Get started with Application Security
Due to the widespread increase in usage of open-source libraries, modern applications usually contain a large number of vulnerabilities. Evaluating hundreds or thousands of open security problems quickly becomes a daunting task.
Dynatrace Application Security pinpoints vulnerabilities that need immediate investigation. It automatically analyzes data access paths and production execution to provide an automatic and precise risk and impact assessment.
To monitor the security issues of third-party libraries in your environment, follow the instructions below.
Prerequisites
- Dynatrace SaaS or Managed version 1.225+
Supported technologies
Dynatrace detects third-party vulnerabilities in the following technologies.
| Technology | Minimum OneAgent version |
|---|---|
| Java | 1.221 |
| .NET | 1.233 |
| Node.js | 1.231 |
| PHP | 1.231 |
| Kubernetes | 1.219 |
1. Assign permissions
You need to assign Security admin permission to users who will be allowed to view and manage security problems.
To assign Security admin permission
- In Dynatrace, open the user menu in the upper-right corner of the page and go to Account settings > Identity management > User management.
To add an existing user to the group
- Select Edit for the user you want to add.
- Scroll down to Assign groups to user and select the Security admin group.
- Select Save.
To add a new user to the group
- Select Invite user.
- Enter the required details.
- Scroll down to Assign groups to user and select the Security admin group.
- Select Invite.
For more information on user permissions, see Manage user groups and permissions.
2. Enable runtime vulnerability detection
To enable Application Security, you need to enable its runtime vulnerability detection functionality.
- In the Dynatrace menu, go to Application Security > Vulnerabilities and select Activate settings.
- In the Runtime vulnerability detection page that opens, select Enable runtime vulnerability detection.
3. Control runtime vulnerability detection by technology optional
After you enable runtime vulnerability detection, Dynatrace starts generating security problems for all supported technologies by default. To control which of these technologies you want to receive security problems
- In the Dynatrace menu, go to Settings and select Application Security > Runtime vulnerability detection.
- Enable or disable runtime vulnerability detection per technology as needed.
- Select Save changes to save your configuration.
After enabling and configuring the Application Security and OneAgent features, you can start monitoring vulnerabilities of your third-party libraries in Dynatrace.
Note: For existing users, if you encounter issues after enabling and configuring Application Security, see Troubleshoot Application Security.