With the introduction of Application security, I wanted to know if it is possible to have it integrated with other scanning tools that any client would have like Tenable or Nessus for example. if yes how is it done and if it is not possible at the moment is it something that is being developed?
Solved! Go to Solution.
Dynatrace AppSec uses the OneAgent to scan potential vulnerable code and components, matching it against the Snyk database.
Security vulnerabilities are exportable via the API and can be pushed to every tool if you write a simple script and have API access there f.e.
From other tools you can use the dynatrace api to import metrics from there and create problems within Dynatrace. I can't answer the question if Dynatrace will support other tooling but I think this won't be something they'll work on probably.
We have integrated AppSec notifications using webhook with Splunk SIEM. The custom payload fields allows only certain fields but our customer is looking for more fields like