https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/209088#M306 <P>Dynatrace AppSec uses the OneAgent to scan potential vulnerable code and components, matching it against the Snyk database.&nbsp;</P><P>Security vulnerabilities are exportable via the API and can be pushed to every tool if you write a simple script and have API access there f.e.</P><P>From other tools you can use the dynatrace api to import metrics from there and create problems within Dynatrace. I can't answer the question if Dynatrace will support other tooling but I think this won't be something they'll work on probably.</P> Tue, 04 Apr 2023 19:25:09 GMT michiel_otten 2023-04-04T19:25:09Z https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/209079#M305 <P>With the introduction of Application security, I wanted to know if it is possible to have it integrated with other scanning tools that any client would have like Tenable or Nessus for example. if yes how is it done and if it is not possible at the moment is it something that is being developed?</P> Wed, 05 Apr 2023 07:11:44 GMT https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/209079#M305 Ahmed_Khaled 2023-04-05T07:11:44Z https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/209088#M306 <P>Dynatrace AppSec uses the OneAgent to scan potential vulnerable code and components, matching it against the Snyk database.&nbsp;</P><P>Security vulnerabilities are exportable via the API and can be pushed to every tool if you write a simple script and have API access there f.e.</P><P>From other tools you can use the dynatrace api to import metrics from there and create problems within Dynatrace. I can't answer the question if Dynatrace will support other tooling but I think this won't be something they'll work on probably.</P> Tue, 04 Apr 2023 19:25:09 GMT https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/209088#M306 michiel_otten 2023-04-04T19:25:09Z https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/237427#M1476 <P>Hi Michiel,</P><P>We have integrated AppSec notifications using webhook with Splunk SIEM. T<SPAN>he custom payload fields allows only certain fields&nbsp;</SPAN>but our customer is looking for more fields like</P><UL><LI>CVE (for known vulnerability) or Reference ID (for misconfigurations)</LI><LI>CVE Severity</LI><LI>CVE ID</LI><LI>Host Name</LI><LI>IP</LI><LI>Pod / Node</LI><LI>Container</LI></UL><P>any suggestion?</P> Mon, 19 Feb 2024 14:17:22 GMT https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/237427#M1476 Esam_Eid 2024-02-19T14:17:22Z https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/239527#M1507 <P>Hi there,<BR /><BR />The custom webhook will just do some notiication indeed. If you want to integrate further you could try using the API. F.e.:<BR /><BR /><A href="https://docs.dynatrace.com/docs/dynatrace-api/environment-api/application-security/vulnerabilities/get-vulnerabilities" target="_blank">Vulnerabilities API - GET vulnerabilities - Dynatrace Docs</A><BR /><BR />Using a workflow you can set up your own integration to SIEM where you finetune the notification.</P> Mon, 11 Mar 2024 18:28:52 GMT https://community.dynatrace.com/t5/Automations/Dynatrace-Application-Security-Integrations/m-p/239527#M1507 michiel_otten 2024-03-11T18:28:52Z