Settings API - Vulnerability Analytics- General settings schema table
Vulnerability Analytics: General settings (builtin:appsec.runtime-vulnerability-detection)
Automated Runtime Vulnerability Analytics helps you quickly and completely understand each detected vulnerability in your environment and how to remediate it, allowing you to prioritize which vulnerabilities to fix first. Note: Enabling Third-party or Code-level Vulnerability Analytics consumes Application Security units. For details, see the Application Security Monitoring documentation.
| Schema ID | Schema groups | Scope |
|---|---|---|
builtin:appsec.runtime-vulnerability-detection |
| environment |
| GET | Managed | https://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection |
| SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection | |
| Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection |
Authentication
To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.
Parameters
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| enableRuntimeVulnerabilityDetection | Enable Third-party Vulnerability Analytics | boolean | - | required |
| technologies | Technologies | Technology | Vulnerability Analytics can be enabled/disabled per supported technology. | required |
| enableCodeLevelVulnerabilityDetection | Enable Code-level Vulnerability Analytics | boolean | - | required |
| globalMonitoringModeJava | Global Java code-level vulnerability detection control | enum | Global Java code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain process groups. Code-level vulnerability detection for Java has been recently released as early access version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature "Java code-level vulnerability evaluation" to get started. | required |
Request body objects
The Technology object
| Property | Label | Type | Description | Required |
|---|---|---|---|---|
| enableDotNet | .NET | boolean | - | required |
| enableDotNetRuntime | .NET runtimes | boolean | - | required |
| enableGo | Go | boolean | - | required |
| enableJava | Java | boolean | - | required |
| enableJavaRuntime | Java runtimes | boolean | - | required |
| enableKubernetes | Kubernetes | boolean | - | required |
| enableNodeJs | Node.js | boolean | - | required |
| enableNodeJsRuntime | Node.js runtimes | boolean | - | required |
| enablePhp | PHP | boolean | - | required |