12 Jan 2024 04:34 PM - last edited on 15 Jan 2024 08:51 AM by MaciejNeumann
Hi Team
I am looking forward for some prompt response to understand if Dynatrace can be used to scan network level vulnerabilities apart from Application. To be precise , can it help organizations detect security vulnerabilities such as outdated and unpatched software, missing and poor data encryption, OS and security misconfigurations, and other human errors.
Thanks for your support.
Thanks
Varun
Solved! Go to Solution.
12 Jan 2024 05:49 PM
At the moment, Dynatrace does not detect such vulnerabilities & issues.
This does not mean that it could be done. Effectively, with OneAgent, Dynatrace is very well positioned to eventually do that in the near future. But that is my personal view. If you need any type of additional info, you should check with your Sales Rep.
12 Jan 2024 05:53 PM
Hello Antonio
Thanks for reverting. We are actually partnered with Dynatrace so just wanted to know if this can be customized to scan network vulnerability or it will not suit for the purpose now.
13 Jan 2024 09:17 AM
Hi @VarunArora,
As @AntonioSousa mentioned network scan for vulnerability is not possible now. In my point of view DT can extend yout security framwork, it could be an additional layer of defence but just for the appliacation runtime vulnerability detection (java, .net, php, node.js, go and container). It is really helpful to discover the vulnerable runtime elements. It provide a very good patch level view about it. There are other functionalities also: code level vulnerability analysis and real time application protection against injection type attacks (jndi, sql and command). So it is a really good tool for supporting your DevSecOps piplenes.
I hope it helps.
Best regards,
Mizső
14 Jan 2024 07:31 PM
Thanks for answering. This help and provides clarification. Yes, the tool is very useful for application level scanning and is currently being used in that area.
Thanks
Varun