Application Security overview

After you activate Application Security, assign permissions, and enable and configure Dynatrace Runtime Vulnerability Analytics, Dynatrace starts monitoring your applications to detect vulnerabilities. Go to Security Overview for an overview of vulnerabilities in your global environment.

For security reasons, access to this page is restricted to users who are part of the Security admin group for the whole environment, not just for a selected set of management zones.

The Application Security overview page displays the following information.

Vulnerability count

infographic of vulnerabilities in your environment

The infographic at the top of the page is based on calculations that take place every 15 minutes and shows

In the foreground, the total count of the most severe open vulnerabilities in your environment (26 critical in the example above).
Third-party vulnerabilities: The number of the most severe open critical third-party vulnerabilities (21 critical in the example above). Select it to go to Third-Party Vulnerabilities filtered by the highest risk level and the open status.

This feature isn't displayed if third-party vulnerability detection is disabled.
Code-level vulnerabilities:
- The number of open code-level vulnerabilities (5 critical in the example above). Select it to go to Code-Level Vulnerabilities filtered by the open status.
  
  This feature isn't displayed if code-level vulnerability detection is disabled.
- The total number of attacks—exploited, blocked, and allowlisted (2,765 attacks in the example above)—that occurred over the last 30 days. Select it to go to the unfiltered Attacks.
  
  This feature isn't displayed if Application Protection isn't activated and enabled.

Risk level

Vulnerabilities

Host coverage

The Host coverage section shows the coverage of hosts on which vulnerability detection is enabled, based on your settings. This helps you determine where there are coverage gaps and how this can relate to the current number of open vulnerabilities in your environment.

Related resources:

Affected process groups

affected-pg-security-overview

The Affected process groups section shows the top five process groups affected by third-party vulnerabilities, sorted by

The severity of the vulnerabilities affecting the process group.
The number of vulnerabilities affecting the process group.

This section isn't displayed if third-party vulnerability detection is disabled.

The following information is provided.

The name of the process group with a link to the associated process group details page.
The corresponding technology.
The number of vulnerabilities affecting that process group out of the total number of vulnerabilities related to it.

For deeper insights, see Manage third-party vulnerabilities.

Technology coverage

Frequently asked questions

On the risk-level chart, how many third-party vulnerabilities are counted in one day if their risk level changes several times that day (for example, from Medium to High, and back to Medium again)?
- The vulnerability is counted twice, once for Medium and once for High.
On the risk-level chart, how many third-party vulnerabilities are counted in one day if the affected process is restarted several times that day, but the vulnerability risk level stays the same (for example, Medium)?
- The vulnerability is counted one time, as Medium.