Automate and orchestrate security findings
Latest Dynatrace
Prioritization and remediation of security findings require a lot of manual effort. With so many different security tools, efficiently orchestrating the findings and focusing on the critical ones becomes impossible.
While siloed products can provide localized automation, they often generate excessive noise. This means dev teams ultimately ignore alerts and tickets, and the security posture degrades.
In this context
-
Dynatrace allows you to ingest security findings from various tools, map them to the Dynatrace semantic conventions, and then automate and orchestrate them uniformly.
-
Our workflow automation samples provide a simple and quick start, which you can further customize with the robust Workflows capabilities for your organization's orchestration processes.
Target audience
Security architects and managers who aim to streamline remediation processes and direct the development teams’ efforts towards effective remediation.
Scenario
Your organization uses multiple container image registries, such as
-
A custom third-party product with custom findings mapping
A custom third-party product is any product for which Dynatrace doesn't provide an out-of-the-box integration. For details on the integration options, see Security events ingest.
Request
You want to automatically create
-
Jira tickets to the dev teams for critical security findings
-
Notifications on Slack for critical vulnerabilities
Result
With our solution, you can periodically query for new critical container vulnerabilities and automatically receive Jira tickets or notifications on Slack for new critical vulnerability findings in your scanned container images.