Security Posture Management

Latest Dynatrace
App

About the app

What you'll learn

Review the Security Posture Management coverage of your systems at a glance.
Search for relevant information to resolve security and compliance findings efficiently.
Drill into results for insights on how to fix misconfigurations and noncompliance.
Convert results into a DQL query or download them as CSV and share them with others.

Target audience

xSPM Security Posture Management is dedicated to Security Ops Engineers, DevOps, DevSecOps, and Site Reliability Engineers (SREs).

Key use cases include:

Gaining immediate insight into the overall security posture of your monitored environment
Detecting and addressing security issues and misconfigurations easily
Receiving actionable guidance for findings
Ensuring your environment is configured securely and efficiently
Enhancing the overall system reliability
Maintaining continuous compliance with security standards

Prerequisites

Review the supported compliance standards and technologies.
To take full advantage of the Security Posture Management functionality, you need to deploy Kubernetes Security Posture Management.
Permissions: For a list of permissions required, go to Hub, select Security Posture Management, and display Technical information.
Prior knowledge: Understand Kubernetes.

Get started

xSPM Security Posture Management is designed to empower organizations with visibility, control, and compliance over their environment. It provides a high-level report on the compliance posture across the selected compliance standards.

The Overview page shows a high-level information about the security compliance state in your environment.

The Assessment results page provides a compliance view of all evaluated rules from the supported security standards. The available filters allow for a quick selection based on environment, result state, severity, and others.

Assessed resources from your environment are marked as 'Passed' when no misconfigurations are discovered in the context of a given rule.

Assessed resources from your environment are marked as 'Failed' when misconfigurations are discovered in the context of a given rule. The Rule assessment section contains details about the relevant configuration properties.

1 of 4

To get started, follow the steps below.

1. Install app

In Dynatrace, open Hub.
Look for Security Posture Management and select Install.

2. Configure SPM coverage

Optional

You can configure which of your systems (or clusters, in the case of Kubernetes Security Posture Management) monitored by Dynatrace is covered by Security Posture Management.

Open Security Posture Management.
On the Overview page, in the My systems table, enable or disable the desired systems.

Systems that aren't covered by Security Posture Management are labeled Not enabled.
To enable coverage for a system
For the desired system, select Enable SPM.
On the Settings page that opens, turn on Enable Security Posture Management.
To disable coverage for a system
For the desired system, select Settings .
On the Settings page that opens, turn off Enable Security Posture Management.

3. Configure assessment scope

Optional

Kubernetes Security Posture Management (KSPM)

The CIS standard is enabled by default in the assessment of your Kubernetes environment and cannot be disabled. However, you can configure which of the other supported compliance standards (DORA, NIST, and DISA STIG) are to be included in future assessments.

To configure the assessment scope

Open the settings menu on the upper-right corner of Security Posture Management.
Enable or disable the desired standards.

Alternatively, you can enable or disable standards directly from Settings:

Go to Settings > Analyze and alert > Application Security > Security Posture Management.
Enable or disable the desired standards.

Dynatrace assesses data received from your systems and searches for misconfigurations against the supported compliance standards. Results are reported in the app.

Try xSPM Security Posture Management and share your feedback to help us improve.