Get started with Application Security
Due to the widespread increase in usage of open-source libraries, modern applications usually contain a large number of vulnerabilities. Evaluating hundreds or thousands of open security problems quickly becomes a daunting task.
Dynatrace Application Security pinpoints vulnerabilities that need immediate investigation. It automatically analyzes data access paths and production execution to provide an automatic and precise risk and impact assessment.
To monitor the security issues of third-party libraries in your environment, follow the instructions below.
Assign permissions
Enable Vulnerability Analytics
Control Vulnerability Analytics by technology
Prerequisites
- Dynatrace SaaS or Managed version 1.225+
Supported technologies
Dynatrace detects third-party vulnerabilities in the following technologies.
| Technology | Minimum OneAgent version |
|---|---|
| Java | 1.221 |
| .NET | 1.233 |
| Node.js | 1.231 |
| PHP | 1.231 |
| Kubernetes | 1.219 |
| Go | 1.245 |
Assign permissions
You need to assign Security admin permission to users who will be allowed to view and manage security problems.
Note: For Managed environments, you need to assign Manage security problems permission instead.
To assign Security admin permission
- In Dynatrace, open the user menu in the upper-right corner of the page and go to Account settings > Identity management > User management.
To add an existing user to the group
- Select Edit for the user you want to add.
- Scroll down to Assign groups to user and select the Security admin group.
- Select Save.
To add a new user to the group
- Select Invite user.
- Enter the required details.
- Scroll down to Assign groups to user and select the Security admin group.
- Select Invite.
For more information on user permissions, see Manage user groups and permissions.
Enable Vulnerability Analytics
To enable Application Security, you need to enable its Vulnerability Analytics functionality.
-
In the Dynatrace menu, go to Application Security > Vulnerabilities and select Activate settings.
-
Select Enable Runtime Vulnerability Analytics.
Note: This functionality consumes Application Security units. For details, see Application Security Monitoring.
Control Vulnerability Analytics by technology optional
After you enable Vulnerability Analytics, Dynatrace starts generating security problems for all supported technologies by default. To control which of these technologies you want to receive security problems
- In the Dynatrace menu, go to Settings and select Application Security > Vulnerability Analytics > General settings.
- Enable or disable Vulnerability Analytics per technology as needed.
- Select Save changes to save your configuration.
After enabling and configuring the Application Security and OneAgent features, you can start monitoring vulnerabilities of your third-party libraries in Dynatrace.
Note: For existing users, if you encounter issues after enabling and configuring Application Security, see Troubleshoot Application Security.