Try it free

Vulnerabilities

  • Latest Dynatrace
  • App
About the app

What you'll learn

  • Filter, format, and sort to find relevant vulnerability information.
  • Prioritize vulnerabilities based on Dynatrace Security Score, Dynatrace Assessment, affected and related entities, historical context, CISA KEV catalog.
  • Apply fixes, track remediation, drill down to the source of vulnerabilities, change the mute status of affected entities.
  • Interact with other apps and download results to share with others.
  • Gain insights into monitoring coverage and exposure trends with the Vulnerability coverage dashboard.

Target audience

Vulnerabilities Vulnerabilities is dedicated to devsecops engineers.

Prerequisites

  • Review the supported technologies.

  • Set up Dynatrace Runtime Vulnerability Analytics.

Permissions

An admin user needs to assign the following IAM policies to the group of users that will access the vulnerability-service:

  • Read Entities
  • Read Security Events
  • One of the following user policies: Admin User, Pro User, Standard User (for details, see Default policies).

See below for instructions.

1. Create a group

  1. In Account Management, select Identity & access management > Group management.

  2. Select Group to create the group.

    add a group
    add a group

  3. Enter a name (for example, vulnerability-service) and a description (for example, vulnerability-service group), then select Create.

2. Assign policies to the group

Once the group is created, you can view details and assign policies.

  1. Select Permission.

    assign policies
    assign policies

  2. In the drop-down menu of Permission name, select and save the three required policies, one at a time.

Once added, the three policies should be displayed in your list of permissions.

required policies
required policies
3. Add users to the group
  1. In Account Management, select Identity & access management > People.
  2. Select Invite user to invite users to the newly created group.

For details on IAM policies, see Working with policies.

Vulnerabilities Vulnerabilities detects if the applications in your Dynatrace environment use vulnerable libraries at runtime or vulnerable runtime to execute your code. It helps you prioritize based on context and impact, efficiently addressing remediation actions.

For additional visibility into monitoring coverage and exposure, see Assess coverage.

Vulnerability results table on the Prioritization pageVulnerability detailsProcess group overview related to a vulnerabilityDetails of an affected process groupFindings overview pageFinding details
1 of 6Vulnerability results table on the Prioritization page

Try Vulnerabilities Vulnerabilities and share your feedback to help us improve.

Learning modules

01Vulnerabilities concepts
  • Explanation
  • Concepts that are specific to the Dynatrace Vulnerabilities app.
02Manage results
  • How-to guide
  • Filter, format, and sort to find relevant vulnerability information.
03Address remediation
  • How-to guide
  • Address remediation and optimize remediation activities.
04Prioritize vulnerabilities
  • How-to guide
  • Prioritize third-party, code-level, and runtime vulnerabilities.
05Explore findings
  • How-to guide
  • View, filter, and analyze vulnerability findings from Dynatrace and external security tools.
06Assess coverage
  • Explanation
  • Evaluate your environment's RVA process and host coverage with the Vulnerability coverage dashboard.
07Integrate vulnerability insights across Dynatrace and external apps
  • How-to guide
  • Navigate between Dynatrace apps, share vulnerability data externally, and automate remediation workflows.

  • The runtime reckoning: How the agentic evolution is reshaping security

  • Introducing the Dynatrace Vulnerability feed: Accurate, transparent, and threat-aware

  • Introducing findings in the Vulnerabilities app: Unified, granular insights for smarter security

  • CVE-2025-55182: React2Shell Critical Vulnerability — what it is and what to do

  • Supply chain security: How to detect malicious software packages with Dynatrace

  • Prioritize vulnerabilities based on the CISA Known Exploited Vulnerabilities Catalog

  • Revolutionizing cloud security with observability context: Dynatrace Cloud Security addressing CADR

  • Empowering SREs with runtime vulnerability analytics and security posture management

  • Dynatrace launches Python Vulnerability Monitoring for enhanced customer security

  • Snyk integration for Dynatrace: Bridging development and runtime with actionable security notifications

  • Revisiting Spring4Shell: How Cloud Application Detection and Response (CADR) offers multi-layer protection

  • Discover the new Dynatrace Runtime Vulnerability Analytics experience

  • The anatomy of broken Apache Struts 2: A technical deep dive into CVE-2024-53677

Related tags
Application SecurityVulnerabilitiesVulnerabilities (Preview)