Visualize and analyze security findings

  • Latest Dynatrace
  • Tutorial
  • Page has not been published yet

Organizations use multiple security products and tools that generate security findings in various data formats. Accessing the data in a siloed approach makes the life of security analysts hard, as they must spend a lot of manual effort generating a combined security posture picture.

In this context, you can

  • Ingest security findings from your security tools and map them to the Dynatrace Semantic Dictionary, which makes events from different tools uniformly accessible with DQL.

  • View and analyze security findings across products and tools with our dashboards, which can also be a good foundation for tailoring further visual customization to meet your organization's posture analysis and reporting requirements.

  • Query ingested data in our dedicated apps.

Target audience

Security analysts and managers responsible for analyzing and reporting the organization's security posture.

Key use cases include:

  • Gaining a unified view of all the security findings
  • Prioritizing security findings across products
  • Identifying top affected assets

Prerequisites

Ingest security findings from your third-party product.

Get started

  1. Download our sample dashboard from GitHub.

    For vulnerability findings, download this sample dashboard instead.

    For some integrations, such as Amazon ECR or AWS Security Hub, dashboard samples are available in the app in the Try our templates section (go to Settings (new) > Connections and select the app).

  2. Open Dashboards, select Import Upload, then select the downloaded file.

Example result:

dashboard sample result

Open Notebooks or Security Investigator Security Investigator to query ingested data, using the data format in Semantic Dictionary.

For a better understanding of how to build your queries, see DQL query examples for ingested events.

Related tags
Threat Observability