SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Dynatrace extends application security capabilities for runtime environments
Mon, 15th Aug 2022
FYI, this story is more than a year old

Dynatrace has announced that it has extended its Application Security Module to detect and protect against vulnerabilities in runtime environments.

These environments now include the Java Virtual Machine (JVM), Node.js runtime, and .NET CLR. The company has also announced in conjunction that it has extended its support to applications running in Go, with adoption increasing by 23% last year.

The company says the enhancements give the Dynatrace platform the ability to provide real-time visibility and vulnerability analytics across the entire application stack. This includes custom code, open-source and third-party libraries, language runtimes, container runtimes, and container orchestrators.

They say there is a distinct focus on layered analysis, empowering development and security teams to assess risk better, prioritise and remediate threats more effectively, and innovate faster and with increased security.

Soldo head of cloud operations and DevOps Luca Domenella says that the new enhancements will help provide a better overall picture of secure management and help with many pain points associated with drawn-out processes in the cloud space.

"We have a proud heritage as a cloud-native business that harnesses agile delivery practices, the latest technology, and a state-of-the-art, secure development lifecycle to bring continuous innovation to our customers," he says.

"Dynatrace Application Security helps to make this possible by giving us comprehensive visibility and analytics across all layers of our complex application ecosystem, ensuring no vulnerability escapes our secure DevOps lifecycle."

He also says the immediate nature of the system allows for instant action and better workflow.

"In addition, it helps us instantly understand the risk and potential impact of zero-day vulnerabilities, such as Log4Shell, and automatically prioritises the steps required to resolve them. This saves our teams from wasting weeks triaging alerts and enables them to resolve new vulnerabilities in just days or less, so they can stay focused on innovating."

A focus on language runtime, a critical layer of the application stack, is also a significant part of Dynatrace's offerings. By extending its Application Security Module to support runtimes in the most widely adopted programming languages, the company says the technology will help stand out and provide the best solutions on the market.

"The number of entry points attackers use to target applications continues to expand. Vulnerabilities can creep into applications from any part of the software supply chain, including open-source or third-party components and application runtimes," says Dynatrace SVP of product management Steve Tack.

"Traditional approaches can't accurately surface vulnerabilities at runtime or analyse their potential exploitability and impact. Dynatrace is the only solution that provides runtime vulnerability analysis across the entire application stack and AI-assisted prioritisation for the most popular cloud-native application technologies, now including Golang.

"With these capabilities, DevSecOps teams can focus on remediating the most impactful vulnerabilities. This helps them innovate faster, with the confidence that all layers of their applications are vulnerability-free."