Are you getting ready for the upcoming Black Hat USA 2023 event, an internationally recognized cybersecurity event providing the most technical and relevant information security research, now in its 26th year.  The event is quickly approaching, taking place August 5-10, 2023, returning to the Mandalay Bay Convention Center in Las Vegas, NV with a 6-day program. 

Ahead of the show, VMblog received an exclusive interview with Andreas Kroier, Senior Principal and Solution Lead of Application Security at Dynatrace, a leader in unified observability and security.  Make sure to add them to your MUST SEE list.

 

VMblog:  Before we get into it, can you give us a quick overview of the company?  What should folks know?

Andreas Kroier:  One of the most critical threats facing cloud environments today is the lack of visibility and control. Dynatrace provides deep observability insights and runtime application security and analytics to help organizations simplify cloud complexity and ensure their software runs perfectly. Our unified observability and security platform delivers precise answers about the performance of applications, microservices, the underlying infrastructure, and the experience of end-users to enable organizations to innovate faster, collaborate more efficiently, and deliver more value.

Studies have shown that around 75 million applications will be delivered over the next few years. The volume and complexity of data and the number of applications will be impossible for companies to manage using traditional tools and strategies. Automation will be key - and to be successful organizations need modern observability platforms, like the Dynatrace platform, that use AI to discover, map and monitor applications running in multi- and hybrid-cloud environments.

VMblog:  You are sponsoring the upcoming Black Hat USA event.  How can attendees find you at the show?  Does your booth have a theme?  How many folks are you sending? 

Kroier:  During the event, we'll be at booth #2608 and our theme is cloud security done right. Stop by to learn how you can elevate your security tooling with Dynatrace.

At the booth, we'll be hosting several live demos of the Dynatrace Application Security Module, designed to provide real-time, automatic attack detection and blocking to protect against injection attacks that exploit critical vulnerabilities. 

I will be on-site and would love to connect to share how Dynatrace is leveraging hypermodal AI-combining predictive, causal, and generative AI-to help organizations mitigate security risks facing their cloud environments.

VMblog:  What is your message to Black Hat attendees coming out to the show this year?

Kroier:  Combining observability and security is no longer an option, it is a necessity. Organizations must have real-time visibility into their security posture, enabling immediate responses to any potential vulnerabilities that may be exploited by attackers. This necessitates an enhanced focus on analytics, incorporating observability context and data into both threat detection and forensics use cases and thereby not only looking at logs. By leveraging automation in security analytics investigations, organizations can continuously assess the risks posed by cyberattacks.

By utilizing solutions like the Dynatrace platform that converge observability and security data, organizations can make informed decisions, automatically prioritize actions efficiently using AI, and strengthen their overall security posture in an ever-evolving threat landscape.

VMblog:  The show is focused on cybersecurity.  What specific problems is your company and technology addressing?

Kroier:  Dynatrace is helping organizations supercharge their security operations through observability and AI. By empowering IT teams with observability insights, organizations reduce complexity and gain greater visibility and stronger defenses across hybrid and multicloud architectures. IT teams can obtain precise insights into their IT environments to monitor application performance and vulnerabilities, all in one holistic view. In the event of an incident, observability data can also help organizations prioritize which applications and systems to remediate first based on their importance to the business. Traditionally this has been difficult due to organizations' reliance on point solutions, resulting in fragmented data and teams working in siloes.  

Additionally, observability allows organizations to shift security left -that is, to identify security vulnerabilities in development through testing-as well as to shift right by connecting runtime insights to data collected throughout the development stage so that organizations gain a holistic view of the entire development cycle and quickly resolve incidents in parallel. With robust visibility across systems as well as the entire software development lifecycle, observability helps organizations reduce the time it takes to find vulnerabilities from days or weeks to as little as minutes and enables teams to be more effective and strategic in their resolution strategies, rather than being mired in days of firefighting. 

VMblog:  The market is a crowded space.  What is it about your company and technology that sets you apart from the competition?  What are your differentiators?

Kroier:  A key differentiator of Dynatrace's application security offering compared to other solutions available in the market lies in our unique approach to integrating observability and security. In the current cyber security landscape, customers are often overwhelmed with a multitude of tools that generate isolated "security events", leaving them uncertain about where to focus their efforts and the true risks facing their organization.

By combining our observability with our security product capabilities, Dynatrace provides a holistic and real-time understanding of an organization's security posture. We leverage our deep insights across the entire technology stack to cover all stages of an attack, from before, during, and after. 

• Before an attack, our solution excels in vulnerability detection and prioritization. We identify potential weaknesses proactively in third party, custom or commercial off the shelf code.
• During an attack, Dynatrace provides protection capabilities to mitigate and thwart threats in real time. Our solution is designed to shield the identified vulnerability in an application, ensuring business continuity and reducing potential damage, until the development teams resolve the problem.
• After an attack, our forensics capabilities come into play. We empower organizations with comprehensive insights and analysis to understand the impact, learn from the incident, and fortify their applications against future threats.
  

By encompassing the entire security lifecycle and leveraging the power of observability, Dynatrace sets itself apart as a comprehensive and proactive security solution.

VMblog:  How does Dynatrace leverage AI in its security offerings?

Kroier:  Davis AI, our highly differentiated hypermodal AI engine, delivers precise, trustworthy, and explainable answers on trillions of dependencies in seconds. This is indispensable for managing large-scale and dynamic software systems. In a nutshell, Dynatrace automatically identifies vulnerabilities and analyzes them to provide actionable and precise answers using a blend of fact-based, predictive, and causal-AI, as well as generative AI capabilities. This empowers development and security teams to assess risk better, prioritize and remediate threats more effectively, and innovate faster and with increased security.

VMblog:  What are some of the security best practices you would deem critical?

Kroier:  Best practices for organizations to successfully safeguard their cloud operations focus on an end-to-end approach to security. This includes:

• Security across the software development lifecycle: Shifting security left as well as right by identifying vulnerabilities in production through real-user monitoring, performance tracking, and other methods and connecting them with runtime data to create a holistic view of the entire development lifecycle. This eliminates blind spots and helps reduce the time it takes to find vulnerabilities from days or weeks to as little as minutes and enables teams to be more effective and strategic in their resolution strategies. Additionally, organizations should prioritize runtime security to gain a clear understanding of how vulnerabilities impact their organization if one occurs. From there, they can prioritize how to resolve incidents based on business impact.
• Continuous threat detection: In today's world where so many digital activities are readily available and instant, downtime is unacceptable. It leads to additional stress for employees, causes frustration among customers and directly impacts profitability. Continuously monitoring for security events, performance anomalies and issues with compliance, and optimizing the architecture to run more smoothly gives businesses greater flexibility to adapt to changing business conditions while providing the highest quality customer service possible.
• Workflows and automation: Cloud computing allows companies to focus on driving growth through innovation rather than dealing with daily fires that could be better handled by automation. Companies should identify cloud solutions that leverage artificial intelligence and big data analytics to gain insights into their security hygiene, optimize security operations and automate incident resolution so employees can spend more time on business-critical tasks.

VMblog:  Is your company giving away any interesting tchotchke at your booth?  What is it?

Kroier:  At the booth, we'll be giving away t-shirts, water bottles, socks, and wireless chargers. We'll also be raffling off an Oculus VR headset each day of the show so make sure to stop by!