Dynatrace has announced the expansion of its Application Security Module to detect and protect against vulnerabilities in runtime environments such as the Node.js runtime, .NET CLR, and Java Virtual Machine (JVM).
Dynatrace now also supports Go-based applications, with these enhancements, the Dynatrace platform now provides visibility and vulnerability analytics across the entire application stack, including custom code, open-source and third-party libraries, language runtimes, container runtimes, and container orchestrators.
Steve Tack, SVP of Product Management at Dynatrace commented, “The number of entry points attackers use to target applications continues to expand. Vulnerabilities can creep into applications from any part of the software supply chain, including open-source or third-party components and application runtimes.”
Dynatrace not only identifies vulnerabilities across these layers but also analyzes them to provide actionable and precise answers. This enables development and security teams to better assess risk, prioritize and remediate threats, and innovate faster and with greater security.
“Traditional approaches can’t accurately surface vulnerabilities at runtime or analyze their potential exploitability and impact. Dynatrace is the only solution that provides runtime vulnerability analysis across the entire application stack and AI-assisted prioritization for the most popular cloud-native application technologies, now including Golang. With these capabilities, DevSecOps teams can focus on remediating the most impactful vulnerabilities. This helps them innovate faster, with the confidence that all layers of their applications are vulnerability-free.”, Tack continued.
Language runtimes are an important component of the application stack because they ensure that apps can run on any platform without being rewritten or recompiled. Dynatrace delivers application vulnerability analysis in pre-production and production environments by extending its Application Security Module to support runtimes in the adopted programming languages.
Luca Domenella, Head of Cloud Operations and DevOps at Soldo stated, “We have a proud heritage as a cloud-native business that harnesses agile delivery practices, the latest technology, and a state-of-the-art, secure development lifecycle to bring continuous innovation to our customers. Dynatrace Application Security helps to make this possible by giving us comprehensive visibility and analytics across all layers of our complex application ecosystem, ensuring no vulnerability escapes our secure DevOps lifecycle. In addition, it helps us instantly understand the risk and potential impact of zero-day vulnerabilities, such as Log4Shell, and automatically prioritizes the steps required to resolve them. This saves our teams from wasting weeks triaging alerts and enables them to resolve new vulnerabilities in just days or less, so they can stay focused on innovating.”