This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

No data showing for code-level vulnerabilities (.NET 4.5)

NicoleMT
Guide

‎24 Jun 2025 02:49 PM

Hi everyone,

I'm trying to see code-level vulnerabilities in Dynatrace, but no data is being displayed.
I'm using .NET 4.5 and I have already enabled the Application Security feature both from the main settings and manually under OneAgent features

Does anyone know if there is any additional configuration required or specific prerequisites for it to work with .NET 4.5?

Thanks in advance for your help!

Labels:
0 Kudos
Reply
7 REPLIES 7

AntonPineiro
DynaMight Guru
DynaMight Guru

‎24 Jun 2025 03:28 PM

Hi,

Not sure which technologies are supported, but first, is OneAgent is fullstack mode?

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl
0 Kudos
Reply

NicoleMT
Guide
In response to AntonPineiro

‎24 Jun 2025 03:33 PM

Hi,

Yes, is fullstack mode

0 Kudos
Reply

dylan_taelemans
Participant

‎24 Jun 2025 07:49 PM - edited ‎24 Jun 2025 07:58 PM

A couple of things to verify:

  1. Is deep monitoring enabled for the process?
    Go to:
    Settings (Process) > Deep Monitoring

  2. Are the following OneAgent features ".NET code-level vulnerability evaluation", ".NET ASP.NET" and "NET ASP.NET Sensor V2" enabled?
    Go to:
    Settings (classic) > Preferences > Oneagent Features (Note: those features     Require restart after enabling​)

  3. Is Code-level Vulnerability Analytics enabled for .NET?
    Go to:
    Settings (classic) > Application Security > General settings
    Ensure it’s enabled and monitoring your .NET environment.

dylan_taelemans_0-1750790720931.png

 

 

0 Kudos
Reply

AntonPineiro
DynaMight Guru
DynaMight Guru
In response to dylan_taelemans

‎25 Jun 2025 08:57 AM

Hi,

I would check which version of .NET is supported in documentation.

Or raising a support ticket.

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl
0 Kudos
Reply

marco_irmer
Champion

‎24 Jun 2025 08:48 PM

Another thing to keep in mind: Detection of code-level vulnerabilities works differently from third-party vulnerabilities. Third-party vulnerabilities are detected whenever the process loads, whereas code-level vulnerabilities require execution of the vulnerable code. In other words, there has to be load placed on the service so that Dynatrace can observe execution of the vulnerable code.

0 Kudos
Reply

c_schwarzbauer
Dynatrace Champion
Dynatrace Champion
In response to marco_irmer

‎25 Jun 2025 11:55 AM

and in addition to that: do you know if there are actual code-level vulnerabilities in the .NET application, which Dynatrace should detect?
if yes, then which ones would that be and in which way is untrusted input propagated there?

0 Kudos
Reply

BalajiMurali
Frequent Guest

‎02 Jul 2025 04:49 PM

Does your account have vulnerability detection enabled? Or on the tenant level?

If not, you won't see anything related to vulnerabilities.

Please check with your Dynatrace Customer Success Manager for more details.

Sometimes, vulnerabilities section is enabled for a specific group of users only, like pentest team. Please check you're part of the group who has access to vulnerabilities report.

0 Kudos
Reply
Ask a question

Featured Posts