03 Aug 2022 02:06 PM - edited 03 Aug 2022 02:13 PM
Hello everyone,
I'm currently a user of the application security module, which I find fascinating at minimum but I am without experience in the security field.
When a security issue is raised I'm asked which of the applications or services have introduced that particular vulnerability or simply wich services have that vulnerability: in most cases the affected entities, which Dynatrace refer to, are processes or process groups.
On the other side from Dynatrace I can reffer to the related entities that are possibily impacted from such vulnerabilitym(including applications, services, processes, databases ecc...).
And my question is: why Dynatrace pin point a security vulnerability to processes instead of, for example, a service running on that process?
Wouldn't it be more likely that knowing the service that has introduced the vulnerability I would be able to address the issue directly with dev. team?
At the deploy time of an application (a .ear or .war) who is introducing the vulnerable library: the dev who created the app. or the middleware administrator who deployed the app.?
I hope many of you can dispell my doubts and questions by sharing some knowledge and valuable insight 🙂
Thank you
05 Aug 2022 12:06 PM
Please find my comments
And my question is: why Dynatrace pin point a security vulnerability to processes instead of, for example, a service running on that process? - A process resemble the technology deployed which is vulnerable (services are just codes deployed on that technology)
Wouldn't it be more likely that knowing the service that has introduced the vulnerability I would be able to address the issue directly with dev. team? - You can set alerting profile and these vulnerability alerts can be only triggered to respective team
At the deploy time of an application (a .ear or .war) who is introducing the vulnerable library: the dev who created the app. or the middleware administrator who deployed the app.? - The real time deployment scanning feature is under development. Currently DT scans the technology on real time basis that the app or services deployed on it.