Application Security

Dynatrace Application Security enables you to detect, visualize, analyze, monitor, and remediate open-source and third-party vulnerabilities in production and pre-production environments at runtime.

Capabilities

Automatic and continuous protection powered by Davis, the Dynatrace AI causation engine. Davis continuously watches production and pre-production environments to identify any changes in application environments (such as container dynamics, elastic scaling, multi-version deployments, runtime container updates, rollbacks, A/B tests, or blue/green deployments) and provide precise answers about the source, nature, and severity of vulnerabilities as they arise in real time. Davis automatically analyzes and prioritizes alerts.
Continuous analysis of attack vectors to automatically track if vulnerable libraries are called and used at runtime. Dynatrace Application Security identifies the biggest security problems and eliminates false positives with Smartscape real-time topology mapping and distributed tracing with PurePath® code-level analysis.
Runtime introspection approach in combination with the Snyk vulnerability database for automatic vulnerability detection at runtime. Even if security checks aren't integrated into the pipelines across all teams, or if they're deliberately bypassed, Dynatrace detects what’s running and pinpoints vulnerabilities instantly by automatically opening a security problem when a vulnerability is detected and closing it when it's resolved.
Full coverage across production rollbacks and outdated releases, feature flags, and deployment patterns (canary, blue/green).
Efficient management of vulnerabilities where a fix hasn't been effective, such as if a vulnerability is accidentally reintroduced during a rollback, or if updates haven't been applied correctly.
Precise and automatic risk and impact assessment, with risks prioritized by data access path and actual production execution. From hundreds or thousands of open vulnerabilities, Dynatrace Application Security pinpoints those that need immediate investigation. It automatically analyzes data access paths and production execution to provide an automatic and precise risk and impact assessment.

1. Activate

Dynatrace Application Security is licensed based on the consumption of Application Security units. If you’re already a Dynatrace customer and you want to activate Application Security, contact a Dynatrace product specialist via in-product chat or speak to your account executive. Our DevOps team will evaluate your environment and then activate Application Security.

2. Enable

To start monitoring security issues in your environment, you need to enable the Application Security and OneAgent features. See Get started with Application Security for instructions.

3. Configure

You can create, reorder, modify, and delete custom monitoring rules for Dynatrace-monitored processes.

4. Explore

With Application Security, you can:

Get an overview of each vulnerability supported by detailed information that provides additional context, enabling you to dig deeper and examine exposed or affected processes, data storages, libraries, and entities.
Automatically and continuously identify changes, prioritize problems, and get precise answers about the source, nature, and severity of vulnerabilities.
Get insights based on Davis Security Score calculations and Davis Security Advisor recommendations for vulnerabilities.
Get metrics related to security problems and process groups.

5. Evaluate

To understand how Application Security identifies vulnerabilities and how it determines their priorities, see Security problem management.

6. Integrate

To pass security issues to your teams for alerting and remediation purposes, you need to integrate security problem notifications with Dynatrace.

Limitations

Application Security isn't supported for Dynatrace Managed in offline mode.
We recommend running Application Security in Full-Stack Monitoring mode because Infrastructure Monitoring mode:
- Prevents Davis AI from adapting Davis Security Scores.
- Lacks environmental information, such as sensitive data or network exposure.
- Limits information on related entities, such as databases and services.