WOW! This is a great Challenge, of course I'm in 😀

Oh, I came prepared. 😎

https://community.dynatrace.com/t5/AI/MCP-Server-Challenge-see-what-we-re-up-to-at-TELUS/m-p/297628#...

We also built an MCP server that allows you to interact with the Dynatrace Playground. You can either install it locally using your Visual Studio Code instance, or run it straight out of the GitHub Codespace.

https://github.com/dynatrace-oss/dt-mcp-playground 

I'm slowly working on agentic onboarding of extensions for terraform users Challenge - Agentic detection of technologies and extensions onboarding for Terraform users - Dynatr...

https://community.dynatrace.com/t5/AI/MCP-Server-Challenge-entry-3-Automating-Site-Reliability/m-p/2...

Here is one of our use cases: MCP Server Challenge: Automation of the group creation in Dynatrace, using Dynatrace APIs - Dynatrac...

I built an automated observability auditor that uses Claude AI + the Dynatrace MCP server to assess tenant maturity across 15 dimensions (infrastructure, configuration, DEM, operations, security). A single command triggers 7 MCP tools — execute_dql, list_problems, list_vulnerabilities, list_davis_analyzers, get_kubernetes_events, get_environment_info, and chat_with_davis_copilot — to collect data, evaluate findings weighted by blast radius, and generate a scored interactive HTML report with root cause analysis and actionable next steps.

Full write-up: MCP Server Challenge: Observability Maturity Auditor

Demo videos: drive.google.com/auditDynatrace

I feel like a kid among adults in a room here, but here we go: MCP-Server-Challenge - My very first App - A Kubernetes Cluster Performance & Capacity Report  

Mike, I've harmonized the two submissions: "SDF Governance Guard: How We Built a Signal–Defect–Failure Classification Framework, Proved It With 85+ Exam Scores, and Extended It to Govern Remote Model Context Protocol (MCP) Server Interactions" and "SDF Governance Guard — Ready for Federal Scale" into a single document, "SDF Governance Guard — Ready for Federal Scale v2."

Link: https://community.dynatrace.com/t5/AI/MCP-Server-Challenge-entry-7-SDF-Governance-Guard-v2/td-p/2983...

my input 

Autonomous SRE Analysis by logs patterns - Dynatrace Community

Hey everyone! A curious PM here 👋
After reading through all submissions, one thing is clear to me: We basically have all the ingredients of an agentic observability platform in use, just nicely spread across the different posts.

• someone built the automation
• someone built the analysis
• someone built the governance (👀 SDF, nicely done)
• someone built the UX
• someone is figuring out Day 0 onboarding magic from Terraform

…nobody put it all together yet, though? 😎 Challenge 😅?

What I love:

• real problems, not toy demos
• lots of “oh wow, that actually saves hours/days”
• and a surprising amount of agent thinking already happening without calling it that

If I had to poke a bit (because… PM 😇😞

• what part is “AI vibes” vs actually reliable + repeatable?
• and how do we turn this from cool project → thing everyone can reuse without rebuilding it?

Overall: this looks less like a challenge… and more like a sneak preview of what we’ll all (should) be building in ~12 months 

Thanks a lot so far!

Mike, I'm attempting to submit the following challenge: 

Governance for AI-Driven Operations:An MCP-Powered Framework for Federal and Enterprise Environments
Dynatrace MCP Server Challenge Submission
Author: Randy Chambers — Dynatrace Practice Lead
Federal & Enterprise Governance Architect
Discipline Consulting Group, LLC
rchambers@discipline-consulting.com
Date: May 2026
Version: 1.0 — Competition Submission
Classification: Unclassified / For Public Distribution

Table of Contents
1. Executive Summary
2. Note to the Judging Panel
3. Problem Statement: The Governance Gap in AI-Driven Operations
4. Framework Overview: SDF Governance Guard
5. The LOCATE Protocol: Operational Cadence for Governance
6. Davis AI → ServiceNow Governance Inheritance Model
7. NIST IR 8011 Crosswalk: MCP Tools as Testable Controls
8. Implementation Architecture and MCP Tool Orchestration
9. Value Proposition by Stakeholder
10. Competitive Differentiation
11. Roadmap and Extensibility
12. Conclusion
1. Executive Summary
Federal agencies and large enterprises have embraced AI-driven observability as the operational backbone of modern digital infrastructure. Dynatrace's Davis AI delivers deterministic root-cause analysis, anomaly detection, and predictive insights across hybrid and cloud-native environments. Yet a critical gap persists: the governance of AI-initiated operations remains fragmented, manual, and fundamentally non-auditable. When Davis AI detects an anomaly, creates a ServiceNow incident, or triggers an automated remediation workflow, the compliance context — which NIST control was tested, which authorization boundary was assessed, which policy was enforced — is lost in transit. Auditors reconstruct this lineage manually, days or weeks after the fact, using spreadsheets and screenshots. This is incompatible with the federal mandate for continuous Authority to Operate (cATO) and the enterprise demand for real-time governance posture.
This submission introduces SDF Governance Guard (Software-Defined Governance Framework), a governance-as-code architecture purpose-built on top of the Dynatrace MCP server. SDF Governance Guard transforms the MCP server from an observability API into a governance control plane by injecting compliance metadata into every tool invocation and propagating that metadata through all downstream systems — from Davis AI detection through ServiceNow remediation and back.
The framework comprises five integrated components:
13. SDF Governance Guard — the core governance-as-code policy engine
14. LOCATE Protocol — a six-phase operational cadence (Log, Observe, Correlate, Act, Trace, Enforce) that standardizes governance processing for every signal
15. Davis AI → ServiceNow Inheritance Model — governance metadata propagation across six Dynatrace-ServiceNow integration points
16. NIST IR 8011 Crosswalk — a mapping of all 14 Dynatrace MCP server tools to NIST IR 8011 security capabilities, sub-capabilities, and defect checks
17. MCP Orchestration Layer — governance-aware tool invocation patterns for MCP clients
The quantifiable impact is significant: reduction in mean-time-to-compliance-evidence from days to minutes, elimination of manual control-assessment artifacts, and continuous ATO readiness backed by an immutable Grail-native compliance ledger. SDF Governance Guard does not require custom Dynatrace plugins — it is built entirely on existing MCP server tools, DQL, Grail, and Workflows capabilities. This is governance that ships today, on infrastructure that already exists.
2. Note to the Judging Panel
This submission is addressed with genuine respect to Wolfgang Beer, Wolfgang Heider, Gabriele HB, and Andreas Grabner — the product leadership team whose vision has made the Dynatrace MCP server one of the most consequential integration capabilities in modern observability.
We recognize that the MCP Challenge invited the community to demonstrate creative and impactful uses of the Dynatrace MCP server. What we present here goes beyond a single use case. SDF Governance Guard is a complete governance framework that repositions the MCP server as a compliance control plane — extending its value from operational observability into the governance, risk, and compliance domain that represents a multi-billion-dollar addressable market.
This submission was purpose-built to align with Dynatrace's product trajectory. The framework requires zero modifications to the MCP server. Every capability described in this document uses the existing MCP tools exactly as your team designed them: execute_dql, list_problems, get_entity_details, get_ownership, list_vulnerabilities, create_workflow_for_notification, and the rest of the thirteen-tool portfolio. What SDF Governance Guard adds is a governance orchestration layer that makes every MCP tool call a testable, auditable, NIST-aligned compliance event.
We built this framework with three convictions. First, that the Dynatrace MCP server is more capable than even its current user base realizes — and that governance is the use case that proves it. Second, that federal and enterprise customers are actively seeking a platform that unifies observability and compliance, and Dynatrace is uniquely positioned to be that platform. Third, that the NIST IR 8011 crosswalk presented in this submission represents a first-of-its-kind mapping that no competitor — not Splunk, not Datadog, not New Relic — has attempted or can replicate without an equivalent MCP capability.
We invite the judging panel to evaluate this submission not only as a challenge entry but as a strategic blueprint. The architecture, the LOCATE protocol, the ServiceNow inheritance model, and the NIST crosswalk are all production-ready concepts that can be demonstrated, piloted, and deployed using today's Dynatrace platform.
Thank you for building the foundation that made this framework possible.
3. Problem Statement: The Governance Gap in AI-Driven Operations
The acceleration of AI-driven operations has created a governance paradox: the faster and more autonomous our operational tooling becomes, the further behind our compliance posture falls. Five structural deficiencies define this gap.
3.1 Control Evidence Is Retroactive and Manual
Federal agencies operating under the NIST Risk Management Framework (RMF) must demonstrate continuous compliance with SP 800-53 controls. In practice, control evidence is generated manually — typically in the weeks preceding an audit or annual assessment. Security teams export Dynatrace dashboards to PDF, screenshot ServiceNow ticket histories, and compile spreadsheets correlating incidents to controls. This retroactive evidence generation is labor-intensive, error-prone, and fundamentally incompatible with the continuous monitoring mandate of NIST SP 800-137 and OMB M-22-09 (Zero Trust Architecture).
3.2 AI-Initiated Actions Lack Governance Metadata Inheritance
When Davis AI identifies a root cause and triggers an automated response — whether creating a ServiceNow incident, updating a CMDB configuration item, or initiating a remediation workflow — the governance context is severed at the integration boundary. The ServiceNow incident carries operational data (affected service, error rate, impact duration) but no compliance data (which SP 800-53 control family this relates to, which authorization boundary was affected, which IR 8011 defect check this observation would satisfy). The AI action is operationally sound but governancely invisible.
3.3 NIST IR 8011 Has No Automated Bridge to Observability
NIST Interagency Report 8011 defines a rigorous methodology for automated security control assessment: desired state specification, actual state collection, comparison, defect identification, and root cause analysis. The framework identifies specific security capabilities (Hardware Asset Management, Software Asset Management, Vulnerability Management, Configuration Settings Management) and maps them to testable defect checks. Yet there is no tooling that connects IR 8011's assessment methodology to the actual state data that observability platforms like Dynatrace collect continuously. The assessment framework exists on paper; the data exists in Grail. The bridge between them does not exist — until now.
3.4 Continuous ATO Demands Continuous Evidence
The Department of Defense and civilian federal agencies are moving toward continuous Authority to Operate (cATO), replacing the traditional three-year reauthorization cycle with ongoing, evidence-based risk acceptance. cATO requires a continuous stream of machine-readable compliance evidence — not periodic audit artifacts. Observability platforms generate this evidence as a byproduct of normal operations, but without a governance framework to classify, tag, and route that evidence, it remains raw telemetry rather than compliance data.
3.5 MCP Provides the Integration Layer but Lacks a Governance Framework
The Model Context Protocol (MCP) standardizes how AI agents interact with enterprise systems through discoverable, callable tools. The Dynatrace MCP server exposes 14 tools spanning data query, problem management, security analysis, entity resolution, and operational communication. MCP is the ideal governance integration layer — every tool invocation is a discrete, auditable event — but the protocol itself has no governance framework purpose-built for it. No one has defined what it means for an MCP tool call to be governance-aware. This submission fills that void.

◆ Core Thesis
The Dynatrace MCP server already generates the data and performs the operations required for continuous compliance. What is missing is the governance metadata layer that transforms operational telemetry into auditable compliance evidence. SDF Governance Guard provides that layer.

4. Framework Overview: SDF Governance Guard
The Software-Defined Governance Framework (SDF Governance Guard) is a governance-as-code architecture that operates as a logical layer on top of the Dynatrace MCP server. It does not modify the MCP server itself — rather, it defines a set of declarative policies, metadata schemas, and orchestration patterns that MCP clients use to inject governance context into every tool invocation and propagate that context through downstream systems.
4.1 Design Principles
Governance as Code. All policies, control mappings, and compliance rules are defined as declarative artifacts in JSON and YAML. These artifacts are version-controlled, peer-reviewed, and deployed through the same CI/CD pipelines as application code. A governance policy is not a document in a SharePoint folder — it is a machine-readable specification that the MCP client consumes as context for every tool call. Example: a policy artifact defines that any list_vulnerabilities call against an entity within the "FedRAMP High" authorization boundary must tag results with the IR 8011 Volume 4 (Vulnerability Management) security capability and the SP 800-53 RA-5 control family.
Inheritance by Default. Every MCP tool call carries a governance metadata envelope that includes: control family identifier (SP 800-53), security capability (IR 8011), assessment boundary ID, authorization boundary ID, defect check ID, and originating policy version. This metadata propagates through all downstream actions. When a create_workflow_for_notification call triggers a ServiceNow incident, the governance envelope travels with the payload. The incident inherits the compliance context of the observation that caused it.
Continuous Assessment. SDF Governance Guard does not perform periodic audits. Instead, it converts every Dynatrace observation into a testable control assessment aligned to the IR 8011 methodology. Every execute_dql query is a potential actual-state collection. Every list_problems call is a potential defect identification. Every get_entity_details call is a potential asset inventory verification. The governance framework overlays assessment semantics onto operations that are already happening.
Immutable Audit Trail. Every MCP interaction — including the governance metadata envelope, the tool parameters, the response payload, and the downstream actions triggered — is logged to Grail with a cryptographic hash chain. Grail's indexless, schema-on-read architecture makes this data instantly queryable via DQL. The result is a tamper-evident compliance ledger that auditors can query in real time, not a binder of exported PDFs delivered weeks after the assessment period.
4.2 Five-Layer Architecture
SDF Governance Guard operates across five architectural layers, each building on the capabilities below it:

Layer Name Components Function
5 Action Plane ServiceNow ITSM, Slack, Workflows, External SIEM/SOAR Executes governance-aware remediation; receives inherited metadata; closes the compliance loop
4 Orchestration Plane Dynatrace MCP Server — 14 tools exposed as governance-aware endpoints Provides the standardized tool interface; carries governance metadata envelope on every invocation
3 Governance Plane SDF Governance Guard — policy engine, control mapper, inheritance resolver Injects compliance context; maps observations to NIST controls; resolves metadata inheritance chains
2 Intelligence Plane Davis AI — root cause analysis, anomaly detection, predictive analysis Generates causal, deterministic observations from raw telemetry; provides the "why" behind signals
1 Data Plane Dynatrace OneAgent, Grail data lakehouse, Entity Model, Smartscape topology Ingests all telemetry (logs, metrics, traces, events, business data); maintains entity relationships and topology

The critical insight is that Layers 1, 2, 4, and 5 already exist in production Dynatrace environments. SDF Governance Guard introduces Layer 3 — the Governance Plane — as a logical layer that operates through MCP client orchestration, DQL-based policy evaluation, and Grail-native metadata storage. No new infrastructure is required. No custom OneAgent plugins. No proprietary extensions to the MCP server. The governance framework is an operational pattern, not a product installation.
4.3 Governance Metadata Envelope
The foundational data structure of SDF Governance Guard is the Governance Metadata Envelope (GME), attached to every MCP tool invocation:

Field Type Description Example Value
control_family String SP 800-53 control family identifier RA-5
ir8011_capability String NIST IR 8011 security capability VULN
ir8011_subcapability String IR 8011 sub-capability / defect check VULN-SC-01
auth_boundary_id String RMF authorization boundary identifier AB-PROD-EAST-001
assessment_boundary_id String Assessment scope boundary ASSESS-FY26-Q2
policy_version String Version of the governance policy artifact applied v2.4.1
locate_phase Enum Current LOCATE protocol phase OBSERVE
timestamp ISO 8601 UTC timestamp of envelope creation 2026-05-02T14:10:00Z
chain_hash SHA-256 Hash of previous envelope in the governance chain a3f2b9c1...

5. The LOCATE Protocol: Operational Cadence for Governance
The LOCATE Protocol is the six-phase operational cadence that governs how SDF Governance Guard processes every signal from ingestion through enforcement. Each phase maps to specific Dynatrace MCP server tools and produces defined governance artifacts. LOCATE ensures that no signal passes through the system without acquiring compliance context, and no action is taken without producing auditable evidence.
5.1 L — Log: Capture the Raw Signal
Every governance chain begins with data ingestion. Dynatrace OneAgent and the Grail data lakehouse ingest telemetry across all signal types: logs, metrics, distributed traces, events, and business data. At the Log phase, SDF Governance Guard uses the MCP execute_dql tool to apply governance tags at query time, classifying data points by authorization boundary and data sensitivity level.
The MCP client executes a DQL query that enriches raw telemetry with boundary classification:
fetch logs | filter dt.entity.host IN ("HOST-ABC123", "HOST-DEF456") | fieldsAdd auth_boundary = "AB-PROD-EAST-001", data_sensitivity = "FIPS-199-MODERATE"
This is not modifying the underlying data — Grail's schema-on-read architecture allows governance fields to be projected at query time without altering the stored telemetry. The governance classification is defined in the SDF policy artifact and applied consistently across all queries within a given authorization boundary.
5.2 O — Observe: Contextualize the Signal
Davis AI applies deterministic and causal AI to detect anomalies, problems, and vulnerabilities from the ingested telemetry. The MCP list_problems and list_vulnerabilities tools expose these observations with full entity context. SDF Governance Guard enriches each observation with the applicable NIST SP 800-53 control family and IR 8011 security capability.
For example, when list_vulnerabilities returns a CVE affecting a production service, the Governance Guard consults its policy artifact to determine that this entity falls within authorization boundary AB-PROD-EAST-001, maps the vulnerability to the IR 8011 Volume 4 (VULN) security capability, and tags the observation with control family RA-5 (Vulnerability Monitoring and Scanning). The observation is now governance-aware.
5.3 C — Correlate: Connect to Governance Posture
The Correlate phase resolves ownership and assessment history. The MCP get_entity_details tool provides the full entity topology — what services depend on the affected component, what infrastructure hosts it, what deployment it belongs to. The get_ownership tool identifies the responsible team and escalation chain.
SDF Governance Guard cross-references the entity's control assessment history in Grail using execute_dql. The correlation determines whether this observation represents:
● A new defect — first occurrence; requires initial assessment and remediation
● A recurring defect — previously identified and remediated but resurfaced; indicates control failure
● Control drift — the desired state specification has changed but the actual state has not been updated
Each classification triggers a different governance response path, with corresponding NIST control implications documented in the Governance Metadata Envelope.
5.4 A — Act: Execute Governance-Aware Remediation
The MCP create_workflow_for_notification tool triggers remediation workflows that carry the full Governance Metadata Envelope. When this workflow creates a ServiceNow incident, updates a CMDB item, or sends a Slack notification via send_slack_message, the governance context travels with the action.
Critically, the remediation action itself becomes evidence for the control it addresses. A vulnerability remediation (patching a CVE) is simultaneously an operational fix and a satisfying assessment for RA-5. SDF Governance Guard records both the operational outcome and the compliance outcome in a single Grail record. Every action is a testable event.
5.5 T — Trace: Maintain Causal Lineage
From raw signal to Davis AI detection to MCP tool invocation to ServiceNow ticket to remediation completion — every step is traced in Grail with governance context. The chain_hash field in the Governance Metadata Envelope creates a cryptographic chain linking each phase to its predecessor, enabling auditors to reconstruct the full governance lineage for any entity at any point in time.
The MCP get_logs_for_entity tool enables real-time audit trail queries. An auditor can issue a single DQL query to retrieve every governance action taken against a specific entity within a specific assessment period, with full causal lineage from signal to resolution.
5.6 E — Enforce: Validate and Close the Loop
SDF Governance Guard uses the MCP verify_dql and execute_dql tools to run post-remediation validation queries, confirming the control is back in its desired state per NIST IR 8011 defect-check methodology. The enforcement query compares the post-remediation actual state against the desired state specification defined in the governance policy artifact.
If the validation passes, the enforcement result is written to the compliance ledger in Grail with a status of CONTROL_SATISFIED. If it fails, the LOCATE cycle re-enters the Observe phase with an escalated severity, and the governance chain continues until enforcement succeeds or the defect is formally accepted as a Plan of Action and Milestones (POA&M) item.

◆ Key Insight: LOCATE as Continuous ATO Engine
The LOCATE protocol transforms every operational event into a micro-assessment. Over a 30-day period, a typical enterprise Dynatrace environment processes thousands of problems, vulnerabilities, and anomalies — each one flowing through the LOCATE cycle. The result is a continuous stream of control assessments that, in aggregate, constitute the evidence base for continuous ATO. No periodic audit required.

6. Davis AI → ServiceNow Governance Inheritance Model
The October 2025 strategic collaboration between Dynatrace and ServiceNow established a multi-year partnership focused on autonomous IT operations and intelligent automation at enterprise scale. This partnership includes multiple integration surfaces through which Davis AI findings propagate to ServiceNow. SDF Governance Guard defines a governance metadata inheritance model for each integration point, ensuring that compliance context is never lost at the integration boundary.
6.1 Six Integration Points
The following table maps each Dynatrace-ServiceNow integration to the governance metadata it inherits and the NIST control families it supports:

Integration Data Flow Inherited Governance Metadata NIST Control Families Supported
1. Incident Integration App Davis AI problem → ServiceNow incident Control family tag, IR 8011 defect-check ID, assessment boundary ID, severity-to-impact mapping per FIPS 199 IR (Incident Response), SI (System and Information Integrity), CA (Assessment, Authorization, and Monitoring)
2. Dynatrace Workflows for ServiceNow Custom workflow triggers → ServiceNow ticket creation Full Governance Metadata Envelope as structured workflow parameters; policy version, LOCATE phase, chain hash IR, CP (Contingency Planning), SA (System and Services Acquisition)
3. Service Graph Connector Dynatrace entity model → ServiceNow CMDB Authorization boundary component mapping; entity-to-system classification; FIPS 199 categorization per entity type CM (Configuration Management), PM (Program Management), SA
4. Event Management Connector Problem events → ServiceNow alerts/incidents Control family auto-classification; IR 8011 security capability tag; alert-to-defect-check correlation SI, IR, AU (Audit and Accountability)
5. Service Observability Connector Dynatrace data displayed in ServiceNow Governance overlay: compliance status badges alongside operational metrics; control assessment results per entity CA, PM, RA (Risk Assessment)
6. Davis AI Analysis Agent Connector ServiceNow AI agents → Dynatrace Davis AI Governance Guard ensures Davis responses include compliance context (not just operational data); authorization boundary scoping for agent queries AC (Access Control), AU, RA

6.2 Inheritance Mechanics: Deep Dive
Incident Integration App. When Davis AI identifies a problem and the Incident Integration App creates a corresponding ServiceNow incident, SDF Governance Guard intercepts the creation event at the MCP orchestration layer. Before the incident payload leaves Dynatrace, the Governance Guard enriches it with: the SP 800-53 control family tag derived from the problem type (e.g., availability degradation → SC, System and Communications Protection; security vulnerability → RA; configuration drift → CM), the IR 8011 defect-check ID that this problem would satisfy as an actual-state observation, and the assessment boundary ID identifying which ongoing assessment this evidence contributes to. The severity-to-impact mapping follows FIPS 199: a problem affecting a system categorized as "High" for availability receives an impact classification that ServiceNow's incident management workflow uses for prioritization — but that SDF Governance Guard also uses for control assessment severity weighting.
Service Graph Connector. This integration is particularly significant for governance. The Dynatrace entity model — hosts, services, processes, applications, Kubernetes workloads — maps directly to the system inventory required by the RMF. SDF Governance Guard defines a mapping between Dynatrace entity types and authorization boundary components. When the Service Graph Connector synchronizes the entity model to ServiceNow's CMDB, each configuration item arrives pre-classified by authorization boundary. This enables ServiceNow to reflect the RMF system inventory automatically, eliminating the manual CMDB-to-boundary mapping that typically consumes weeks of assessment preparation.
Davis AI Analysis Agent Connector. This bidirectional integration introduces a unique governance challenge: when ServiceNow's AI agents query Davis AI for root-cause analysis or predictive insights, the response must be scoped to the querying agent's authorized data boundary. SDF Governance Guard enforces authorization boundary scoping on inbound queries, ensuring that a ServiceNow agent operating within one authorization boundary cannot receive Davis AI insights about entities in a different boundary. The response includes compliance context — the current control assessment status for affected entities — alongside the operational analysis.

◆ Why This Matters for Judges
No other submission can demonstrate governance metadata inheritance across six integration points between an observability platform and an ITSM platform. The Dynatrace-ServiceNow collaboration creates a unique surface for governance propagation, and SDF Governance Guard is the first framework designed to exploit it for compliance automation.

7. NIST IR 8011 Crosswalk: MCP Tools as Testable Controls
This section is the technical centerpiece of the submission. NIST IR 8011 defines a methodology for automated security control assessment built on five sequential steps: (1) desired state specification, (2) actual state collection, (3) comparison of desired versus actual, (4) defect identification, and (5) root cause analysis. The Dynatrace MCP server's 14 tools map directly to this methodology — each tool serves as either an actual-state collector, a defect identifier, or a root cause analyzer within one or more IR 8011 security capabilities.
7.1 Security Capabilities Overview
NIST IR 8011 organizes controls into security capabilities, each covered by a dedicated volume:

Abbreviation Security Capability IR 8011 Volume Focus
HWAM Hardware Asset Management Vol. 2 Managing risk from unmanaged/unauthorized devices
SWAM Software Asset Management Vol. 3 Managing risk from unmanaged/unauthorized software
VULN Vulnerability Management Vol. 4 Managing risk from software vulnerabilities (CVE/CWE)
CSM Configuration Settings Management Vol. 5 (Draft) Managing risk from incorrect configuration settings

SDF Governance Guard extends the mapping beyond the published volumes to include capabilities implied by SP 800-53 control families that IR 8011 Volume 1 identifies but for which specific volumes have not yet been published: Audit and Accountability (AU), Incident Response (IR), Access Control (AC), and Contingency Planning (CP).
7.2 Complete MCP Tool-to-IR 8011 Crosswalk

MCP Tool IR 8011 Security Capability Sub-Capability SP 800-53 Control Family Defect Check Type Assessment Method
execute_dql HWAM, SWAM, CSM, VULN Multiple — determined by query content CM-8, RA-5, SI-2, AU-6 Actual-state collection; desired/actual comparison DQL query returns actual state; compared against desired state spec in governance policy artifact
verify_dql CSM CSM-SC-01: Configuration Validation CM-6 (Configuration Settings) Statement validation; syntax and semantic verification Validates that DQL assessment queries are syntactically correct before execution, ensuring assessment reliability
list_problems IR (Incident Response), Continuous Monitoring IR-SC-01: Problem Detection; CM-SC-02: Anomaly Identification IR-4, IR-5, SI-4 Defect identification; anomaly detection Returns active/closed problems as defect candidates; each problem is a potential control assessment event
get_problem_details Risk Assessment, Root Cause Analysis RA-SC-01: Impact Analysis; RCA-SC-01: Causal Determination RA-3, RA-5, SI-4 Root cause analysis; impact classification Davis AI causal analysis provides deterministic root cause — satisfies IR 8011 root cause analysis step
list_vulnerabilities VULN (Vol. 4) VULN-SC-01: Vulnerability Discovery; VULN-SC-02: Patch Currency RA-5, SI-2 Defect identification; vulnerability enumeration Returns CVEs with severity, affected entities, and remediation status — direct IR 8011 Vol. 4 defect check
get_vulnerability_details VULN (Vol. 4) VULN-SC-03: Risk Scoring; VULN-SC-04: Remediation Tracking RA-5, SI-2, SI-5 Defect analysis; remediation verification Detailed CVE analysis with CVSS scoring, affected components, and patch availability — defect characterization
get_entity_details HWAM (Vol. 2), SWAM (Vol. 3) HWAM-SC-01: Device Discovery; SWAM-SC-01: Software Inventory CM-8, PM-5 Actual-state collection; inventory verification Returns entity properties, relationships, and topology — serves as automated asset inventory for IR 8011
get_ownership AC (Access Control), Accountability AC-SC-01: Ownership Attribution; AC-SC-02: Responsibility Mapping AC-5, AC-6, PS-7 Ownership verification; separation of duties check Returns ownership team and responsibility chain — validates accountability controls
get_logs_for_entity AU (Audit and Accountability) AU-SC-01: Log Availability; AU-SC-02: Log Integrity AU-2, AU-3, AU-6, AU-12 Audit trail verification; log completeness check Returns entity-specific logs — verifies that auditable events are being captured per AU control requirements
get_kubernetes_events CSM, Container Security CSM-SC-02: Container Configuration; CSM-SC-03: Orchestration Compliance CM-2, CM-6, SI-3 Configuration deviation detection; container drift identification Returns cluster events — detects configuration changes, pod restarts, and security-relevant Kubernetes events
get_environment_info System Characterization, Boundary Definition SYS-SC-01: Environment Classification; BND-SC-01: Boundary Identification PL-2, CA-3, SA-4 System boundary verification; environment classification Returns environment metadata — foundational for defining authorization boundaries and assessment scope
create_workflow_for_notification IR (Incident Response), CP (Contingency Planning) IR-SC-02: Automated Response; CP-SC-01: Recovery Initiation IR-4, IR-6, CP-2, CP-10 Remediation execution; response automation Creates governance-aware notification workflows — each workflow execution is logged as a control response action
send_slack_message IR (Incident Response Communication) IR-SC-03: Stakeholder Notification IR-6, IR-7 Communication verification; notification completeness Sends governance-tagged notifications — verifies that incident communication requirements are met
update_workflow CSM, CM (Configuration Management) CSM-SC-04: Workflow Configuration Integrity CM-3, CM-5 Change control verification; workflow modification tracking Updates existing workflows with governance context — ensures change management controls are satisfied

7.3 The IR 8011 Assessment Cycle via MCP
The five-step IR 8011 assessment methodology maps to specific MCP tool orchestration patterns:

IR 8011 Step Description MCP Tool(s) SDF Governance Guard Action
1. Desired State Specification Define what "compliant" looks like for each control N/A (policy artifact) Governance policy artifact defines desired state as DQL query predicates and threshold values per control
2. Actual State Collection Collect the current state of the system execute_dql, get_entity_details, list_vulnerabilities, get_kubernetes_events MCP tools collect actual state; results tagged with Governance Metadata Envelope
3. Comparison Compare desired vs. actual state execute_dql (comparison queries) DQL queries compare actual state against desired state predicates; discrepancies flagged as potential defects
4. Defect Identification Identify where actual deviates from desired list_problems, list_vulnerabilities Davis AI problems and vulnerabilities are classified as defects per IR 8011 taxonomy; assigned defect-check IDs
5. Root Cause Analysis Determine why the defect exists get_problem_details, get_vulnerability_details Davis AI causal analysis provides deterministic root cause; mapped to IR 8011 root cause categories

◆ Technical Significance
This crosswalk demonstrates that the Dynatrace MCP server already implements every step of the IR 8011 automated assessment methodology. SDF Governance Guard does not add new assessment capabilities — it reveals that these capabilities have been present in the platform all along, hidden behind operational semantics rather than compliance semantics. The crosswalk is the Rosetta Stone that translates observability operations into auditable control assessments.

8. Implementation Architecture and MCP Tool Orchestration
This section demonstrates a practical implementation scenario showing how an MCP client orchestrates SDF Governance Guard through the LOCATE protocol using actual MCP tool calls and DQL queries.
8.1 Scenario: Production Kubernetes Anomaly
A Davis AI problem detection fires for a production Kubernetes service — svc-payment-api — experiencing anomalous error rates within the authorization boundary AB-PROD-EAST-001, classified as FIPS 199 "High" for integrity and availability.
8.2 LOCATE Execution Walkthrough
Phase L — Log
The MCP client invokes execute_dql to retrieve recent telemetry for the affected service with governance classification:
fetch logs, timeframe:"last 30 minutes" | filter dt.entity.service == "SERVICE-ABC123" | filter loglevel == "ERROR" | fieldsAdd auth_boundary = "AB-PROD-EAST-001", fips199_impact = "HIGH", locate_phase = "LOG"
Result: 847 error-level log entries captured and governance-tagged. The Governance Metadata Envelope is initialized with chain_hash genesis.
Phase O — Observe
The MCP client invokes list_problems to retrieve the Davis AI problem detection. Davis returns a problem with deterministic root cause: deployment deploy-v3.2.1 introduced a regression in the payment processing module, causing HTTP 500 responses on a specific endpoint.
The MCP client then invokes list_vulnerabilities to check for concurrent security vulnerabilities affecting the same service. Two CVEs are found: one medium-severity library vulnerability and one low-severity information disclosure issue.
SDF Governance Guard enriches the problem with: control_family: SI-4, IR-4, ir8011_capability: IR, and the vulnerabilities with: control_family: RA-5, ir8011_capability: VULN.
Phase C — Correlate
The MCP client invokes get_entity_details for SERVICE-ABC123 to resolve the full dependency topology. The service runs on Kubernetes namespace prod-payments, cluster K8S-EAST-001, with downstream dependencies on svc-database-primary and svc-cache-redis.
get_ownership resolves the owning team: Team-Payments-SRE, escalation contact oncall-payments@agency.gov.
A correlation DQL query checks control assessment history:
fetch logs, from:"audit.governance" | filter entity_id == "SERVICE-ABC123" | filter control_family == "SI-4" | sort timestamp desc | limit 10
Result: This is a new defect — no prior SI-4 assessment defects for this entity in the current assessment period. The Governance Metadata Envelope is updated with defect_classification: NEW.
Phase A — Act
The MCP client invokes create_workflow_for_notification to trigger a governance-aware remediation workflow. The workflow payload carries the complete Governance Metadata Envelope, including control families, IR 8011 defect-check IDs, and the authorization boundary identifier.
The workflow creates a ServiceNow incident via the Incident Integration App with inherited governance metadata. Simultaneously, send_slack_message notifies the #payments-sre-oncall channel with governance-tagged context: "Problem P-20260502-001 | Auth Boundary: AB-PROD-EAST-001 | Controls: SI-4, IR-4 | LOCATE Phase: ACT".
Phase T — Trace
The MCP client invokes get_logs_for_entity for svc-payment-api to capture the full trace from signal to action. The governance chain now includes: telemetry ingestion → Davis AI problem detection → MCP list_problems → governance enrichment → MCP create_workflow_for_notification → ServiceNow incident creation → Slack notification. Each step is linked by chain_hash in Grail.
Phase E — Enforce
After the SRE team deploys a hotfix (deploy-v3.2.2), the MCP client invokes verify_dql to validate the post-remediation assessment query, then execute_dql to run it:
fetch logs, timeframe:"last 15 minutes" | filter dt.entity.service == "SERVICE-ABC123" | filter loglevel == "ERROR" | summarize error_count = count()
Result: error_count = 2 (baseline noise, within desired state threshold of <5). The Governance Metadata Envelope is closed with enforcement_result: CONTROL_SATISFIED, and the compliance evidence artifact is written to the audit.governance bucket in Grail.

◆ Implementation Note
This entire LOCATE cycle — from signal to enforcement — executes within minutes, not days. The compliance evidence artifact is auto-generated in Grail as a structured record that any auditor can query via DQL. No spreadsheets. No screenshots. No manual correlation. This is what continuous ATO looks like in practice.

9. Value Proposition by Stakeholder
9.1 For Dynatrace Product — Wolfgang Beer, Wolfgang Heider, Gabriele HB, Andreas Grabner
Wolfgang, Gabriele, Andreas — the MCP server you have built is more capable than even its current users realize. SDF Governance Guard creates a new product category: Governance-as-a-Service via MCP. It positions the Dynatrace MCP server as a compliance control plane, not just an observability API. This strategic repositioning extends Davis AI's value proposition into GRC (Governance, Risk, and Compliance) budgets — a $15B+ market that Dynatrace has not historically addressed.
The framework demonstrates that the existing MCP server tools already implement every step of the NIST IR 8011 automated assessment methodology. This is not a feature request — it is a recognition that the product capabilities are already present and need only a governance semantic layer to unlock an entirely new buyer persona: the CISO, the Authorizing Official, and the Compliance Program Manager. These buyers control budgets that are separate from and additive to the observability budget.
Product implications include: governance metadata envelope as a first-class MCP concept, Grail-native compliance ledger as a storage bucket type, and pre-built governance policy artifacts as marketplace assets.
9.2 For Expert Services — Mike Stadtler, Regional Director, NA Expert Services
Mike, your Expert Services organization is uniquely positioned to lead the governance conversation in every federal and enterprise engagement. SDF Governance Guard provides a turnkey engagement model with clearly defined, billable delivery phases:
● Phase 1 — Foundation (4-6 weeks): MCP server deployment, governance metadata schema implementation, authorization boundary mapping, and LOCATE protocol operationalization. Deliverable: Governance-tagged MCP environment with baseline policy artifacts.
● Phase 2 — Crosswalk (3-4 weeks): NIST IR 8011 crosswalk implementation, ServiceNow inheritance model configuration, DQL-based assessment query library. Deliverable: Automated control assessment for HWAM, SWAM, VULN, and CSM capabilities.
● Phase 3 — Continuous ATO (4-6 weeks): Compliance ledger dashboard, automated POA&M generation, auditor access provisioning, continuous monitoring integration. Deliverable: Real-time compliance posture dashboard with DQL-queryable evidence base.
Each phase is a discrete, repeatable engagement with defined entry/exit criteria. Expert Services can deliver SDF Governance Guard across an agency's entire authorization boundary portfolio using a standardized methodology, reducing delivery risk and increasing margin.
9.3 For Public Sector Channel — Dave Eike, Director, Public Sector Channel Sales
Dave, your channel partners need a differentiated story that no competitor can replicate — SDF Governance Guard is that story. SDF Governance Guard directly aligns to the compliance frameworks that federal customers are mandated to follow: FedRAMP, FISMA, the NIST Risk Management Framework (RMF), and the DoD Continuous ATO initiative. For Public Sector channel partners, this framework transforms the Dynatrace sales conversation from "we monitor your infrastructure" to "we continuously demonstrate your compliance posture."
This repositioning addresses the single largest pain point in federal IT: audit preparation. Federal agencies spend an estimated 30-40% of their cybersecurity staff time on compliance documentation and evidence collection. SDF Governance Guard automates this workload by converting operational telemetry into compliance evidence as a byproduct of normal operations. The value proposition is not faster monitoring — it is fewer FTEs dedicated to audit preparation and faster ATO timelines.
9.4 For Technical Implementation — Lewis Taylor, Technical Implementation Engineer
Lewis, the architecture described in this submission was designed with implementation engineers like you in mind — no custom plugins, no third-party dependencies, no additional licensing. SDF Governance Guard provides a clear, implementable architecture with defined patterns:
● MCP Tool Usage Patterns: Each LOCATE phase maps to specific tool calls with defined parameter schemas and expected response structures.
● DQL Query Templates: Pre-built assessment queries for each IR 8011 security capability, parameterized by authorization boundary and assessment period.
● Governance Metadata Schemas: JSON Schema definitions for the Governance Metadata Envelope, governance policy artifacts, and compliance ledger records.
● No Custom Plugins: Everything is built on existing Dynatrace capabilities — MCP server, DQL, Grail, Workflows, and the entity model. Implementation engineers do not need to build or maintain custom OneAgent extensions.
10. Competitive Differentiation
No other observability platform has achieved — or attempted — the integration of governance-as-code with AI-driven operations through a standardized protocol. The competitive landscape reveals five unique differentiators that SDF Governance Guard delivers:

Capability Dynatrace + SDF Governance Guard Splunk / Cisco Datadog New Relic ServiceNow Native
MCP Server with governance-aware tool orchestration Yes — 14 tools with Governance Metadata Envelope No MCP server No MCP server No MCP server No MCP server
Automated NIST IR 8011 crosswalk Yes — complete crosswalk for all 14 tools Manual mapping only No IR 8011 support No IR 8011 support Partial (GRC module)
Governance metadata inheritance (AI → ITSM) Yes — across 6 ServiceNow integration points Limited (SOAR → ITSM) No governance metadata No governance metadata Internal only (no observability context)
Operational governance protocol (LOCATE) Yes — six-phase cadence No defined protocol No defined protocol No defined protocol No defined protocol
Immutable compliance ledger (Grail-native) Yes — DQL-queryable, hash-chained Splunk indexes (mutable) Log retention (mutable) NRDB (mutable) Audit trail (limited scope)
Deterministic AI root cause for compliance Yes — Davis AI causal analysis Statistical correlation ML-based correlation Applied Intelligence No native AI RCA

The fundamental differentiator is architectural: Dynatrace is the only platform where a single MCP server exposes the full spectrum of capabilities required for automated control assessment — asset inventory, vulnerability management, configuration validation, audit logging, incident response, and root cause analysis — all queryable through a standardized protocol that AI agents can orchestrate. Competitors would need to integrate multiple tools, APIs, and data stores to approximate what the Dynatrace MCP server provides natively. SDF Governance Guard leverages this architectural advantage to make governance a first-class observable — as measurable and actionable as response time, error rate, or throughput.
11. Roadmap and Extensibility
SDF Governance Guard is designed for incremental deployment and extensibility. The roadmap reflects a phased approach that delivers value at each stage while building toward comprehensive continuous compliance.

Phase Timeline Capabilities Deliverables
Phase 1 — Foundation Current (Q2 2026) Governance metadata tagging, NIST IR 8011 crosswalk for HWAM/SWAM/VULN/CSM, LOCATE protocol via MCP tools, Grail-native compliance ledger Governance policy artifacts (JSON/YAML), DQL assessment query library, LOCATE operational runbook
Phase 2 — Expansion Q3 2026 Custom MCP tool extensions for agency-specific control frameworks: HIPAA (healthcare), PCI-DSS (payment), CMMC 2.0 (defense industrial base) Framework-specific policy artifacts, crosswalk extensions, industry-specific DQL query libraries
Phase 3 — Automation Q4 2026 Automated POA&M (Plan of Action and Milestones) generation from Grail compliance data; automated SSP (System Security Plan) evidence population; eMASS integration for DoD environments POA&M generator workflow, SSP evidence auto-population templates, eMASS data feed connector
Phase 4 — Visualization 2027 Continuous ATO dashboard with real-time control inheritance visualization; Authorizing Official (AO) risk acceptance portal; multi-boundary compliance aggregation Dynatrace Dashboard-as-code templates, AO decision support interface, enterprise compliance heat map

Extensibility Model. SDF Governance Guard policies are declarative and version-controlled. Agencies can fork the base policy repository, customize control mappings for their specific authorization boundaries, and deploy customized policies without modifying the MCP server or any Dynatrace platform component. The governance policy artifact format is intentionally simple — JSON objects mapping entity selectors to control families, IR 8011 capabilities, and desired state DQL predicates. This allows security teams with DQL proficiency (but no software engineering background) to author and maintain governance policies independently.
The MCP server's tool architecture is inherently extensible. As Dynatrace adds new MCP tools — for example, tools for Business Analytics, Synthetic Monitoring, or Application Security — SDF Governance Guard's crosswalk can be extended by adding new entries to the policy artifact. The framework scales with the platform without requiring framework modifications.
12. Conclusion
The Dynatrace MCP server is not just an observability API — it is the foundation for a governance control plane that can transform how federal and enterprise organizations achieve and maintain compliance. SDF Governance Guard, powered by the LOCATE protocol and the NIST IR 8011 crosswalk, makes governance a continuous, automated, AI-driven operation rather than a periodic, manual, paper-based exercise.
The framework introduced in this submission requires no new Dynatrace infrastructure, no custom plugins, and no modifications to the MCP server. It is an operational pattern — a set of governance-as-code policies, metadata schemas, and MCP orchestration practices — that transforms existing platform capabilities into compliance automation. Every MCP tool call already generates the data. SDF Governance Guard gives that data compliance meaning.
For the Dynatrace product organization, this represents a new market category. For Expert Services, it is a repeatable, phased engagement model. For the Public Sector channel, it is the answer to the federal customer's most persistent question: "How do I prove I am compliant, continuously, without drowning in audit preparation?" And for technical implementation engineers, it is a clear, implementable architecture built entirely on tools they already know.
The governance gap in AI-driven operations is not a technology problem — it is a semantics problem. The data exists. The tools exist. The protocol exists. SDF Governance Guard provides the semantic layer that connects them. Governance is now a first-class observable.

◆ Closing Statement
SDF Governance Guard makes the Dynatrace MCP server the compliance control plane for the federal enterprise. Every signal logged, every anomaly observed, every vulnerability correlated, every remediation acted upon, every lineage traced, every enforcement validated — LOCATE transforms operations into evidence. This is governance at machine speed, built on the platform Dynatrace already ships.

— End of Submission —
Randy Chambers | Dynatrace Practice Lead | Discipline Consulting Group, LLC | May 2026
Dynatrace MCP Server Challenge — SDF Governance Guard

When I attempt to submit, I receive the following message:

 What privileges do I need in order to submit my challenge?