Software Intelligence company
Dynatrace announced it has extended its Application Security Module to
detect and protect against vulnerabilities in runtime environments,
including the Java Virtual Machine (JVM), Node.js runtime, and .NET CLR.
In addition, Dynatrace has extended its support to applications running
in Go, one of the fastest-growing programming languages, with adoption
increasing by 23 percent last year.
With these enhancements, the Dynatrace platform becomes
the only solution providing real-time visibility and vulnerability
analytics across the entire application stack, which includes custom
code, open-source and third-party libraries, language runtimes,
container runtimes, and container orchestrators. Dynatrace not only
identifies vulnerabilities across each of these layers automatically but
also analyzes them to provide actionable and precise answers
out-of-the-box. This empowers development and security teams to assess
risk better, prioritize and remediate threats more effectively, and
innovate faster and with increased security.
"We
have a proud heritage as a cloud-native business that harnesses agile
delivery practices, the latest technology, and a state-of-the-art,
secure development lifecycle to bring continuous innovation to our
customers," said Luca Domenella, Head of Cloud Operations and DevOps at
Soldo. "Dynatrace Application Security helps to make this possible by
giving us comprehensive visibility and analytics across all layers of
our complex application ecosystem, ensuring no vulnerability escapes our
secure DevOps lifecycle. In addition, it helps us instantly understand
the risk and potential impact of zero-day vulnerabilities, such as Log4Shell,
and automatically prioritizes the steps required to resolve them. This
saves our teams from wasting weeks triaging alerts and enables them to
resolve new vulnerabilities in just days or less, so they can stay
focused on innovating."
Language
runtimes are a critical layer of the application stack as they ensure
apps are available and well-executed on any platform without having to
be rewritten or recompiled. By extending its Application Security Module
to support runtimes in the most widely adopted programming languages,
Dynatrace delivers the industry's most comprehensive application
vulnerability analysis, spanning all potential entry points in
pre-production and production environments.
"The
number of entry points attackers use to target applications continues
to expand. Vulnerabilities can creep into applications from any part of
the software supply chain, including open-source or third-party
components and application runtimes," said Steve Tack, SVP of Product
Management at Dynatrace. "Traditional approaches can't accurately
surface vulnerabilities at runtime or analyze their potential
exploitability and impact. Dynatrace is the only solution that provides
runtime vulnerability analysis across the entire application stack and
AI-assisted prioritization for the most popular cloud-native application
technologies, now including Golang. With these capabilities, DevSecOps
teams can focus on remediating the most impactful vulnerabilities. This
helps them innovate faster, with the confidence that all layers of their
applications are vulnerability-free."
These enhancements will be available within the next 90 days.