Software intelligence company Dynatrace announced its platform now includes security gates, enabling
DevSecOps teams to automatically assess each new software release to ensure
only secure code moves through the delivery pipeline. Just as Dynatrace
quality gates have allowed development, DevOps, and SRE teams to ensure code
meets their service-level objectives (SLOs), Dynatrace security gates, powered
by the platform's automatic and intelligent observability, now help these teams
assure code is secure as it progresses from preproduction to production.
According to IDC, "The
primary drivers for adopting DevSecOps are to improve the overall application
security posture by identifying security issues earlier in the software
development lifecycle (SDLC), without impacting the velocity of DevOps teams". The
importance of unifying observability, automation, intelligence, and security
within development processes is underscored by additional research,
which reveals more than a quarter of CISOs say development teams sometimes
bypass vulnerability scans to speed up software delivery.
The Dynatrace platform
enables teams to precisely identify vulnerabilities found in cloud-native
workloads and applications across the SDLC, while also prioritizing these
vulnerabilities based on the risk they pose to the business. In addition, the
AI and automation capabilities at the core of the platform help orchestrate
application development processes at scale, including automating code tests and
quality checks against an organization's SLOs. With this latest enhancement,
customers can now leverage Dynatrace's automation and intelligence, along with
the extensive observability data that is already flowing through the platform,
to automatically detect, assess, and manage vulnerabilities in real time, and
with greater accuracy than traditional security tests that operate on static
code.
"As organizations accelerate
their pace of innovation with cloud-native technologies, they are increasingly
integrating security into software development workflows," said Steve Tack, SVP
of Product Management at Dynatrace. "A DevSecOps approach elevates security as
a shared responsibility throughout the entire software development lifecycle,
yet manual processes slow progress. With this release, Dynatrace is
incorporating application security into software development as a continuous,
automated process that matches the rapid release pace required in modern cloud
transformation. This ensures organizations can release software with speed and
security, and at scale, while freeing time for development, DevOps, and SRE
teams to focus on what matters most - driving innovation and business value."