Application Security metrics
The following metrics for Application Security are available.
Metrics related to vulnerabilities
| Name | Description | Dimensions |
|---|---|---|
Open security problems (global)Dynatrace version 1.225+ | Number of currently open vulnerabilities seen within the last minute. The metric value is independent of any configured management zone (and thus global). | Risk level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability) |
Open security problems (split by management zone)Dynatrace version 1.231+ | Number of currently open vulnerabilities seen within the last minute. The metric value is split by management zone. | Risk Level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability); management zone name |
New open security problems (global)Dynatrace version 1.222+ | Number of vulnerabilities that were recently created. The metric value is independent of any configured management zone (and thus global). | Risk level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability) |
New open security problems (split by management zone)Dynatrace version 1.231+ | Number of vulnerabilities that were recently created. The metric value is split by management zone. | Risk Level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability); management zone name |
New muted security problems (global)Dynatrace version 1.222+ | Number of vulnerabilities that were recently muted. The metric value is independent of any configured management zone (and thus global). | Risk level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability) |
New resolved security problems (global)Dynatrace version 1.222+ | Number of vulnerabilities that were recently resolved. The metric value is independent of any configured management zone (and thus global). | Risk level (Critical, High, Medium, Low, None); Type (Third-party vulnerability, Code-level vulnerability) |
Affected entities countDynatrace version 1.251+ | Total number of unique affected entities across all open vulnerabilities. The metric supports the management zone selector. | Security problem ID; External vulnerability ID; Title; Vulnerable component (the package name or Not available); CVE (all related CVE IDs or Not available); Risk level (CRITICAL, HIGH, MEDIUM, LOW, NONE); Technology (Java, .NET, Node.js, PHP, GO); Type (Third-party vulnerability, Code-level vulnerability) |
Metrics related to process groups
| Name | Description | Dimensions |
|---|---|---|
Vulnerabilities - affected process groups count (global)Dynatrace version 1.227+ | Total number of unique affected process groups across all open vulnerabilities per technology. The metric value is independent of any configured management zone (and thus global). | Technology (Java, .NET, Node.js, PHP, GO) |
Vulnerabilities - affected not-muted process groups count (global)Dynatrace version 1.227+ | Total number of unique affected process groups across all open, unmuted vulnerabilities per technology. The metric value is independent of any configured management zone (and thus global). | Technology (Java, .NET, Node.js, PHP, GO) |
View metrics
To view Application Security metrics
-
In the Dynatrace menu, go to Metrics.
-
Filter by
Text: security problemsorText: process groups.- If you don't see results, turn off Only show metrics reported after the start of the selected timeframe.
- You can add more filters (
Tag,Unit,Favorites). See Filter and sort the table for details.
-
Expand Details for any metric to see metric details and a chart of the metric over the selected timeframe.
Example metric details:
Example chart:
To learn more about charting metrics and how to pin them to your dashboards, see Data explorer.