Get started with Runtime Application Protection
After setting up Application Security, you can get started with Dynatrace Runtime Application Protection.
Set up Runtime Application Protection
OneAgent version 1.241
Set up Runtime Application Protection to start monitoring attacks.
Activate
Dynatrace Runtime Application Protection is licensed based on the consumption of GiB-hours if you're using the Dynatrace Platform Subscription (DPS) licensing model, or Application Security units (ASUs) if you're using the Dynatrace classic licensing.
Contact a Dynatrace product expert via live chat to activate Runtime Application Protection. After they activate Runtime Application Protection for you, proceed with enabling Runtime Application Protection.
Enable
To enable Runtime Application Protection globally on your environment
-
Go to Settings and select Application security > Application Protection > General settings.
-
Select Enable Runtime Application Protection.
-
Select Save changes.
Configure
To define the global attack control for all process groups
- Go to Settings and select Application security > Application Protection > General settings.
- Select one of the Global attack control modes:
- Off; incoming attacks NOT detected or blocked. – Monitoring is disabled; no attacks are reported.
- Monitor; incoming attacks detected only. – Monitoring is enabled; no attacks are blocked.
- Block; incoming attacks detected and blocked. – Monitoring is enabled; attacks are blocked at runtime.
If you define custom monitoring rules based on certain process groups or vulnerability types, the custom rules override the default monitoring mode, and Runtime Application Protection continues to monitor the attacks based on your rules.
- Select Save changes.
Enable OneAgent monitoring
- Go to Settings and select Preferences > OneAgent features.
- Find Java code-level attack evaluation and enable it.
- Select Details and turn on Instrumentation enabled (change needs a process restart).
- Select Save changes.
Restart your processes.
Manage attacks
After you enable Runtime Application Protection, you can start monitoring attacks, set up attack-protection rules, and create security notifications.