Security Posture Management concepts

Latest Dynatrace
Concept
Published Dec 02, 2024

Results

Results are findings from Dynatrace in relation to your security and compliance posture, based on the rules of the supported compliance standards.

Rules are specific configuration and other process requirements defined in the compliance standards.

Results consist of

Rules that were assessed automatically (labeled Failed, Passed, and Not relevant)
Rules that couldn't be assessed automatically (labeled Manual)

Learn below about each result type.

Result type	Definition
Failed	The assessed resource doesn't follow the recommendations specified in the rule. In this case, a reason for failure is provided, based on which you can fix the issue. For details, see Gain insights.
Passed	The assessed resource follows the recommendations specified in the rule (there are no misconfigurations violating the specified recommendations).
Manual¹	The resource cannot be automatically assessed, as Dynatrace can't determine whether the resource is compliant (for example, when, due to physical security, Dynatrace can't get the configuration data from the clusters and nodes).
Not relevant	The assessed resource doesn't meet a specific criteria for assessment, such as a specific version. These results can be skipped.

Manual results aren't currently actionable.

To increase the number of results based on automatic assessment, we recommend that you deploy Kubernetes Security Posture Management.

View

Results are displayed for all your monitored systems on which Security Posture Management is enabled.

The Overview page shows the total number of failed, manual, and passed rules per monitored system.
The Assessment results page shows a table with all results, sorted automatically in descending order, starting from the ones deserving the most attention (failed rules with critical severity) to those less important (not relevant rules with low severity).

See below the result calculation based on the aggregation of finding events into rules.

Rule result	Aggregation of resource states
Failed	At least one assessed resource has a `Failed` result.
Passed	At least one assessed resource has a `Passed` result, but none `Failed` nor `Manual`.
Manual	At least one assessed resource has a `Manual` result, but none `Failed`.
Not relevant	All assessed resources have a `Not relevant` result.

Categorize assessment results

You can filter and sort results based on different criteria of interest. For details, see Review findings.

Explore

To view result details

Go to the Assessment results page.
Select a rule.

This opens a side window with more information that can help you understand the context and fix potential issues. For details, see Gain insights.

Severity

Information regarding severity is provided by the compliance standards and mapped to Dynatrace as Critical, High, Medium, and Low, following the compliance standard recommendations.

View

The Overview page shows
- The total number of rules per compliance standard and how many of them are passed, manual, and failed (see the compliance standard cards)
- The total number of failed rules per system based on severity (see My systems table)
The Assessment results page shows a table with all results and the associated severity, sorted automatically in descending order, starting from the ones deserving the most attention (failed rules with critical severity) to those less important (not relevant rules with low severity).

Categorize assessment results

You can filter and sort results based on severity. For details, see Review findings.