topic Re: Application Security reports in Open Q&A

Application Security reports

gofman_anatoly — Mon, 19 Jun 2023 08:46:45 GMT

Hello

I started POC with an application security module and the first requirement that I received from CISO and the security team is the automated report that contains all the vulnerabilities with all the existing data in Dynatrace.
Is it possible to create such report? I didn't find a useful API because the API that gets all problems isn't detailed and the API that gets specific problem by ID returns internals entity names.

Please advise.

Best Regards

Anatoly.

Re: Application Security reports

Julius_Loman — Tue, 04 Jan 2022 22:51:31 GMT

Hi @gofman_anatoly ,

did you check the Security Problems API - get all vulnerabilities? Then you can iterate the list and use the Security problems API - GET a problem and pass the ID obtained in the get all vulnerabilities to get details about the security problem. Be sure to include the fields you need in the parameters.

Re: Application Security reports

bryan_araya — Fri, 07 Oct 2022 21:44:58 GMT

I have the same request about a security application from a client that requires a report, Dynatrace API only lists the vulnerabilities and does not show the description or description of how to fix and these data are the most important. I attached file extracted from the API info.

Re: Application Security reports

Julius_Loman — Sat, 08 Oct 2022 09:04:13 GMT

For the details you ned to do an API call to get the details for each security problem. The remediation actions are, however, as far as I remember not (yet) part of the API response.

Re: Application Security reports

KVZ — Mon, 07 Nov 2022 11:15:17 GMT

Considering there are new security featured, was this report option added? I did not see a mention of it in the documentation.