In the following, you'll learn how to manage remediation of entities affected by or related to a vulnerability. You can
Third-party vulnerabilities
For vulnerabilities based on the Snyk feed, a fix recommendation is displayed if one is available. It consists of a library upgrade suggestion to solve the vulnerability.
On the Prioritization page, select a vulnerability title.
On the details page of the vulnerability, look for Fix recommendation.
Make sure to restart processes after upgrading a library.
You can add links to tickets created in your issue tracking system for affected entities.
Adding a tracking link allows you to
You can easily check, for example, if someone is already working on fixing the vulnerability.
You can add, edit, or delete tracking links individually or in bulk.
In the vulnerability details, select View all process groups/View all Kubernetes nodes to navigate to the process group/Kubernetes node overview page related to the vulnerability.
You have the following options:
To add a tracking link, select Set link for the desired entity.
To edit or delete a link, select next to the tracking link for the desired entity, and then select Update tracking link / Delete tracking link.
To fix vulnerabilities you need to find the root cause. You can examine
Third-party vulnerabilities
There are several ways to see information about the vulnerable component:
In the Vulnerable components section, you can get information about the name and description of the libraries containing the identified vulnerability and the number of affected processes.
Why is a fixed vulnerability still showing as open.
To learn more about vulnerable components, see Concepts: Vulnerable component.
To understand how Dynatrace evaluates vulnerable components, see Vulnerability evaluation: Third-party vulnerabilities.
Code-level vulnerabilities
In Entry points you can determine in which ways a vulnerability could be exploited.
If the same vulnerability is reachable by multiple HTTP paths, multiple entry point entries are listed. To save memory and network traffic, a limited number of entries is displayed.
If a code-level vulnerability is resolved or is about to be resolved in the next 30 minutes, the entry points are no longer open (vulnerable).
To learn more about entry points, see Concepts: Entry points.
Code-level vulnerabilities
In Code location you can see the location where the vulnerable function is called from.
You have two options to navigate there.
You can change the mute status of affected entities according to your findings and needs. For example, you can set the status of an affected entity to Mute
if you wish to ignore the vulnerability for this particular entity:
Muting all affected entities of a vulnerability sets the vulnerability status to Muted (Open)
. For details, see Vulnerability status.
You can change the status of affected entities individually or in bulk.