the application opens showing the constituent microservices of the selected application.

  4. Click on a microservice to open its dependency graph.

  1. Click Application Discovery in the left side menu, below Discovered Applications. Select the Azure tab.

    The Subscription IDs of accounts with discovered applications is shown.

  2. Click an Subscription ID to open its Discovered Applications list.

    This list provides detailed information about each application, including:

    Column Description

    Region

    Specifies the geographic location of the Azure data center hosting the application.

    Application Name

    Provides a reference name for the set of resources identified as an application.
    Microservices Number of microservices that make up the application.

    Main Workload ID

    Describes the application's primary function or service.

    Workload Type

    Indicates the types of resources used.

    Security Issues

    Lists the total detected security issues or misconfigurations.

    You can view these affected components highlighted in the application dependency graph.

    Action

    Click to open the dependency graphs of the application.

  3. open the application dependency graphs: On the row of an application in the Discovered Application List, click .

    The dependency graphs of the application opens showing the constituent microservices of the selected application.

  4. Click on a microservice to open its dependency graph.

Search applications and microservices

You can use the search fields on the Discovered Applications and Discovered Microservices lists to filter the list as per the following:

  • Region

  • Application name

  • Microservice name

  • Workload ID

  • Workload type

  • Resource tags

  • Resource type

  • Resource labels

  • Text search