Davis data security

Davis uses an HTTP API using TLS with a 2048-bit RSA certificate issued by Amazon. SSL termination is done at the Amazon Elastic Load Balancer and communication within AWS is secured using Security Groups. Communication with Dynatrace environments is also secured with TLS. By default, Davis requires a certificate signed by a trusted authority. However an administrator of a Dynatrace Managed environment may configure Davis to accept a self-signed certificate. Authorization between Davis and your Dynatrace environment is handled by a shared API token.

What Dynatrace data can Davis access?

Davis communicates over the public Dynatrace REST API, and may access any data from the API that the configured API token has permission to access. This may include details of problems, time series data such as response times, environment Smartscape topology information, events collected by Dynatrace, and some configurations, including custom event thresholds and maintenance windows. See the REST API documentation for details about what is available over the REST API.

What data captured by Dynatrace is stored in Davis?

Davis caches a minimal amount of data from the REST API for a short period of time (about 10 minutes or less) to reduce the number of API calls made to your Dynatrace environment and thereby reduce response times.

What data is shared with the Chrome extension?

The Davis Chrome extension is used to enable voice navigation in Davis. Only the bare minimum of data needed to accomplish this is shared with the chrome extension. The extension makes a TLS encrypted WebSocket connection back to Davis and authenticates itself using a shared token, which is user-provided. This token is stored in Chrome local storage and is kept safely away from other web pages, tabs, and extensions. The extension communicates with Davis using a set of messages. On connection, the extension authenticates with Davis using the shared token. After the extension is authenticated, Davis sends the URL of a page associated with the response from the Davis Alexa skill to the Chrome extension. No Dynatrace data is shared with the Chrome extension beyond for URLs of pages associated with responses from the Davis Alexa skill.

Where is Davis hosted?

Davis is hosted in Amazon Web Services in the US East (N. Virginia) region.