• Home
  • API
  • Environment
  • Settings
  • Schemas
  • Runtime Vulnerability Analytics- General settings

Settings API - Runtime Vulnerability Analytics- General settings schema table

Vulnerability Analytics: General settings (builtin:appsec.runtime-vulnerability-detection)

Automated Runtime Vulnerability Analytics helps you quickly and completely understand each detected vulnerability in your environment and how to remediate it, allowing you to prioritize which vulnerabilities to fix first. Note: Enabling Third-party or Code-level Vulnerability Analytics consumes Application Security units. For details, see the Application Security Monitoring documentation.

Schema IDSchema groupsScope
builtin:appsec.runtime-vulnerability-detection
  • group:appsec.vulnerability-analytics
  • group:appsec
environment
Retrieve schema via Settings API
GETManagedhttps://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection
SaaShttps://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection
Environment ActiveGatehttps://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection

Authentication

To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

PropertyLabelTypeDescriptionRequired
enableRuntimeVulnerabilityDetectionEnable Third-party Vulnerability Analyticsboolean-required
technologiesTechnologiesTechnology

Vulnerability Analytics can be enabled/disabled per supported technology.

required
enableCodeLevelVulnerabilityDetectionEnable Code-level Vulnerability Analyticsboolean-required
globalMonitoringModeJavaGlobal Java code-level vulnerability detection controlenum

Global Java code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain process groups.

Code-level vulnerability detection for Java has been recently released as early access version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature "Java code-level vulnerability evaluation" to get started.

required

Request body objects

The Technology object
PropertyLabelTypeDescriptionRequired
enableDotNet.NETboolean-required
enableDotNetRuntime.NET runtimesboolean-required
enableGoGoboolean-required
enableJavaJavaboolean-required
enableJavaRuntimeJava runtimesboolean-required
enableKubernetesKubernetesboolean-required
enableNodeJsNode.jsboolean-required
enableNodeJsRuntimeNode.js runtimesboolean-required
enablePhpPHPboolean-required