Patent attributes
Techniques are described that determine whether applications and/or services operating in a network environment adhere to risk reduction policies. An example system includes one or more processors, a first agent, a second agent, a third agent, and a compliance analyzer. The first agent analyzes source code in a source code repository associated with an application executing in a network environment according to a first set of policies. The second agent analyzes artifacts of deployed assets on a target deployment environment associated with the application according to a second set of policies. The third agent analyzes access logs to the application according to a third set of policies. The compliance analyzer determines a risk of the application based on the analysis by the first, second, and third agents.
