Delayed Nyse  -  04:00 2022-07-01 pm EDT
41.01 USD   +3.98%
08:41aBerenberg Bank Terminates Coverage of 85 Companies in Consumer Discretionary, Healthcare, Industrial Tech, REIT, Software and IT Services Sectors
06/28Dynatrace Extends Automatic Release Validation Capabilities to Improve Software Quality and Resiliency
06/28Dynatrace, Inc. Extends Automatic Release Validation Capabilities to Improve Software Quality and Resiliency
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector news

Dynatrace : How runtime security helps DevSecOps teams eliminate security blind spots

03/28/2022 | 12:01pm EDT

Runtime security and system observability are critical to helping organizations eliminate blind spots that undermine effective DevSecOps objectives. Here's how an observability platform can identify runtime vulnerabilities.

Security blind spots pose a significant threat to an effective DevSecOps strategy and leave organizations vulnerable to attack-in some cases when applications are already live.

In December 2021, the emergence of the Log4Shell zero-day vulnerability demonstrated the potential impact of vulnerabilities in runtime. An effective DevSecOps strategy helps organizations to identify vulnerabilities throughout the software development lifecycle (SDLC) to ensure the integrity of software in development and of runtime applications.

Integrating security too late in the SDLC, expanding cloud access, and delayed security testing are just a few examples of security roadblocks to effective DevSecOps.

In a recent session at Dynatrace Perform 2022, Dynatrace's Andreas Berger, senior principal project product manager of application security, and Christian Schwarzbauer, application security product architect, dissected the importance of integrated runtime security and system observability in detecting, identifying, and addressing these blind spots across organizations.

Three key runtime security questions for DevSecOps

To be effective, Berger argues, modern application security requires speed and precision. "This is the core of what all security solutions should provide," he says. Solutions must keep pace with the quickly changing apps in cloud-native environments. "Security solutions should highlight what really matters without flooding everyone with false alerts."

Ultimately, security solutions should help organizations answer three key questions:

  • Are we vulnerable?
  • Where and how are we affected?
  • What is the impact?
Prioritizing alerts in the face of runtime security blind spots

When it comes to finding and addressing runtime application security blind spots, a security solution should help you prioritize your efforts. But what does alert prioritization look like in practice?

With Dynatrace Application Security, prioritizing starts with its automatic and intelligent observability platform. Automatic discovery and instrumentation allows businesses to evaluate their entire environment in seconds, discover actionable information, and tap into real-time tracking on all affected processes.

Dynatrace Application Security automatically assesses risk based on AI_driven analysis and context.

The challenge? Given the depth and breadth of DevSecOps-driven tracking, the number of reported security vulnerabilities is often substantial-so substantial that organizations are often unsure where to focus their efforts.

Berger lays out the following ways Dynatrace helps organizations to prioritize their security vulnerability risks:

  • Prioritize individual areas of interest. By combining the full coverage of Dynatrace analysis with extensive search functions, DevSecOps teams can quickly filter vulnerabilities by areas of interest to narrow response focus and address specific issues immediately.
  • Prioritize vulnerabilities using automated risk assessment. Automated risk assessment, meanwhile, helps organizations identify vulnerable functions currently in operation and tied to a specific security risk. Along with the number and type of vulnerable functions in use, the automated assessment tool also reports an organization's overall risk on a scale of 1 to 10.
  • Prioritize issues by vulnerable component. Dynatrace can also prioritize issues by vulnerable components-such as log4j-core or tomcat-enabled-core-that influence multiple processes or functions. The Dynatrace platform shows how many critical vulnerabilities teams can address by upgrading each of these components. This prioritization enables teams to focus their efforts for maximum impact.
Moving DevSecOps beyond continuous WAF maintenance

It's one thing to detect issues before they happen, but what about handling attacks as they occur?

"While web application firewalls (WAFs) remain the de facto standard for app protection," Schwarzbauer notes, "they are not without their drawbacks." In particular, firewalls could potentially reject authorized resource requests if they are misconfigured.

"Another potential drawback," Schwarzbauer adds, "is no matter how strong a WAF is, attackers will eventually find a way inside the network." As a result, teams need to continually maintain and manage WAFs to keep evolving risks in check.

Dynatrace uses a full-stack observability approach to detect attacks as they occur.

Runtime application security from Dynatrace makes it possible for IT teams to keep pace with attacks as they occur. While also identifying potential threats, their location, and the vulnerabilities they exploit, Dynatrace provides information about the entire attack path - from source IP to entry point, vulnerability type, and eventual database backend target.

Additionally, each stage of the security process specifies the code location and function used by attackers to gain entry. Armed with this information, businesses organizations are better equipped to improve security across the entire DevSecOps pipeline.

Clearing up security blind spots for good

Simply put, by pairing runtime security with system observability, businesses are better prepared to detect, deflect, and defeat emerging security threats.

To learn more about the role of runtime application security and system observability in delivering on DevSecOps objectives, check out the full session, Address Log4Shell with ease: Why integrated runtime security and observability is key for DevSecOps.


Dynatrace Inc. published this content on 28 March 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 28 March 2022 16:00:05 UTC.

ę Publicnow 2022
All news about DYNATRACE, INC.
08:41aBerenberg Bank Terminates Coverage of 85 Companies in Consumer Discretionary, Healthcar..
06/28Dynatrace Extends Automatic Release Validation Capabilities to Improve Software Quality..
06/28Dynatrace, Inc. Extends Automatic Release Validation Capabilities to Improve Software Q..
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell Midcap Value Index
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell 3000 Value Index
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell 3000E Value Index
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell 2500 Value Index
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell Small Cap Comp Value Index
06/24DYNATRACE, INC.(NYSE : DT) dropped from Russell 1000 Value Index
06/13Dynatrace Named a Leader in Gartner« Magic Quadrant™ for APM and Observability
More news
Analyst Recommendations on DYNATRACE, INC.
More recommendations
Financials (USD)
Sales 2023 1 150 M - -
Net income 2023 63,1 M - -
Net cash 2023 777 M - -
P/E ratio 2023 159x
Yield 2023 -
Capitalization 11 313 M 11 313 M -
EV / Sales 2023 9,16x
EV / Sales 2024 7,05x
Nbr of Employees 3 600
Free-Float 67,7%
Duration : Period :
Dynatrace, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends DYNATRACE, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 20
Last Close Price 39,44 $
Average target price 49,41 $
Spread / Average Target 25,3%
EPS Revisions
Managers and Directors
Rick M. McConnell Chief Executive Officer & Director
Kevin Conal Burns Chief Financial Officer, Secretary & Treasurer
Jill A. Ward Chairman
Bernd Greifeneder Chief Technology Officer & Senior Vice President
Matthias Scharer Senior Vice President-Business Operations
Sector and Competitors
1st jan.Capi. (M$)
DYNATRACE, INC.-34.65%11 313
SALESFORCE.COM, INC.-35.06%164 215
CLOUDFLARE, INC.-66.73%14 273
QUALYS, INC.-8.07%4 899