Software intelligence company Dynatrace (NYSE: DT) announced today its entry into the cloud application security market with the addition of a new module to its industry-leading Software Intelligence Platform. The Dynatrace® Application Security Module provides continuous runtime application self-protection (RASP) capabilities for applications in production as well as preproduction and is optimized for Kubernetes architectures and DevSecOps approaches. This module inherits the automation, AI, scalability, and enterprise-grade robustness of the Dynatrace® Software Intelligence Platform and extends it to modern cloud RASP use cases. Dynatrace customers can launch this module with the flip of a switch, empowering the world’s leading organizations currently using the Dynatrace platform to immediately increase security coverage and precision.
“Dynatrace Application Security delivers full runtime detection,” said Julien Bourteele, Chief Information Security Officer at Stelliant. “This makes us feel much safer because it ensures we don’t have blind spots and we’re not wasting time chasing false positives. This helps us innovate faster, and with more confidence.”
IDC predicts by 2022 90% of new enterprise applications worldwide will be developed as cloud-native, using agile methodologies and API-driven architectures that leverage microservices, containers, and serverless functions.1 Traditional approaches to application security can’t keep up in these constantly changing environments. Despite having invested in multiple tools to manage security threats, organizations continue to have blind spots and uncertainty about exposures and their impact on cloud-native applications. When vulnerabilities are detected, current approaches require manual processes that deliver imprecise risk and impact analysis and force teams to waste time chasing false positives. In addition, accelerated innovation and DevSecOps processes have shifted security testing “left”, placing more responsibility on developers to ensure code doesn’t have vulnerabilities. With no time for teams to manually analyze, assess, and manage risks based on sampled or scheduled scan results, even the most common and well-documented vulnerabilities can remain undetected and open for hackers to exploit.
Dynamic cloud-native environments have disrupted application security, creating what is estimated to become an $18B market over time. Dynatrace® Application Security is purpose-built for this opportunity and enables DevSecOps teams to innovate at the speed required by the business while simultaneously ensuring security. By combining automated RASP capabilities with core platform strengths, Dynatrace Application Security enables organizations to:
Precisely identify vulnerabilities in production and preproduction environments, including what they impact and their business priority, and eliminate false positives with real-time topology mapping delivered by Smartscape® and distributed tracing with code-level analysis from PurePath®.
Gain complete vulnerability coverage and never miss a code change or new deployment with automatic and continuous discovery and instrumentation, powered by OneAgent®.
Dramatically speed up risk and impact analysis, remediation, and collaboration with Davis™ AI-assistance to automatically and continuously identify changes, prioritize alerts, and deliver precise answers about the source, nature, and severity of vulnerabilities.
Provide detailed, high-quality vulnerability information, and ensure access to the insights needed to fix potentially compromised code through built-in integration with Snyk Intel.
“With Dynatrace Application Security, our DevSecOps teams finally gain the 100% production run-time visibility they need to defend against vulnerabilities in our Kubernetes environment,” said Jürgen Plasser, Application Security Management at Raiffeisen Software GmbH. “Dynatrace’s real-time, topology-driven, and precise risk assessment allows us to focus our energy where it matters for the business, eliminating wasted time spent working through thousands of false positives.”
Built on a proven, webscale platform, the new Dynatrace® Application Security Module is available for Dynatrace platform customers today.
“We have been working on this platform extension with early adopting customers for some time now and are thrilled to bring our first set of capabilities to market,” said Bernd Greifeneder, Founder and Chief Technology Officer at Dynatrace. “Dynatrace Application Security provides organizations’ security leadership confidence that their production and preproduction environments are protected through continuous, automatic runtime analysis, while enabling DevSecOps teams to focus on what matters, understand vulnerabilities in context, and proactively resolve these to drive faster, more secure release cycles. Just as we redefined the performance monitoring and management market, leveraging the transformative impact of the modern cloud, we’re doing it again in the cloud application security market.”
Application Security joins Infrastructure Monitoring, Application and Microservices Monitoring, Digital Experience Monitoring, Business Analytics, and Cloud Automation as part of the Dynatrace® Software Intelligence Platform.
1 IDC FutureScape: Worldwide Cloud 2020 Predictions, Doc # US44640719, October 2019