We’re thrilled to announce the full transition of Dynatrace Runtime Vulnerability Analytics to the latest Dynatrace platform. This upgrade includes a new Vulnerabilities app and unlocks a suite of powerful features designed to make vulnerability detection, prioritization, and response to vulnerable libraries and runtimes used by your application faster and more effective.
Key benefits of Runtime Vulnerability Analytics
Managing application vulnerabilities is no small feat. Traditional tools often overload you with data, making it challenging to identify which vulnerabilities actually put your environment at risk. Dynatrace’s unique ability to understand which assets in your production environment are actively exposed—such as those vulnerable to internet-based threats or linked to sensitive data sources—allows you to immediately focus on what matters most.
The updated platform does more than detect vulnerabilities— it gives you an in-depth understanding of their potential impact. For example:
- Exploitation awareness: Identify vulnerabilities based on whether they’re exposed to critical assets or have exploits circulating in the wild.
- Real-world context: Determine if vulnerabilities are linked to internet-facing systems or databases to help you prioritize the vulnerabilities that pose the greatest risk.
- Streamlined prioritization: Assess threats based on their real impact on your environment, not just abstract risk scores. By focusing on actionable intelligence, you can reduce noise and focus on what’s important.
What’s new in this version?
Unified vulnerabilities view
The new Dynatrace platform consolidates third-party and code-level vulnerabilities into a single, intuitive view. Instead of switching between multiple views, you have a comprehensive overview of your environment’s vulnerabilities in one place.
Advanced filtering capabilities
With the newly added filtering field, you can tailor how you search for vulnerabilities:
- Combine search criteria for complex queries, such as finding vulnerabilities connected to data assets but not exposed to the internet.
- To filter findings efficiently, use numerical thresholds like DSS (Dynatrace Security Score) or CVSS (Common Vulnerability Scoring System).
- Search full vulnerability descriptions for pinpoint accuracy.
- For instance, you can quickly locate vulnerabilities exposed to the web with a DSS score higher than 8, while CVSS scores lower than 10 allow you to focus on risks that require immediate attention.
View segmentation
The Vulnerabilities app utilizes a cross-platform segmentation feature that helps you focus on specific areas of your environment:
- Slice environments into categories like process groups, applications, or even individual services.
- Create custom segments based on attributes like vulnerability type or Davis® AI assessment.
- For example, you might create a segment that tracks vulnerabilities in your payment processing system separately from general infrastructure assets.
Davis Security Score adaptability
The Davis® Security Score (DSS) now adapts to the segments you’re viewing. If a selected segment contains only medium-critical entities, the vulnerability’s score will reflect that, ensuring more precise and context-relevant prioritization.
Why these features matter
Imagine your web application uses a vulnerable library that’s directly exposed to the internet and connected to data assets. The unified prioritization view, combined with advanced filtering and segmentation, helps you identify this issue quickly, assess its risk level, and prioritize fixing it—all before it can be exploited.
Secure your applications now
The new Dynatrace Vulnerabilities app simplifies complexity and helps you tackle threats head-on. Log into your Dynatrace account today to unlock the full potential of your application’s security monitoring.
Note: Switching the Vulnerabilities app to a Grail-native backend requires updated permissions for users. Please see the instructions in Dynatrace Documentation.
Not a Dynatrace customer yet? Explore these new capabilities in the Dynatrace Playground.
Looking for answers?
Start a new discussion or ask for help in our Q&A forum.
Go to forum