Security Posture Management

Latest Dynatrace Early Adopter

Dynatrace Security Posture Management (SPM) enables you to assess, manage, and take action on misconfigurations and violations against security hardening guidelines and regulatory compliance standards.

Dynatrace Kubernetes Security Posture Management (KSPM) enables you to detect, analyze, and monitor misconfigurations, security hardening guidelines, and potential compliance violations across your Kubernetes deployment.

Dynatrace Platform Subscription

Supported compliance standards and technologies

A compliance standard groups together security, configuration, and process requirements often following already established ICT Security guidelines and best practices. Adhering to these can help organizations maintain regulatory required levels of security hardening and minimize the risk of exposure across the organization.

Dynatrace Security Posture Management supports the following standards and technologies (more coming soon).

Compliance standards

Minimum Kubernetes¹ version

CIS²

1.28

DORA

1.26

NIST

1.26

STIG

1.26

Support is limited to compatibility with upstream Kubernetes and available for x86-64 CPU architectures only.

Only CIS v1.10 is supported.

Center for Internet Security (CIS)

Center for Internet Security (CIS) publishes the CIS Critical Security Controls (CSC) to help organizations achieve greater overall cybersecurity defense. These controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. A principal benefit of the controls is that they prioritize and focus a smaller number of actions with high pay-off results.

Digital Operational Resilience Act (DORA)

Digital Operational Resilience Act (DORA) is a major piece of European Union legislation (Regulation (EU) 2022/2554). DORA aims to enhance the resilience of digital operations and protect the integrity of the financial market infrastructure in the European Union. Compliance with DORA is a pathway to creating a more secure and reliable digital environment within financial institutions. The act impacts day-to-day operations, security protocols, and compliance measures. DORA takes effect on January 17, 2025.

National Institute of Standards and Technology (NIST)

National Institute of Standards and Technology (NIST) publishes the NIST SP 800-53 Rev.5, which offers security and privacy controls for information systems and organizations. Per the Office of Management and Budget (OMB), the NIST standards and policies are mandatory for all non-national security systems run by federal agencies in the USA.

Security Technical Implementation Guides (STIG)

Security Technical Implementation Guides (STIGs) are based on the standards of the Department of Defense (DoD). DISA STIG guidelines are often used as a baseline in other sectors or segments to ensure compliance with the standards and access to the DoD networks. All organizations must meet the DISA STIG security standards before accessing and operating on DoD networks.

Security Posture Management:
- Automated assessments against supported compliance standards, allowing you to manage and report on the most critical findings
- Continuous analysis and evidence creation for internal and external auditing purposes
Kubernetes Security Posture Management:
- Provides in-depth insights into the security posture of your Kubernetes environments.
- Monitors against regulatory security and compliance standards such as Security Technical Implementation Guide (STIG), Digital Operational Resilience Act (DORA), National Institute of Standards and Technology (NIST), and Center for Internet Security (CIS).
- Analyzes the Kubernetes environment from the cluster to the nodes and pods against regulatory requirements.
- Provides actionable findings that allow you to
  - Prioritize compliance efforts
  - Create audit evidence and reporting for auditors and internal security and compliance teams

Security Posture Management is licensed based on the consumption of host-hour and requires the Dynatrace Platform Subscription.

Get started with Security Posture Management

Contact a Dynatrace product expert via live chat to activate Security Posture Management.

For deployment instructions, see Kubernetes Security Posture Management.

How KSPM works

Dynatrace ingests configuration data from your clusters and workloads into Grail, where it's formatted into compliance events according to the Semantic Dictionary conventions.

The mechanism is described below.

Diagram showing how Security Posture Management works on Kubernetes

Once you enable Dynatrace Kubernetes Node Configuration Collector in Dynatrace Operator, it's deployed as a DaemonSet on your monitored cluster's nodes to collect cluster and workload configuration data.

Node Configuration Collector collects data from the cluster nodes.
- Frequency: every minute
ActiveGate collects data from the Kubernetes API.
- Frequency: every hour

ActiveGate processes all data received from the nodes and Kubernetes API and sends it to the Dynatrace Cluster.

The cluster and workload configuration data is mapped as compliance events according to the Semantic Dictionary and stored in the default_security_events bucket (for details, see Built-in Grail buckets).

Once data is ingested into Grail, you can analyze your clusters' security posture and evaluate your compliance with industry standards. For details, see What's next.

Stay on top of your security measures, policies, and practices with the Security Posture Management xSPM app.

Stay compliant with Security Posture Management

For a list of frequently asked questions regarding Security Posture Management, see FAQ.

What's next

Detect, manage, and take action on security and compliance findings with Security Posture Management .
Query compliance events with Security Investigator or Notebooks .
- For a list of DQL examples based on compliance events that you can use for further investigation or reporting, see Query compliance events.

Try the Security Posture Management xSPM app and share your feedback to help us improve.

Security Posture Management

Supported compliance standards and technologies

Center for Internet Security (CIS)

Digital Operational Resilience Act (DORA)

National Institute of Standards and Technology (NIST)

Security Technical Implementation Guides (STIG)

Get started with Security Posture Management

Activate Security Posture Management

Deploy Kubernetes Security Posture Management

How KSPM works

KSPM is configured by Dynatrace Operator to collect data

Data is collected

Data is sent to the Dynatrace Cluster

Data is mapped

Compliance results are ready to use

What's next

Security Posture Management

Supported compliance standards and technologies

Center for Internet Security (CIS)

Digital Operational Resilience Act (DORA)

National Institute of Standards and Technology (NIST)

Security Technical Implementation Guides (STIG)

Get started with Security Posture Management

Activate Security Posture Management

Deploy Kubernetes Security Posture Management

How KSPM works

KSPM is configured by Dynatrace Operator to collect data

Data is collected

Data is sent to the Dynatrace Cluster

Data is mapped

Compliance results are ready to use

What's next

Related topics