For security reasons, access to this page is restricted to users who are part of the Security admin group for the whole environment, not just for a selected set of management zones.
The Application Security overview page displays the following information.
The infographic at the top of the page is based on calculations that take place every 15 minutes and shows
In the foreground, the total count of the most severe open vulnerabilities in your environment (26 critical in the example above).
Third-party vulnerabilities: The number of the most severe open critical third-party vulnerabilities (21 critical in the example above). Select it to go to Third-Party Vulnerabilities filtered by the highest risk level and the open status.
The number of open code-level vulnerabilities (5 critical in the example above). Select it to go to Code-Level Vulnerabilities filtered by the open status.
The total number of attacks—exploited, blocked, and allowlisted (2,765 attacks in the example above)—that occurred over the last 30 days. Select it to go to the unfiltered Attacks.
Currently open vulnerabilities: The number of third-party vulnerabilities currently open, grouped by risk level (21 Critical, 151 High, 247 Medium, 53 Low in the example above). Select any group to go to Third-Party Vulnerabilities filtered by the respective risk level and open state.
Vulnerability evolution over time: The maximum value of the day for vulnerabilities in your global environment, over the last 30 days, split by risk level. To refine the chart by risk level, select chart legend entries.
Vulnerabilities are constantly reassessed and may change their risk level over time. For details, see Frequently asked questions.
Select View all third-party vulnerabilities to go to the unfiltered list of third-party vulnerabilities in your environment.
The Risk level section shows a chart of code-level vulnerabilities by risk level (critical).
Currently open vulnerabilities: The number of critical code-level vulnerabilities currently open, grouped by risk level (5 Critical in the example above).
Vulnerability evolution over time: The maximum value of the day for vulnerabilities in your global environment, over the last 30 days.
Select View all code-level vulnerabilities to go to the unfiltered list of code-level vulnerabilities in your environment.
Vulnerabilities
The Vulnerabilities section shows a chart of third-party vulnerabilities in your global environment by status (resolved, open, muted(open)), over the last 30 days. You can see when a vulnerability was opened, reopened, resolved, or muted. To refine the chart by risk level, select chart legend entries.
Select View all third-party vulnerabilities to go to the unfiltered list of third-party vulnerabilities in your environment.
The Vulnerabilities section shows a chart of code-level vulnerabilities in your global environment by status (resolved, open, muted(open)), over the last 30 days. You can see when a vulnerability was opened, reopened, resolved, or muted. To refine the chart by risk level, select chart legend entries.
Select View all code-level vulnerabilities to go to the unfiltered list of code-level vulnerabilities in your environment.
Host coverage
The Host coverage section shows the coverage of hosts on which vulnerability detection is enabled, based on your settings. This helps you determine where there are coverage gaps and how this can relate to the current number of open vulnerabilities in your environment.
The number and percentage of supported hosts from the total number of hosts in your environment. For example, if the total number of hosts is 1,755 hosts, and, from this amount, only 1,398 hosts are supported, then the remaining 357 hosts belong to technologies that are not supported by Dynatrace.
In the foreground, the number of hosts that are excluded from monitoring by monitoring rules. To improve the coverage gaps, you need to decrease this number. For details, see How to increase host coverage.
Supported hosts: All hosts with supported technologies in your environment, regardless of their monitoring status (comprises the monitored and excludes hosts). Select Supported hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by supported hosts.
Monitored hosts: The supported hosts in your environment on which Third-Party Vulnerability Analytics is enabled, and that are not excluded from monitoring by monitoring rules. Also displayed is the percentage of monitored hosts from the total number of supported hosts. Select Monitored hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by monitored hosts.
Excluded hosts: The number of supported hosts on which Third-Party Vulnerability Analytics is enabled, but that are excluded from monitoring by monitoring rules or by having a relevant technology disabled. Also displayed is the percentage of excluded hosts from the total of supported hosts. Select Excluded hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by excluded hosts.
The number and percentage of supported hosts from the total number of hosts in your environment. For example, if the total number of hosts is 65 hosts, and, from this amount, only 24 hosts are supported, then the remaining 41 hosts belong to technologies that are not supported by Dynatrace.
In the foreground, the number of hosts that are excluded from monitoring by monitoring rules. To improve the coverage gaps, you need to decrease this number. For details, see How to increase host coverage.
Supported hosts: All hosts with supported technologies in your environment, regardless of their monitoring status (comprises the monitored and excludes hosts). Select Supported hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by supported hosts.
Monitored hosts: The supported hosts in your environment on which Code-level Vulnerability Analytics is enabled and the global code-level vulnerability detection control is set to Monitor for at least one supported technology, and that are not excluded from monitoring by monitoring rules. Also displayed is the percentage of monitored hosts from the total of supported hosts. Select Monitored hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by monitored hosts.
Excluded hosts: The number of supported hosts on which Code-level Vulnerability Analytics is enabled but that are excluded from monitoring by monitoring rules or by having the global code-level vulnerability detection control set to Do not monitor for all supported technologies. Also displayed is the percentage of excluded hosts from the total of supported hosts. Select Excluded hosts to go to Hosts or Hosts Classic (latest Dynatrace) filtered by excluded hosts.
Use case: Gain an overview of the third-party vulnerability coverage by technology to determine which technologies have the most affected entities and which process groups or nodes (in the case of Kubernetes vulnerabilities) are the most vulnerable.
A table listing the supported technologies for third-party vulnerabilities, their monitoring status (enabled or disabled), the monitored entities (process groups or, in the case of Kubernetes vulnerabilities, nodes), and the number and percentage of affected entities from the total number of monitored entities.
A chart of the affected entity evolution by technology over the last 30 days. Hover over the data for details. To refine the chart by technology, select chart legend entries.
To increase technology coverage for third-party vulnerabilities
In your monitoring rules, look for entities that are excluded from monitoring and adapt these rules if you want the respective entities to be monitored.
Use case: Gain an overview of the code-level vulnerability coverage by technology to determine which technologies have the most affected entities and which process groups are the most vulnerable.
A table listing the supported technologies for code-level vulnerabilities, their monitoring status (enabled or disabled), the monitored entities (process groups), and the number and percentage of affected entities from the total number of monitored entities.
A chart of the affected entity evolution by technology over the last 30 days. Hover over the data for details.
To increase technology coverage for code-level vulnerabilities
In your monitoring rules, look for process groups that are excluded from monitoring and adapt these rules.
Frequently asked questions
On the risk-level chart, how many third-party vulnerabilities are counted in one day if their risk level changes several times that day (for example, from Medium to High, and back to Medium again)?
The vulnerability is counted twice, once for Medium and once for High.
On the risk-level chart, how many third-party vulnerabilities are counted in one day if the affected process is restarted several times that day, but the vulnerability risk level stays the same (for example, Medium)?
