Software intelligence company, Dynatrace, has entered the cloud application security market with the addition of a new module to its Software Intelligence Platform. The Dynatrace Application Security Module provides continuous runtime application self-protection (RASP) capabilities for applications in production as well as preproduction and is optimised for Kubernetes architectures and DevSecOps approaches. According to the manufacturer, the module inherits the automation, AI, scalability and enterprise-grade robustness of the Dynatrace Software Intelligence Platform and extends it to modern cloud RASP use cases.
“Dynatrace Application Security delivers full runtime detection,” said Julien Bourteele, Chief Information Security Officer at Stelliant. “This makes us feel much safer because it ensures we don’t have blind spots and we’re not wasting time chasing false positives. This helps us innovate faster, and with more confidence.”
IDC predicts by 2022 90% of new enterprise applications worldwide will be developed as cloud-native, using agile methodologies and API-driven architectures that leverage microservices, containers, and serverless functions. Traditional approaches to application security can’t keep up in these constantly changing environments. Despite having invested in multiple tools to manage security threats, organisations continue to have blind spots and uncertainty about exposures and their impact on cloud-native applications. When vulnerabilities are detected, current approaches require manual processes that deliver imprecise risk and impact analysis and force teams to waste time chasing false positives. In addition, accelerated innovation and DevSecOps processes have shifted security testing “left”, placing more responsibility on developers to ensure code doesn’t have vulnerabilities. With no time for teams to manually analyse, assess and manage risks based on sampled or scheduled scan results, even the most common and well-documented vulnerabilities can remain undetected and open for hackers to exploit.
Dynamic cloud-native environments have disrupted application security, creating what is estimated to become an $18B market over time. Dynatrace Application Security is purpose-built for this opportunity and enables DevSecOps teams to innovate at the speed required by the business while simultaneously ensuring security.
By combining automated RASP capabilities with core platform strengths, Dynatrace Application Security reportedly enables organisations to precisely identify vulnerabilities in production and preproduction environments, including what they impact and their business priority, and eliminate false positives with real-time topology mapping delivered by Smartscape and distributed tracing with code-level analysis from PurePath. In addition to this users can gain complete vulnerability coverage and never miss a code change or new deployment with automatic and continuous discovery and instrumentation, powered by OneAgent, dramatically speed up risk and impact analysis, remediation, and collaboration with Davis AI-assistance to automatically and continuously identify changes, prioritise alerts and deliver precise answers about the source, nature, and severity of vulnerabilities, and provide detailed, high-quality vulnerability information, and ensure access to the insights needed to fix potentially compromised code through built-in integration with Snyk Intel.
“With Dynatrace Application Security, our DevSecOps teams finally gain the 100% production run-time visibility they need to defend against vulnerabilities in our Kubernetes environment,” said Jürgen Plasser, Application Security Management at Raiffeisen Software GmbH. “Dynatrace’s real-time, topology-driven, and precise risk assessment allows us to focus our energy where it matters for the business, eliminating wasted time spent working through thousands of false positives.”
“We have been working on this platform extension with early adopting customers for some time now and are thrilled to bring our first set of capabilities to market,” said Bernd Greifeneder, Founder and Chief Technology Officer at Dynatrace. “Dynatrace Application Security provides organisations’ security leadership confidence that their production and preproduction environments are protected through continuous, automatic runtime analysis, while enabling DevSecOps teams to focus on what matters, understand vulnerabilities in context and proactively resolve these to drive faster, more secure release cycles. Just as we redefined the performance monitoring and management market, leveraging the transformative impact of the modern cloud, we’re doing it again in the cloud application security market.”
