Dynatrace extends its mobile app with Application Security findings, allowing you to stay on top of run-time third-party vulnerabilities and find answers to tough security questions directly on your mobile device. Even on the go, you can now benefit from instant security insights, and quick assessment of your organizational exposure.
In the past, all security “wisdom” was owned by security teams alone. Business and app owners could only dream of having continuous visibility into their application’s health from both the availability and security standpoint.
Dynatrace Application Security changed this by introducing Runtime Vulnerability Analytics for your production environments. This feature enables multiple stakeholders to have immediate visibility of the security posture of their apps and act accordingly.
The new version of the Dynatrace mobile app extends this visibility further to real-life vulnerability monitoring, providing quick and easy access to security insights directly on your mobile device.
With the Dynatrace mobile app, you get unified access to both observability and security-related insights, such as:
- Operational alerts on the availability and performance issues of your monitored apps and services.
- Security findings of third-party vulnerabilities.
- Detailed information about each alert or vulnerability to understand the immediate impact on your environment.
Scenario #1: You’re a CISO at a large corporation
You’re a CISO at a large corporation. You’re attending a special CISO dinner with peers from other companies, where you share knowledge and experience of various security topics.
One of your peers mentions a recent vulnerability that was hard to map and assess in production. It took them weeks to identify and fix the issue, which exposed the organization to potential cyberattacks and reputational damage.
You feel a surge of curiosity and concern. Could your organization also be exposed to this vulnerability? How would you know? How long would it take you to find out and resolve it?
You remember that you have Dynatrace installed on your systems. You know that with Dynatrace, your teams can easily detect and map such vulnerabilities in production and act accordingly.
Then, you recall that you recently installed the new Dynatrace mobile app on your phone. It should provide a quick answer to some of the questions.
- You open the Dynatrace mobile app and go to the Third-party vulnerabilities section, which shows your environment’s recent vulnerabilities.
- You quickly look up the mentioned vulnerability CVE in the mobile app and confirm that your organization is vulnerable.
- Next, you share the vulnerability info via your organization’s Slack channel with your security manager, asking that you review the information with them tomorrow.
Meanwhile, your security manager is out grocery shopping when your message arrives. Your security manager is curious about the details and so looks up the vulnerability in the Dynatrace app on their mobile device.
Fortunately, the vulnerability has no public internet exposure, which means it’s not easily exploitable by hackers. As a result, your security manager is relieved and less stressed about handling the issue. Your security manager can now sleep calmly and agrees to review the details with you tomorrow in the office.
Scenario #2: You’re an SRE working at a large bank
You’re an SRE (Site Reliability Engineer) working at a large bank. You’re responsible for the online banking platform that serves thousands of customers. You own all aspects of the health of the application, including all security aspects.
This weekend, you’re on-call. If anything happens to the app, you’ll need to go to the office to address the issue. You plan to spend the day at the beach with family and friends. You hope that you won’t be disturbed.
At lunchtime, you receive an email from the SOC (Security Operations Center) team. There was a prevented attempt to exploit a known vulnerability on one of the other apps. It was the log4j library that was exploited. This is a serious security issue that affects many Java applications.
All app owners on-call with log4j-related vulnerabilities in their apps are required to attend a war room meeting in a couple of hours to assess the impact. You’re at the beach, away from your office. How can you check the security status of your app without leaving the beach? Then you recall that you recently installed the new Dynatrace mobile app.
- You open the Dynatrace mobile app and look up the log4j library in the Application Security findings. You see that no vulnerabilities are open for this library on the online banking platform that you manage.
You also see that your development team resolved all critical vulnerabilities on the app.
You feel relieved and impressed. Thanks to the Dynatrace mobile app, you discovered and assessed the security status of your app in minutes, without leaving the beach. You decide to reply to the SOC team and inform them that your app is not affected by the log4j vulnerability.
With the Dynatrace mobile app, you can quickly and easily check your app’s operational and security status from anywhere. Reduce stress, increase confidence, and stay in control of any tough situation!
How to get started
- Install the new Dynatrace mobile app for your mobile device:
- Learn more about related Dynatrace Application Security capabilities:
- Related articles: