Application Deployment
π§ Overview: What Is an Application Deployment?
An Application Deployment (or AppDeploy) represents an installed and operational instance of an Application Package within a specific environment (e.g., Dev, Test, Production, or Disaster Recovery).
It is the actual execution of the application or one of its components, configured for a particular use case, release version, and runtime environment. Each AppDeploy is environment-specific and version-controlled, enabling fine-grained management and monitoring of deployed software components.
π‘ Why Application Deployment Matters in ASPM
In Application Security Posture Management (ASPM), Application Deployments help bridge the gap between static application definitions and real-world running instances. Their significance includes:
Tracking what is deployed, where, and in what version
Supporting incident resolution and change control at the environment level
Mapping dependencies between deployments
Identifying runtime security exposure points (e.g., URIs for APIs)
Enabling disaster recovery and compliance planning
AppDeploys provide a real-time operational view of applications, essential for managing risk and responding to runtime issues.
π Application Deployment β Element Type Details
π Description:
The ApplicationDeployment entity models the configuration of an app or component in a specific environment, including version, type, dependencies, and operational status.
π― Significance in ASPM:
Provides visibility into how application components are deployed and interconnected. Helps identify where security controls must be applied and where vulnerabilities may be exposed in production environments.
π§Ύ Schema Table
Attribute
Type
Description
deploymentId
UUID
Unique identifier for the deployment instance
name
String
Human-readable name of the deployment (e.g., "MyApp - Prod API v1.0")
applicationPackageId
String (FK)
Reference to the parent Application Package
environment
Enum
Deployment environment (e.g., Dev, Test, Prod, DR)
version
String
Version identifier (e.g., "1.0", "11g")
componentType
Enum
Type of component deployed: API, Plugin, UI, Interface, etc.
uri
String
API endpoint (if applicable); critical for tracking exposed services
dependencies
List
Other AppDeploy IDs this one depends on (internal or external)
status
Enum
Operational status: Deployed, In Maintenance, Failed, Retired
installDate
DateTime
Date and time when this deployment went live
lastUpdated
DateTime
Timestamp of the most recent configuration change
deployedBy
String
Identifier of the team/person who deployed it
supportingServiceId
String (FK)
Reference to a Technical Service (e.g., runtime, middleware, DB service)
notes
Text
Free-form notes for context, incidents, or deployment tracking
𧩠Example Use Cases
Scenario
How AppDeploy Helps
An API fails in Production
You can isolate the exact AppDeploy instance, view the URI, and troubleshoot
You want to model a plugin not as a full app
Represent it as a separate AppDeploy under the AppPackage
An app has different versions in Dev and Prod
You can model each as a distinct AppDeploy
You need to track integration dependencies
Link AppDeploys using the dependencies field
β
Summary
Application Deployments bring the AppPackage model to life. They show whatβs actually running, in what version, and where β making them essential for security, operational management, and compliance in ASPM.
Through AppDeploys, you gain:
Precise environmental context
Granular visibility into deployed components
Support for incident response, dependency tracking, and runtime risk identification
Last updated
Was this helpful?