Activate Application Security

To get started with Dynatrace Application Security, follow the instructions below.

Prerequisites

  • OneAgent version 1.239+

  • Any supported version of Dynatrace. Review the Release notes for currently supported versions.

Supported technologies

Activate Application Security

Dynatrace Application Security is licensed based on the consumption of GiB-hours if you're using the Dynatrace Platform Subscription (DPS) licensing model, or Application Security units (ASUs) if you're using the Dynatrace classic licensing. If you’re already a Dynatrace customer and you want to activate Application Security, contact a Dynatrace product expert via live chat. Our DevOps team will evaluate your environment and then activate Application Security.

To activate Application Security for the Security Posture Management functionality, you need the Dynatrace Platform Subscription (DPS) licensing model.

Assign permissions

You need to assign the Security admin group to users who will be allowed to view and manage

To assign Security admin permission

  1. Go to Account Management > Identity & access management > People.

For more information on user permissions, see Manage user groups and permissions.

Once you have completed these steps, you can enable Runtime Vulnerability Analytics and/or Runtime Application Protection.

Fine-tune permissions optional

Dynatrace version 1.268+

By default, once you enable the Security admin group, users can both view and manage vulnerabilities. To restrict the access level to view-only for specific users, so they can view vulnerabilities but not manage them (cannot change their status), you have two options:

Restrict access to an existing group

To restrict the access of an existing group at the environment or management zone level

  1. Go to Account Management > Identity & access management > Groups.
  2. Filter for Security admin and then, under Actions, select > View group.
  3. For the Permissions section, select Edit.

Create a new group with restricted access

To create a new group with restricted access at the environment or management zone level

  1. Go to Account Management > Identity & access management > Groups.
  2. Select Create group.
  3. Enter a name and a description for the group, and then select Next.