Ingest and enrich GitHub Advanced Security vulnerability findings with Dynatrace

Dynatrace integrates with GitHub Advanced Security (GHAS) to break down the silos between DevSecOps teams, unifying security findings along the Software Development Lifecycle (SDLC) and enriching them with runtime context. Dynatrace allows you to ingest, visualize, prioritize, and automate security findings, helping to reduce noise from alerts and provide focused remediation to the issues that matter to your critical production environments.

Manage vulnerabilities throughout the SDLC

As a DevSecOps best practice, application artifacts must be scanned and assessed for vulnerabilities in each relevant stage of the Software Development Lifecycle. This includes detecting vulnerabilities in your code repository early in the lifecycle of your code artifacts, vulnerabilities in your build artifacts, such as build manifests and container images, and potential vulnerabilities in your pre-production runtime environment prior to deployment to production.

GitHub is a developer platform that helps Dev teams to develop, maintain, build, and distribute their artifacts, from coding time to runtime. With a dedicated set of security capabilities delivered by GitHub Advanced Security products, developers can keep pace with security validation at each stage of the SDLC without slowing down.

Nevertheless, the number of vulnerability findings detected can be overwhelming, and prioritizing them can be tricky. This increases the risk of critical vulnerabilities slipping through the cracks between pipeline stages and exposing your production services and applications to exploitation by hackers.

This is where runtime context can help by filtering for the most important vulnerabilities and focusing your remediation efforts on the vulnerabilities that have a direct impact on your production services.

Add runtime context with Dynatrace

The Dynatrace® AI-powered observability platform monitors your applications and has all the runtime insights required to help organizations navigate through hundreds and thousands of vulnerability findings and use the runtime context to prioritize them.

Various code/build time artifacts, such as source code and container images, can be mapped to the runtime entities they affect, for example, running containers or processes. As soon as the mapping is established, you get immediate insight into how a specific vulnerability detected in a dev artifact affects your runtime environment. The observability data collected and monitored by Dynatrace on the runtime entities provides additional insights for prioritization, such as internet exposure, relationships to other services, and even ownership information.

Having the power of observability data allows SREs who are responsible for production services and applications to gain insight into the security hygiene of the DevSecOps processes and effectively communicate to the DevSecOps teams the top vulnerabilities that need to be addressed with the highest priority.

Moreover, by integrating Dynatrace into your CI/CD pipeline prior to the promotion of new services and applications to production, SREs can define security gates that prevent critical vulnerabilities from being deployed in the first place.

Integrate with GitHub Advanced Security

Dynatrace delivers GHAS integration as an extension that allows granular control over the data flow between GitHub and the Dynatrace platform. In the first version, the integration periodically fetches Dependabot alerts and audit logs from GitHub and stores them in the Dynatrace Grail data lakehouse for later analysis, visualization, and automation use cases.

Platform-native Dynatrace® Apps, such as Dashboards and Notebooks, help you visualize and analyze your security findings. Workflows, meanwhile, help you automate your response—efficiently triaging the findings, creating tickets for DevSecOps teams, and notifying the relevant stakeholders.

Dynatrace also provides several ready-made dashboards as part of the extension to serve as a starting point for security findings analysis and visualization.

• The Vulnerability findings dashboard provides an overview of vulnerability findings across various products, allowing you to centrally and uniformly prioritize them.
• The Security product coverage dashboard provides an overview of your security product coverage across various scanned artifacts to help identify coverage gaps.

What’s next

The Dynatrace integration with GitHub Advanced Security will evolve to ingest additional types of vulnerability findings beyond Dependabot alerts to extend visibility to all the security insights provided by GHAS products.

Get started

Visit our documentation pages for security events ingest to explore the full range of Dynatrace platform integrations with various DevSecOps security products.

For full details of the prerequisites and steps for setting up the GHAS integration, please go to Ingest GitHub Advanced Security security events and audit logs in Dynatrace Documentation.