Security integrations

Dynatrace provides different ways to integrate external security data from multiple third-party products into Grail and operationalize your data on the Dynatrace platform.

Ingest data

For a better understanding of the integration types, see OpenPipeline integration types for security events.

See below for the supported integrations (with instructions).

  • Ingest custom security events via API

  • Ingest Akamai security logs and events

  • Ingest Amazon ECR container vulnerability findings and scan events

  • Ingest Amazon GuardDuty security findings

  • Ingest AWS Security Hub security findings

  • Ingest Harbor vulnerability findings, scans, and audit logs

  • Ingest Microsoft Defender for Cloud security events

  • Ingest Microsoft Entra ID sign-in logs

  • Ingest vulnerability findings in OCSF format

  • Ingest Runecast Analyzer compliance findings

  • Ingest Snyk vulnerability findings, scans, and audit logs

  • Ingest Tenable vulnerability findings, scan events, and audit logs

Enrich data

See below for the supported integrations (with instructions).

  • Enrich threat observables with AbuseIPDB

  • Enrich threat observables with VirusTotal