topic No data showing for code-level vulnerabilities (.NET 4.5) in Open Q&A

No data showing for code-level vulnerabilities (.NET 4.5)

NicoleMT — Tue, 24 Jun 2025 13:49:55 GMT

Hi everyone,

I'm trying to see code-level vulnerabilities in Dynatrace, but no data is being displayed.
I'm using .NET 4.5 and I have already enabled the Application Security feature both from the main settings and manually under OneAgent features

Does anyone know if there is any additional configuration required or specific prerequisites for it to work with .NET 4.5?

Thanks in advance for your help!

Re: No data showing for code-level vulnerabilities (.NET 4.5)

AntonPineiro — Tue, 24 Jun 2025 14:28:13 GMT

Hi,

Not sure which technologies are supported, but first, is OneAgent is fullstack mode?

Best regards

Re: No data showing for code-level vulnerabilities (.NET 4.5)

NicoleMT — Tue, 24 Jun 2025 14:33:58 GMT

Hi,

Yes, is fullstack mode

Re: No data showing for code-level vulnerabilities (.NET 4.5)

dylan_taelemans — Tue, 24 Jun 2025 18:58:02 GMT

A couple of things to verify:

Is deep monitoring enabled for the process?
Go to:
Settings (Process) > Deep Monitoring
Are the following OneAgent features ".NET code-level vulnerability evaluation", ".NET ASP.NET" and "NET ASP.NET Sensor V2" enabled?
Go to:
Settings (classic) > Preferences > Oneagent Features (Note: those features Require restart after enabling)
Is Code-level Vulnerability Analytics enabled for .NET?
Go to:
Settings (classic) > Application Security > General settings
Ensure it’s enabled and monitoring your .NET environment.

Re: No data showing for code-level vulnerabilities (.NET 4.5)

marco_irmer — Tue, 24 Jun 2025 19:48:40 GMT

Another thing to keep in mind: Detection of code-level vulnerabilities works differently from third-party vulnerabilities. Third-party vulnerabilities are detected whenever the process loads, whereas code-level vulnerabilities require execution of the vulnerable code. In other words, there has to be load placed on the service so that Dynatrace can observe execution of the vulnerable code.

Re: No data showing for code-level vulnerabilities (.NET 4.5)

AntonPineiro — Wed, 25 Jun 2025 07:57:38 GMT

Hi,

I would check which version of .NET is supported in documentation.

Or raising a support ticket.

Best regards

Re: No data showing for code-level vulnerabilities (.NET 4.5)

c_schwarzbauer — Wed, 25 Jun 2025 10:55:50 GMT

and in addition to that: do you know if there are actual code-level vulnerabilities in the .NET application, which Dynatrace should detect?
if yes, then which ones would that be and in which way is untrusted input propagated there?

Re: No data showing for code-level vulnerabilities (.NET 4.5)

BalajiMurali — Wed, 02 Jul 2025 15:49:04 GMT

Does your account have vulnerability detection enabled? Or on the tenant level?

If not, you won't see anything related to vulnerabilities.

Please check with your Dynatrace Customer Success Manager for more details.

Sometimes, vulnerabilities section is enabled for a specific group of users only, like pentest team. Please check you're part of the group who has access to vulnerabilities report.

Re: No data showing for code-level vulnerabilities (.NET 4.5)

GosiaMurawska — Tue, 30 Dec 2025 15:18:57 GMT

Hi @NicoleMT! Did you manage to solve this one?