Dynatrace extends the reach of the application security module

Dynatrace has extended the application security module it provides for its observability platform to protect against vulnerabilities in runtime environments, including Java Virtual Machine (JVM), Node.js runtime, and .NET CLR.

Additionally, Dynatrace has extended its support to applications built using the Go programming language.

The Dynatrace Application Security Module leverages Dynatrace’s existing tracing and artificial intelligence (AI) technologies to detect threats in real time, then apply appropriate policies to automatically secure applications. At the heart of Dynatrace’s approach to application security is its OneAgent software for application instrumentation, which collects data and feeds it back to an observability platform that includes a AI engine called Davis.

Amit Shah, Product Marketing Manager for Application Security at Dynatrace, said that by extending the Application Security module to support runtimes in the most widely adopted programming languages, Dynatrace now provides a real-time visibility and vulnerability scans across the entire application stack, which includes code, open source and third-party libraries, language runtimes, container runtimes, and container orchestrators.

The Dynatrace platform not only automatically identifies vulnerabilities on each of these layers, but also scans them to reduce false positives by only showing alerts about running code, Shah noted. Without these capabilities, it becomes impossible for development teams to prioritize their application patching efforts in the absence of any context, he added.

In general, achieving and maintaining application security will require more responsibility to move left and right, Shah said. While it’s essential to discover as many vulnerabilities as possible before deploying applications, it’s also crucial to simplify the discovery of vulnerabilities in runtimes after an application is deployed, he noted. The goal is to enable DevOps teams to use the same observability platform they use to manage and optimize applications to also ensure application security, Shah added.

This Dynatrace approach offers the added benefit of also avoiding the need to convene a “war room” to find out where all the vulnerabilities in these application environments might reside once they are discovered, Shah noted.

The biggest challenge that organizations face when it comes to application security is the speed at which applications are currently being deployed. Cybersecurity teams, due to a chronic shortage of talent and expertise, cannot keep pace. As a result, more responsibility for application security is being shifted left to developers and DevOps teams, as well as right to IT operations and security teams. Indeed, application security is finally becoming a team sport within the IT organization as cybersecurity teams focus more of their efforts on securing runtime environments, Shah noted.

It may take some time before this approach has a major impact in terms of reducing the number of vulnerabilities regularly introduced into application environments. However, as more and more tools and platforms dealing specifically with application security are deployed, the overall state of application security will steadily improve.

In the meantime, however, the volume of attacks aimed at the application layer of the computing stack will unfortunately continue to increase as cybercriminals focus more of their efforts on exploiting current and zero-day application vulnerabilities that are increasing in volume. Everytime. Changeover day.