Stay compliant with Security Posture Management
Latest Dynatrace Early Adopter
In this tutorial you will learn how Security Posture Management can help you stay compliant with the security hardening guidelines and regulatory compliance standards.
Target audience
This tutorial is dedicated to Security Ops Engineers, DevOps, DevSecOps, and Site Reliability Engineers (SREs).
Scenario
- Your organization requires following Industry best practices or regulatory requirements.
- New workloads are constantly added or removed from your environment.
Goal
-
Gain immediate insight into the overall security posture of your monitored environment.
-
Detect and address security issues and misconfigurations easily.
-
Ensure your environment is configured securely and efficiently.
-
Enhance the overall system reliability.
-
Stay compliant with security standards.
Result
-
Kubernetes clusters are actively assessed through Kubernetes Security Posture Management against regulatory compliance standards and security best practices.
-
Misconfigurations and violations against standards are continuously discovered.
Prerequisites
-
Install Security Posture Management app
- In Dynatrace, open Dynatrace Hub.
- Look for Security Posture Management and select Install.
Get started
Review results
Search for relevant information
Gather insights
Define compliance strategy
Define monitoring for compliance
Create notifications
Review results
Open Security Posture Management 
and review
- The Assessment results
- The compliance status
Search for relevant information
Use the filtering and sorting options to gather insights about problems in your environment.
Gather insights
Define which rules are relevant based on contextual insights.
Define compliance strategy
- Fix configuration issues for rules with the highest priority in a narrow context (for example, on a single cluster).
- Monitor compliance and operation for a while.
- If everything works fine, roll out the fix to other environments.
Define monitoring for compliance
There are two ways:
Use the Security Posture Management app to monitor that
- The compliance standard percentage is increasing.
- The total number of assessed resources with the
Passedresult is increasing.
For easy management and to compare results, you can download results as a CSV file.
Create notifications
Create a workflow to send an alert on your desired channel if the previously Passed rule turns into Failed.