This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Runtime Vulnerability Analytics on mobile applications

Go to solution
g_kat
Advisor

‎16 May 2025 09:32 AM

Hi,

 

Is Dynatrace's RVA(Runtime Vulnerability Analytics) applicable to mobile applications? I would guess not since I haven't seen any indication to it being possible, so I started wondering if it even makes sense to extend Application Security to mobile Applications under the current mobile monitoring scheme.

Is there any way this can be approached, or does it need a complete redesign of the mobile SDKs?

Thanks,

George

"Jack of all trades and master of none, still better than master of one."
Reply
4 REPLIES 4

Go to solution
Thomas_Wirth1
Dynatrace Champion
Dynatrace Champion

‎16 May 2025 01:50 PM

Hey g_kat

No, Runtime Vulnerability Analytics is not available for mobile platforms. Here is a link to the supported technologies.

Reply

Go to solution
PierreGutierrez
Dynatrace Champion
Dynatrace Champion

‎16 May 2025 03:45 PM

Hello @g_kat 

To complement what Thomas mentioned

The Runtime Vulnerability Analytics feature is not applicable to mobile application monitoring, as it relies on OneAgent to analyze security at the system process and Process Group level, which is not part of the mobile instrumentation workflow.

Although technologies such as Java or .NET can be used in mobile front-end development, mobile application monitoring in Dynatrace is performed through automatic or manual instrumentation via the Mobile SDK, which sends data directly to Dynatrace through an ActiveGate.

In this mentioned workflow, neither OneAgent nor the host process layer are involved, therefore, the runtime vulnerability analysis capabilities offered by this feature cannot be applied.

I recommend you to be able to generate Product ideas - Dynatrace Community  so that it can be evaluated 😄

Hope it's helpful 💪

Pierre Gutierrez - LATAM ACE Consultant - Loving Cats! Loving Technology !
Reply

Go to solution
g_kat
Advisor

‎16 May 2025 04:03 PM

Thanks @PierreGutierrez  and @Thomas_Wirth1, you confirmed my thoughts.

Indeed, with the current Mobile SDK philosophy it doesn't make much sense getting RVA there, but I will post an idea just to test the waters, since security in mobile applications is a very "hot" area so to speak.

Thanks,

George

"Jack of all trades and master of none, still better than master of one."
Reply

Go to solution
PierreGutierrez
Dynatrace Champion
Dynatrace Champion
In response to g_kat

‎16 May 2025 04:19 PM

Yes, it's a very interesting topic, and I think it's highly valuable from a security perspective.

Currently, there's Dynatrace Live Debugger, which focuses on the backend and its real-time code review.

I think that if they've already implemented this functionality, they could have something similar in the future for front-end application code, perhaps reaching the point of RVA.

Pierre Gutierrez - LATAM ACE Consultant - Loving Cats! Loving Technology !
Reply
Ask a question

Featured Posts