Get started with Runtime Application Protection

After setting up Application Security, you can get started with Dynatrace Runtime Application Protection.

Set up Runtime Application Protection

OneAgent version 1.241

Set up Runtime Application Protection to start monitoring attacks.

Step 1

Activate

Step 2

Enable

Step 3

Configure

Step 4

Enable OneAgent monitoring

Step 1 Activate

Dynatrace Runtime Application Protection is licensed based on the consumption of GiB-hours if you're using the Dynatrace Platform Subscription (DPS) licensing model, or Application Security units (ASUs) if you're using the Dynatrace classic licensing.

Contact a Dynatrace product expert via live chat to activate Runtime Application Protection. After they activate Runtime Application Protection for you, proceed with enabling Runtime Application Protection.

Step 2 Enable

To enable Runtime Application Protection globally on your environment

  1. Go to Settings and select Application security > Application Protection > General settings.

  2. Select Enable Runtime Application Protection.

  3. Select Save changes.

Step 3 Configure

To define the global attack control for all process groups

  1. Go to Settings and select Application security > Application Protection > General settings.
  2. Under Define global incoming attack control, select the desired mode per technology:
    • Off; incoming attacks NOT detected or blocked. – Monitoring is disabled; no attacks in the selected technology are reported.
    • Monitor; incoming attacks detected only. – Monitoring is enabled; no attacks in the selected technology are blocked.
    • Block; incoming attacks detected and blocked. – Monitoring is enabled; attacks in the selected technology are blocked at runtime.

If you define custom monitoring rules based on certain process groups or vulnerability types, the custom rules override the global attack control for the selected technology, and Runtime Application Protection continues to monitor the attacks based on your rules.

  1. Select Save changes.

Step 4 Enable OneAgent monitoring

  1. Go to Settings and select Preferences > OneAgent features.
  2. Filter by code-level attack evaluation and enable the feature for the technologies you want to monitor.
  3. Select Details and turn on Instrumentation enabled (change needs a process restart) for the respective technologies.
  4. Select Save changes.
  5. Restart your processes.

Manage attacks

After you enable Runtime Application Protection, you can start monitoring attacks, set up attack-protection rules, and create security notifications.

FAQ

Related topics