Visualize and analyze security findings
- Latest Dynatrace
- Tutorial
- Published Aug 30, 2024
Organizations use multiple security products and tools that generate security findings in various data formats. Accessing the data in a siloed approach makes the life of security analysts hard, as they must spend a lot of manual effort generating a combined security posture picture.
In this context, you can
-
Ingest security findings from your security tools and map them to the Dynatrace Semantic Dictionary, which makes events from different tools uniformly accessible with DQL.
-
View and analyze security findings across products and tools with our dashboards, which can also be a good foundation for tailoring further visual customization to meet your organization's posture analysis and reporting requirements.
-
Query ingested data in our dedicated apps.
Target audience
Security analysts and managers responsible for analyzing and reporting the organization's security posture.
Key use cases include:
- Gaining a unified view of all the security findings
- Prioritizing security findings across products
- Identifying top affected assets
Prerequisites
Ingest security findings from your third-party product.
Get started
-
Download our sample dashboard from GitHub.
For vulnerability findings, download this sample dashboard instead.
For some integrations, such as Amazon ECR or AWS Security Hub, dashboard samples are available in the app in the Try our templates section (go to Settings (new) > Connections and select the app).
-
Open Dashboards, select
Upload, then select the downloaded file.
Example result:
Open Notebooks or Security Investigator 
to query ingested data, using the data format in Semantic Dictionary.
For a better understanding of how to build your queries, see DQL query examples for ingested events.