This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace Workflows and malicious activity

Go to solution
AgataWlodarczyk
Community Team
Community Team

‎20 Apr 2023 11:54 AM - edited ‎20 Jul 2023 12:16 PM

Executing scripts and actions in my environment introduces new security risks compared to the previous observability and security data gathering.

What are you doing to ensure no malicious activity is coming from Dynatrace Workflows?  

When passion meets people magic and innovation happen.
Reply
1 REPLY 1

Go to solution
michaelwinkler
Dynatrace Advisor
Dynatrace Advisor

‎20 Apr 2023 11:56 AM - edited ‎20 Apr 2023 11:58 AM

Actions are exclusively run inside the Dynatrace platform and not directly inside a customer's environment. Furthermore, all actions are added via apps which both need to be installed by the customer first to make the actions available and are either directly developed by Dynatrace, partners, or the customer themselves.  

Any action or customer (ad-hoc) script is run with a user context and is limited to data the user can access. Any action or script (aka function) can only communicate with the outside via HTTP calls. The platform supports an allow list, which blocks any and all calls to unauthorized domains. In order to give access to on-premise systems (e.g. Jira), Dynatrace EdgeConnect can be deployed in order to work as an HTTP proxy with similar whitelisting and mapping rules for domains, both centrally in the platform and can be further limited on the local Dynatrace EdgeConnect config.

Michael
Reply
Ask a question

Featured Posts