Settings API - Vulnerability Analytics- General settings schema table
Vulnerability Analytics: General settings (builtin:appsec.runtime-vulnerability-detection)
Automated Runtime Vulnerability Analytics helps you quickly and completely understand each detected vulnerability in your environment and how to remediate it, allowing you to prioritize which vulnerabilities to fix first. Note: Enabling Third-party or Code-level Vulnerability Analytics consumes Application Security units. For details, see the Application Security Monitoring documentation.
| Schema ID | Schema groups | Scope |
|---|---|---|
builtin:appsec.runtime-vulnerability-detection |
| environment |
| GET | Managed | https://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection |
| SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection | |
| Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection |
Authentication
To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.
Parameters
| Property | Type | Description | Required |
|---|---|---|---|
Enable Third-party Vulnerability AnalyticsenableRuntimeVulnerabilityDetection | boolean | - | required |
Global third-party vulnerability detection controlglobalMonitoringModeTPV | enum | Global third-party vulnerability detection control defines the default for all processes.
| required |
Technologiestechnologies | Technology | Vulnerability Analytics can be enabled/disabled per supported technology. | required |
Enable Code-level Vulnerability AnalyticsenableCodeLevelVulnerabilityDetection | boolean | - | required |
Global Java code-level vulnerability detection controlglobalMonitoringModeJava | enum | Global Java code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain process groups. Code-level vulnerability detection for Java has been recently released as early access version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature "Java code-level vulnerability evaluation" to get started.
| required |
Global .NET code-level vulnerability detection controlglobalMonitoringModeDotNet | enum | Global .NET code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain process groups. Code-level vulnerability detection for .NET has been recently released as a preview version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature ".NET code-level vulnerability evaluation" to get started.
| optional |
The Technology object
| Property | Type | Description | Required |
|---|---|---|---|
.NETenableDotNet | boolean | - | required |
.NET runtimesenableDotNetRuntime | boolean | - | required |
GoenableGo | boolean | - | required |
JavaenableJava | boolean | - | required |
Java runtimesenableJavaRuntime | boolean | - | required |
KubernetesenableKubernetes | boolean | - | required |
Node.jsenableNodeJs | boolean | - | required |
Node.js runtimesenableNodeJsRuntime | boolean | - | required |
PHPenablePhp | boolean | - | required |