Solved: Re: Dynatrace Application Security Integrations

Ahmed_Khaled · ‎04 Apr 2023

With the introduction of Application security, I wanted to know if it is possible to have it integrated with other scanning tools that any client would have like Tenable or Nessus for example. if yes how is it done and if it is not possible at the moment is it something that is being developed?

Certified Dynatrace Associate | Vas Integrated Solutions

michiel_otten · ‎04 Apr 2023

Dynatrace AppSec uses the OneAgent to scan potential vulnerable code and components, matching it against the Snyk database.

Security vulnerabilities are exportable via the API and can be pushed to every tool if you write a simple script and have API access there f.e.

From other tools you can use the dynatrace api to import metrics from there and create problems within Dynatrace. I can't answer the question if Dynatrace will support other tooling but I think this won't be something they'll work on probably.

#Performance matter!

Esam_Eid · ‎19 Feb 2024

Hi Michiel,

We have integrated AppSec notifications using webhook with Splunk SIEM. The custom payload fields allows only certain fields but our customer is looking for more fields like

CVE (for known vulnerability) or Reference ID (for misconfigurations)
CVE Severity
CVE ID
Host Name
IP
Pod / Node
Container

any suggestion?

michiel_otten · ‎11 Mar 2024

Hi there,

The custom webhook will just do some notiication indeed. If you want to integrate further you could try using the API. F.e.:

Vulnerabilities API - GET vulnerabilities - Dynatrace Docs

Using a workflow you can set up your own integration to SIEM where you finetune the notification.

#Performance matter!