cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Application Security - What is the logic behind finding security culprit in process istance?

y_buccellato
Mentor

Hello everyone,

 

I'm currently a user of the application security module, which I find fascinating at minimum but I am without experience in the security field.

When a security issue is raised I'm asked which of the applications or services have introduced that particular vulnerability or simply wich services have that vulnerability: in most cases the affected entities, which Dynatrace refer to, are processes or process groups.

 

On the other side from Dynatrace I can reffer to the related entities that are possibily impacted from such vulnerabilitym(including applications, services, processes, databases ecc...).

 

And my question is: why Dynatrace pin point a security vulnerability to processes instead of, for example, a service running on that process?

Wouldn't it be more likely that knowing the service that has introduced the vulnerability I would be able to address the issue directly with dev. team?

 

At the deploy time of an application (a .ear or .war) who is introducing the vulnerable library: the dev who created the app. or the middleware administrator who deployed the app.?

I hope many of you can dispell my doubts and questions by sharing some knowledge and valuable insight 🙂

Thank you

1 REPLY 1

techean
Dynatrace Champion
Dynatrace Champion

Please find my comments 

 

And my question is: why Dynatrace pin point a security vulnerability to processes instead of, for example, a service running on that process? - A process resemble the technology deployed which is vulnerable (services are just codes deployed on that technology)



Wouldn't it be more likely that knowing the service that has introduced the vulnerability I would be able to address the issue directly with dev. team? - You can set alerting profile and these vulnerability alerts can be only triggered to respective team

 

At the deploy time of an application (a .ear or .war) who is introducing the vulnerable library: the dev who created the app. or the middleware administrator who deployed the app.? - The real time deployment scanning feature is under development. Currently DT scans the technology on real time basis that the app or services deployed on it.

KG