Discover coverage gaps in security scans

Latest Dynatrace

During the Software Development Lifecycle (SDLC), multiple tools scan various artifacts as they progress through the development stages. An artifact like a container image reaches the deployment stage and eventually represents your running applications. At this point, you want to be sure the artifacts went through the proper security scanning procedures and didn't skip any essential validation.

Gaining complete visibility of the validation cycle isn't easy, as the scanning products used by different teams silo.

In this context

  • Dynatrace serves as a security platform that:

    • Aggregates the security scans for the deployed and running artifacts

    • Gives you complete visibility into the security validations those artifacts went through before reaching your production environment

    • Allows you to discover gaps in your security procedures and remediate them before they become a real risk

  • Our dashboard sample allows you to quickly visualize security scan events across the products and tools. It can also be a good foundation for tailoring further visual customization to meet your organization's posture analysis and reporting requirements.

Target audience

Security architects and managers responsible for keeping the security scan procedures aligned with the security standards.

Scenario

Your organization uses multiple container image registries, such as

Request

You want a security coverage report of the container images to determine which repositories undergo the proper scan procedures and which don't.

Result

Our solution allows you to analyze which repositories and images have been scanned and, thus, identify those that haven't been scanned.

Prerequisites

Scan events are generated in addition to the vulnerability-finding events when you set up automatic ingestion with AWS CloudFormation and also for cases when no vulnerabilities have been found during a scan.

Get started

Step 1

Visualize

Step 2

Analyze

Step 1 Visualize

  1. Download our sample dashboard from GitHub.

  2. Open Dashboards, select Import Upload, then select the downloaded file.

Example result:

scan events coverage reporting

Step 2 Analyze

Open Notebooks to query security scan events, using the data format in Semantic Dictionary.

For a better understanding of how to build your queries, see DQL query examples for ingested events.

Example analysis:

query scan events