Settings API - Vulnerability Analytics- General settings schema table

Vulnerability Analytics: General settings (builtin:appsec.runtime-vulnerability-detection)

Automated Runtime Vulnerability Analytics helps you quickly and completely understand each detected vulnerability in your environment and how to remediate it, allowing you to prioritize which vulnerabilities to fix first. Note: Enabling Third-party or Code-level Vulnerability Analytics consumes Application Security units. For details, see the Application Security Monitoring documentation.

Schema ID
Schema groups
Scope
builtin:appsec.runtime-vulnerability-detection
  • group:appsec.vulnerability-analytics
  • group:appsec
environment
GETManagedhttps://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection
SaaShttps://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection
Environment ActiveGatehttps://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:appsec.runtime-vulnerability-detection

Authentication

To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

Property
Type
Description
Required
Enable Third-party Vulnerability Analytics
enableRuntimeVulnerabilityDetection
boolean
-
required
Global third-party vulnerability detection control
globalMonitoringModeTPV
enum

Global third-party vulnerability detection control defines the default for all processes.

  • MONITORING_OFF
  • MONITORING_ON
required
Technologies
technologies

Vulnerability Analytics can be enabled/disabled per supported technology.

required
Enable Code-level Vulnerability Analytics
enableCodeLevelVulnerabilityDetection
boolean
-
required
Global Java code-level vulnerability detection control
globalMonitoringModeJava
enum

Global Java code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain processes.

Code-level vulnerability detection for Java has been recently released as early access version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature "Java code-level vulnerability evaluation" to get started.

  • MONITORING_OFF
  • MONITORING_ON
required
Global .NET code-level vulnerability detection control
globalMonitoringModeDotNet
enum

Global .NET code-level vulnerability detection control defines the default for all process groups. You can use monitoring rules to override the default for certain processes.

Code-level vulnerability detection for .NET has been recently released as a preview version. It has been designed to carry a production-ready performance footprint. The overhead is depending on your application, but should be negligible in most cases. You have to enable the OneAgent feature ".NET code-level vulnerability evaluation" to get started.

  • MONITORING_OFF
  • MONITORING_ON
required
The Technology object
Property
Type
Description
Required
.NET
enableDotNet
boolean
-
required
.NET runtimes
enableDotNetRuntime
boolean
-
required
Go
enableGo
boolean
-
required
Java
enableJava
boolean
-
required
Java runtimes
enableJavaRuntime
boolean
-
required
Kubernetes
enableKubernetes
boolean
-
required
Node.js
enableNodeJs
boolean
-
required
Node.js runtimes
enableNodeJsRuntime
boolean
-
required
PHP
enablePhp
boolean
-
required