https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277404#M36533 <P>Yes, it's a very interesting topic, and I think it's highly valuable from a security perspective.</P><P>Currently, there's Dynatrace Live Debugger, which focuses on the backend and its real-time code review.</P><P>I think that if they've already implemented this functionality, they could have something similar in the future for front-end application code, perhaps reaching the point of RVA.</P> Fri, 16 May 2025 15:19:00 GMT PierreGutierrez 2025-05-16T15:19:00Z https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277373#M36527 <P>Hi,</P><P>&nbsp;</P><P>Is Dynatrace's RVA(Runtime Vulnerability Analytics) applicable to mobile applications? I would guess not since I haven't seen any indication to it being possible, so I started wondering if it even makes sense to extend Application Security to mobile Applications under the current mobile monitoring scheme.</P><P>Is there any way this can be approached, or does it need a complete redesign of the mobile SDKs?</P><P>Thanks,</P><P>George</P> Fri, 16 May 2025 08:32:18 GMT https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277373#M36527 g_kat 2025-05-16T08:32:18Z https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277393#M36528 <P>Hey g_kat</P><P>No, Runtime Vulnerability Analytics is not available for mobile platforms. Here is a <A href="https://docs.dynatrace.com/docs/secure/application-security#tech" target="_self">link</A> to the supported technologies.</P> Fri, 16 May 2025 12:50:40 GMT https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277393#M36528 Thomas_Wirth1 2025-05-16T12:50:40Z https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277399#M36529 <P>Hello&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/34133">@g_kat</a>&nbsp;<BR /><BR />To complement what Thomas mentioned<BR /><BR /><STRONG>The Runtime Vulnerability Analytics feature is not applicable to mobile application monitoring, as it relies on OneAgent to analyze security at the system process and Process Group level, which is not part of the mobile instrumentation workflow.</STRONG></P><P>Although technologies such as Java or .NET can be used in mobile front-end development, mobile application monitoring in Dynatrace is performed through automatic or manual instrumentation via the Mobile SDK, which sends data directly to Dynatrace through an ActiveGate.<BR /><BR /></P><P>In this mentioned workflow, neither OneAgent nor the host process layer are involved, therefore, the runtime vulnerability analysis capabilities offered by this feature cannot be applied.<BR /><BR />I recommend you to be able to generate <A href="https://community.dynatrace.com/t5/Product-ideas/idb-p/DynatraceProductIdeas" target="_blank">Product ideas - Dynatrace Community</A>&nbsp; so that it can be evaluated <span class="lia-unicode-emoji" title=":grinning_face_with_smiling_eyes:">😄</span></P><P>Hope it's helpful <span class="lia-unicode-emoji" title=":flexed_biceps:">💪</span></P> Fri, 16 May 2025 14:45:51 GMT https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277399#M36529 PierreGutierrez 2025-05-16T14:45:51Z https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277401#M36530 <P>Thanks <a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/45543">@PierreGutierrez</a>&nbsp; and&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/35396">@Thomas_Wirth1</a>, you confirmed my thoughts.</P><P>Indeed, with the current Mobile SDK philosophy it doesn't make much sense getting RVA there, but I will post an idea just to test the waters, since security in mobile applications is a very "hot" area so to speak.</P><P>Thanks,</P><P>George</P> Fri, 16 May 2025 15:03:36 GMT https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277401#M36530 g_kat 2025-05-16T15:03:36Z https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277404#M36533 <P>Yes, it's a very interesting topic, and I think it's highly valuable from a security perspective.</P><P>Currently, there's Dynatrace Live Debugger, which focuses on the backend and its real-time code review.</P><P>I think that if they've already implemented this functionality, they could have something similar in the future for front-end application code, perhaps reaching the point of RVA.</P> Fri, 16 May 2025 15:19:00 GMT https://community.dynatrace.com/t5/Open-Q-A/Runtime-Vulnerability-Analytics-on-mobile-applications/m-p/277404#M36533 PierreGutierrez 2025-05-16T15:19:00Z