Dynatrace announced that it has enhanced its Application Security Module to provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell.
It builds on existing capabilities, which include automatic detection of runtime vulnerabilities in cloud-native applications and workload containers. As a result, organizations can protect their applications in real time and increase DevSecOps automation, allowing them to strengthen the security of their digital services and speed up throughput.
“We need to proactively protect all of our systems to help mitigate security risks,” said David Catanoso, Acting Director of Cloud and Edge Solutions in Infrastructure Operations at the U.S. Department of Veterans Affairs.
“We use a layered, defense-in-depth security approach, and Dynatrace is one of the solutions we use because it quickly identifies vulnerabilities for monitored applications in our clouds. For example, with Log4shell’s vulnerability, it delivered its platform and immediately identified where we were affected, prioritized systems and runtime environments that needed immediate attention, and prevented us from wasting time in war rooms and chasing. of false positives.
Dynatrace Smartscape provides a fluid and automatically updated topology, and Davis, the AI engine of the Dynatrace platform, provides real-time visibility and prioritization of vulnerabilities. This combination allows Dynatrace to strengthen the security of applications with:
- Accurate identification and prioritization of vulnerabilities -Giving teams a clear understanding of the most important weaknesses to address and eliminate the time they spend chasing false positives.
- Proactive remediation of vulnerabilities – Achieved through integration with DevOps toolchains, including offers such as Atlassian, Slack, and ServiceNow.
- Automatic attack detection and blocking -Delivering runtime application self-protection for key Open Web Application Security Project (OWASP) threats, including SQL injections and command injections.
“Organizations are working to improve the security posture by testing the security of the DevSecOps application and processes, but it’s not enough for very dynamic cloud-native environments,” said Steve Tack, SVP of Product Management, Dynatrace. “To enable our customers to be proactive, innovative, and secure, we are excited to add the ability to automatically block attacks in real time to our current strengths-identifying and prioritizing vulnerabilities. With Dynatrace’s intelligence and automation, organizations can reduce risk throughout the software development lifecycle, accelerate throughput, and secure modern cloud workloads and applications. “