Organizations use multiple security products and tools that generate security findings in various data formats. Accessing the data in a siloed approach makes the life of security analysts hard, as they must spend a lot of manual effort generating a combined security posture picture.
In this context, you can
Ingest security findings from your security tools and map them to the Dynatrace Semantic Dictionary, which makes events from different tools uniformly accessible with DQL.
View and analyze security findings across products and tools with our dashboards, which can also be a good foundation for tailoring further visual customization to meet your organization's posture analysis and reporting requirements.
Query ingested data in our dedicated apps.
Security analysts and managers responsible for analyzing and reporting the organization's security posture.
Key use cases include:
Ingest security findings from your third-party product.
Download our sample dashboard from GitHub.
For vulnerability findings, download this sample dashboard instead.
For some integrations, such as Amazon ECR or AWS Security Hub, dashboard samples are available in the app in the Try our templates section (go to Settings (new) > Connections and select the app).
Open Dashboards, select Upload, then select the downloaded file.
Example result:
Open Notebooks or Security Investigator to query ingested data, using the data format in Semantic Dictionary.
For a better understanding of how to build your queries, see DQL query examples for ingested events.