My first feedback for Apiiro is that it is very slow, extremely slow. The moment I select from the entire list of repositories in my vertical, which is almost more than 400 repositories, it takes a lot of time for me to load the report. Sometimes it fails. I do not have Role-Based Access Control (RBAC). It's only given to the application security team, and Apiiro as a vendor does not have the rollback access control enabled for the clients, so that would have given me access to the reports tab, which would have made my life easier. Currently, I have to go to the risks tab to pull out all this information. I started exploring dashboards with Copilot. I need to reach out to the Apiiro teams to see if I can get an access token so that I can pull out a Power BI dashboard. I think Apiiro definitely has its own capabilities, but if there are access tokens that teams can use to build a custom dashboard, that would be great. This might already exist, but that is something which will ease the vulnerability management day-to-day activities.
Apiiro recently integrated SaaS, and we would love to see them expand on that. They provide many integrations to different products, including SaaS products such as Snyk. Ideally, Apiiro would include SaaS from the get-go. I would like support for our self-hosted Git server, other than GitHub, just regular Git. I understand that it's a legacy system and most people aren't using on-premises Git servers. We're probably gonna move away from it soon, and Apiiro is trying to accommodate us there.
Tech Lead SecDev Apps at a financial services firm with 51-200 employees
Real User
Top 10
2023-09-29T18:08:00Z
Sep 29, 2023
I've been pretty close to all of their new releases. We are on the beta program for a lot of their new features. We do a good job of testing and we learn whatever we can at the time. Since we're testing some of the new features for them, and walking through the product, we'll work with their chief product officer to see what's on the road map and what's coming down the line. It's been really nice and a good, two-way conversation. That said, user management is a little bit clunky. It relies on contributors to source code. It's a little bit clunky, especially during the renewal process for our contract. Trying to figure out how many "seats" we had was very, very difficult due to the fact that it pulled those numbers dynamically from whoever was contributing to our GitHub repo. Therefore, having that be a little bit less clunky and not having to pull logs for who was actually contributing to the GitHub repo to find who is using licenses would be ideal. There's probably a much easier way to handle the users on the platform.
Apiiro is the leader in application security posture management (ASPM), unifying risk visibility, prioritization, and remediation with deep code analysis and runtime context.
Companies like Morgan Stanley, SoFi, Rakuten, and Navan leverage Apiiro's ASPM to...
Get complete application and risk visibility: Apiiro takes a deep, code-based approach to ASPM. Its Cloud Application Security Platform analyzes source code and pulls in runtime context to build a continuous, graph-based inventory of...
My first feedback for Apiiro is that it is very slow, extremely slow. The moment I select from the entire list of repositories in my vertical, which is almost more than 400 repositories, it takes a lot of time for me to load the report. Sometimes it fails. I do not have Role-Based Access Control (RBAC). It's only given to the application security team, and Apiiro as a vendor does not have the rollback access control enabled for the clients, so that would have given me access to the reports tab, which would have made my life easier. Currently, I have to go to the risks tab to pull out all this information. I started exploring dashboards with Copilot. I need to reach out to the Apiiro teams to see if I can get an access token so that I can pull out a Power BI dashboard. I think Apiiro definitely has its own capabilities, but if there are access tokens that teams can use to build a custom dashboard, that would be great. This might already exist, but that is something which will ease the vulnerability management day-to-day activities.
Apiiro recently integrated SaaS, and we would love to see them expand on that. They provide many integrations to different products, including SaaS products such as Snyk. Ideally, Apiiro would include SaaS from the get-go. I would like support for our self-hosted Git server, other than GitHub, just regular Git. I understand that it's a legacy system and most people aren't using on-premises Git servers. We're probably gonna move away from it soon, and Apiiro is trying to accommodate us there.
I've been pretty close to all of their new releases. We are on the beta program for a lot of their new features. We do a good job of testing and we learn whatever we can at the time. Since we're testing some of the new features for them, and walking through the product, we'll work with their chief product officer to see what's on the road map and what's coming down the line. It's been really nice and a good, two-way conversation. That said, user management is a little bit clunky. It relies on contributors to source code. It's a little bit clunky, especially during the renewal process for our contract. Trying to figure out how many "seats" we had was very, very difficult due to the fact that it pulled those numbers dynamically from whoever was contributing to our GitHub repo. Therefore, having that be a little bit less clunky and not having to pull logs for who was actually contributing to the GitHub repo to find who is using licenses would be ideal. There's probably a much easier way to handle the users on the platform.