Runtime Vulnerability Analytics
Dynatrace Runtime Vulnerability Analytics enables you to detect, visualize, analyze, monitor, and remediate open-source and third-party vulnerabilities, as well as the security vulnerabilities in libraries and first-party code in production and pre-production environments at runtime.
Capabilities
- Automatic and continuous protection powered by Davis, the Dynatrace AI causation engine. Davis continuously watches production and pre-production environments to identify any changes in application environments (such as container dynamics, elastic scaling, multi-version deployments, runtime container updates, rollbacks, A/B tests, or blue/green deployments) and provide precise answers about the source, nature, and severity of vulnerabilities as they arise in real time. Davis automatically analyzes and prioritizes alerts.
- Continuous analysis of attack vectors to automatically track if vulnerable libraries are called and used at runtime. Dynatrace Application Security is designed to allow you to identify the most relevant vulnerabilities and reduce false positives with Smartscape real-time topology mapping and distributed tracing with PurePath® code-level analysis.
- Runtime introspection approach in combination with Snyk and NVD, for automatic vulnerability detection at runtime. Even if security checks aren't integrated into the pipelines across all teams, or if they're deliberately bypassed, Dynatrace can detect what’s running and pinpoint vulnerabilities instantly by automatically opening a vulnerability when one is detected, and close it when the root cause (for example, loading a vulnerable library) is no longer present.
- Full coverage across production rollbacks and outdated releases, feature flags, and deployment patterns (canary, blue/green).
- Efficient management of vulnerabilities where a fix hasn't been effective, such as if a vulnerability is accidentally reintroduced during a rollback, or if updates haven't been applied correctly.
- Precise and automatic risk and impact assessment, with risks prioritized by data access path and actual production execution. From hundreds or thousands of open vulnerabilities, Dynatrace Application Security is designed to pinpoint those that need immediate investigation. It automatically analyzes data access paths and production execution to provide a more precise risk and impact assessment.
Latest Dynatrace
Vulnerabilities
Get a prioritized overview of vulnerabilities in your applications and across your cloud stack to address critical issues and optimize remediation.
DevSecOps Lifecycle Coverage with Snyk
Monitor your container security coverage across the DevSecOps lifecycle.
Runtime Vulnerability Analytics overview
Get started
Set up Dynatrace Runtime Vulnerability Analytics to start monitoring the third-party and code-level vulnerabilities in your environment.
Security overview
Get an overview of the vulnerabilities, host coverage, and affected process groups in your environment.
Third-party vulnerabilities
Monitor open-source and third-party vulnerabilities in your environment.
Code-level vulnerabilities
Monitor the code-level vulnerabilities in libraries and first-party code.
Security notifications
Pass security issues to your teams for alerting and remediation purposes.
Metrics Classic
View available metrics for Runtime Vulnerability Analytics.