• Home
  • How to use Dynatrace
  • Application Security
  • Application Protection

Application Protection

Dynatrace Application Protection leverages code-level insights and transaction analysis to detect and block attacks on your applications automatically and in real-time.

Capabilities
  • Code-level visibility provided by OneAgent
  • Detection of SQL, JNDI, and command injection attacks
  • Production-ready performance footprint
  • Configurable automatic blocking of detected attacks
  • Protection of web applications and APIs
  • High alert precision with rich context to optimize your team's performance and make every minute count

Activate

Enable

Configure

Enable the OneAgent feature for Application Protection

Prerequisites

  • OneAgent version 1.243
  • Dynatrace version 1.242
  • For Dynatrace Managed, environments need to be connected to Mission Control.
  • To enable Application Protection, you first need to enable Application Security. Follow the instructions in Get started with Application Security to set up permissions and enable Vulnerability Analytics.

Activate

Dynatrace Application Protection is licensed based on the consumption of Application Security units. Contact a Dynatrace product specialist via in-product chat or speak to your account executive to activate Application Protection. After they activate Application Protection for you, proceed with enabling Application Protection.

Enable

To enable Application Protection globally on your environment

  1. In the Dynatrace menu, go to Settings.

  2. Select Application security > Application Protection > General settings.

  3. Select Enable Runtime Application Protection.

    Note: This functionality consumes Application Security units. For details, see Application Security Monitoring.

  4. Select Save changes.

After you enable Application Protection, a spinning radar in the upper-right corner of the Code-level vulnerabilities and Attacks pages is displayed, indicating that your environment is being monitored. If Application Protection is disabled, information on these pages is unavailable and the radar screen in the upper-right corner stops, with the warning that Monitoring stopped. Please check settings. Follow the associated link to enable Application Protection.

Configure

To define the global attack control

  1. In the Dynatrace menu, go to Settings.
  2. Select Application security > Application Protection > General settings.
  3. Select one of the Global attack control modes:
    • Off; incoming attacks NOT detected or blocked. – Monitoring is disabled; no attacks are reported.
    • Monitor; incoming attacks detected only. – Monitoring is enabled; no attacks are blocked.
    • Block; incoming attacks detected and blocked. – Monitoring is enabled; attacks are blocked at runtime.

Note: If you define custom monitoring rules based on certain process groups or vulnerability types, the custom rules override the default monitoring mode, and Application Protection continues to monitor the attacks based on your rules.

Enable the OneAgent feature for Application Protection

  1. In the Dynatrace menu, go to Settings and select Preferences > OneAgent features.
  2. Find Java code-level security evaluation and enable it.
  3. Select Details and turn on Instrumentation enabled (change needs a process restart).
  4. Select Save changes.
  5. Restart your processes.

Manage attacks and vulnerabilities

After you enable Application Protection, you can start monitoring attacks and attack-generated code-level vulnerabilities, and you can set up attack-protection rules.