Application Security

Discover how Dynatrace can help you strengthen your applications' security:

Any supported version of Dynatrace. Review the release notes for currently supported versions.

Dynatrace detects third-party vulnerabilities in the following technologies.

Technology
Minimum OneAgent version
Go
1.245
Java1
1.221
Java runtimes
1.253
Kubernetes
1.219
.NET
1.233
.NET runtimes
1.255
Node.js2
1.231
Node.js runtimes
1.253
PHP
1.231
1

Java on z/OS is currently not supported.

2

Using Webpack or other bundlers might have an impact on automatic vulnerability detection. This is because the software components cannot be detected, as they are hidden behind the bundler configuration and not available at runtime. Only packages that are deployed as external packages can be detected and reported. For details, see Node.js: Limitations.

Dynatrace Application Security is licensed based on the consumption of GiB-hours if you're using the Dynatrace Platform Subscription (DPS) licensing model, or Application Security units (ASUs) if you're using the Dynatrace classic licensing.

To get started with Dynatrace Application Security, follow the instructions below.

To activate Application Security, contact a Dynatrace product expert via live chat.

You need to assign the Security admin group to users who will be allowed to view and manage

To assign Security admin permission

  1. Go to Account Management > Identity & access management > People. You have the following options.

To add an existing user to the group

  1. Under Actions, select > Edit user for the user you want to add.
  2. Select Security admin, then select Save.

For more information on user permissions, see Manage user groups and permissions.

optional

By default, once you enable the Security admin group, users can both view and manage vulnerabilities. To restrict the access level to view-only for specific users, so they can view vulnerabilities but not manage them (cannot change their status), you have two options:

To restrict the access of an existing group at the environment or management zone level

  1. Go to Account Management > Identity & access management > Groups.
  2. Filter for Security admin and then, under Actions, select > View group.
  3. For the Permissions section, select Edit. You have the following options.
  1. Select Environment permissions.
  2. Select your environment, then clear Manage security problems and select View security problems.
  3. Select Save.
  1. Select Management zone permissions.
  2. Filter for and select the management zone you want.
  3. Clear Manage security problems and select View security problems.
  4. Select Save.