Dynatrace extends cloud security to provide vulnerability analysis

Dynatrace extends cloud security to provide vulnerability analysis

New runtime environment vulnerability analytics and support for the Go programming language position Dynatrace as a solution that provides real-time visibility and analysis across the entire application stack.

Dynatrace has announced it has extended its Application Security Module to detect and protect against vulnerabilities in runtime environments, including the Java Virtual Machine (JVM), Node.js runtime and .NET CLR.

In addition, Dynatrace has extended its support to applications running in Go, one of the fastest-growing programming languages, with adoption increasing by 23% last year.

With these enhancements, the Dynatrace platform becomes a solution providing real-time visibility and vulnerability analytics across the entire application stack, which includes custom code, open-source and third-party libraries, language runtimes, container runtimes and container orchestrators.

Dynatrace not only identifies vulnerabilities across each of these layers automatically but also analyzes them to provide actionable and precise answers out-of-the-box. This empowers development and security teams to assess risk better, prioritize and remediate threats more effectively and innovate faster and with increased security.

Luca Domenella, Head of Cloud Operations and DevOps, Soldo, said: “We have a proud heritage as a cloud-native business that harnesses agile delivery practices, the latest technology and a state-of-the-art, secure development lifecycle to bring continuous innovation to our customers.

“Dynatrace Application Security helps to make this possible by giving us comprehensive visibility and analytics across all layers of our complex application ecosystem, ensuring no vulnerability escapes our secure DevOps lifecycle.

“In addition, it helps us instantly understand the risk and potential impact of zero-day vulnerabilities, such as Log4Shell, and automatically prioritizes the steps required to resolve them. This saves our teams from wasting weeks triaging alerts and enables them to resolve new vulnerabilities in just days or less, so they can stay focused on innovating.”

Language runtimes are a critical layer of the application stack as they ensure apps are available and well-executed on any platform without having to be rewritten or recompiled.

By extending its Application Security Module to support runtimes in the most widely adopted programming languages, Dynatrace delivers one of the industry’s most comprehensive application vulnerability analysis, spanning all potential entry points in pre-production and production environments.

Steve Tack, SVP of Product Management, Dynatrace, said: “The number of entry points attackers use to target applications continues to expand. Vulnerabilities can creep into applications from any part of the software supply chain, including open-source or third-party components and application runtimes.”

“Traditional approaches can’t accurately surface vulnerabilities at runtime or analyze their potential exploitability and impact. Dynatrace is the only solution that provides runtime vulnerability analysis across the entire application stack and AI-assisted prioritization for the most popular cloud-native application technologies, now including Golang.

“With these capabilities, DevSecOps teams can focus on remediating the most impactful vulnerabilities. This helps them innovate faster, with the confidence that all layers of their applications are vulnerability-free.”

Missing holistic vulnerability analysis creates risk

Every layer of an application stack contributes to the security posture of an application and can potentially contain vulnerabilities. The number of entry points through which attackers can infiltrate your company’s environment is always expanding.

SecOps teams are confronting increasingly complex threats and alert storms. And while effective DevSecOps approaches require collaboration and automation, teams still often work alone in silos.

This is because many organizations lack a holistic view and analysis across all layers of their application ecosystem to minimize the attack surface and protect the weakest links. DevOps teams, SREs (site reliability engineers), platform teams and SecOps teams aren’t always working from a common source of truth:

  • SAST tools (static application security testing) provide scanning code for vulnerabilities.
  • Vulnerability scanners detect vulnerabilities in, for example, language runtimes.

This siloed approach renders holistic risk assessment impossible and can lead to ineffective issue prioritization and blind spots.

Full-stack runtime vulnerability analysis

With new enhancements, Dynatrace Application Security now provides Runtime Vulnerability Analysis across the entire application stack in cloud-native environments. Uniquely, Dynatrace not only identifies vulnerabilities across all layers, it also analyzes them automatically. This provides actionable out-of-the-box insights to CISOs and SecOps teams that can be used to assess risk, prioritize, and collaboratively remediate threats with other teams.

Dynatrace adds AI-powered vulnerability analysis for Go

Dynatrace extends its Runtime Vulnerability Analysis to Go on top of Java, .NET, Node.js and PHP. Go is one of the key technologies powering cloud-native applications and its adoption is increasing rapidly. Even Kubernetes and its core services—a key driver in modern cloud transformation — are written in Go.

Runtime Vulnerability Analysis is provided across the entire software development lifecycle, from pre-production to production for every operating environment, including dynamic multi-clouds and Kubernetes clusters. The Dynatrace Davis AI engine aggregates vulnerability data in real time and recommends actions to improve the security of your Go applications.

Automatic vulnerability analysis for Kubernetes platform versions

In cloud-native application stacks, everything is code. Just securing applications and libraries isn’t enough. You need to go deeper into the stack — into the infrastructure itself. This is why Dynatrace has announced automatic vulnerability detection to the Kubernetes platform last year. As for the other components, Dynatrace Application Security detects vulnerable Kubernetes versions automatically and tracks the evolution of these security problems in real time.

Click below to share this article

Browse our latest issue

LATAM English

View Magazine Archive