Dynatrace announced the introduction of Security Analytics, a new
Dynatrace platform
solution designed to help organizations better defend against threats
to their hybrid and multicloud environments. Dynatrace Security
Analytics leverages
Davis AI,
which combines predictive and causal AI techniques to provide security
analysts with the precise answers and data context they need to
prioritize and investigate threats and vulnerabilities. Later this year,
Security Analytics will also include generative AI capabilities as part
of Dynatrace's planned expansion to provide a
hypermodal AI offering through Davis. In addition, Security Analytics now leverages
Dynatrace AutomationEngine
to create automations and workflows that analysts can use to assess the
impact of an attack, find the indicators of compromise (IOCs), or
automatically trigger a response. Combining Davis hypermodal AI, precise
answers with context, and intelligent automation empowers security
analysts to defend against emerging cyber threats proactively. It also
bolsters their organization's cybersecurity defense and overall security
posture.
Security analysts often lose productivity due to disjointed tools and
processes that require considerable human intervention. This approach
can result in alerts going uninvestigated for months or years, posing
significant risks to their organizations. Many teams rely on traditional
Security Information and Event Management, or SIEM solutions, that
monitor log data to find IOCs. This data lacks crucial context, such as
the underlying cloud infrastructure and application topology, which can
help narrow the scope of an investigation. Missing this context makes it
difficult to use SIEM solutions to accelerate an investigation or
identify and defend against cyber threats.
Allie Mellen, Senior Analyst at Forrester Research, wrote, "Security
information and event management (SIEM) capabilities alone are no longer
sufficient for security operations teams. Today's security analytics
platforms combine features to enable analytics, investigation,
automation, threat hunting, dashboards, and reporting to help security
analysts be more effective."
Dynatrace Security Analytics addresses these needs by fueling the
answers and automation it delivers with logs, metrics, traces, and
topology while keeping data context intact. This enables teams to
identify and investigate threats that may be impossible to pinpoint from
logs alone. Furthermore, Security Analytics adds to other Dynatrace application security capabilities. These include:
-
Runtime vulnerability analytics, which provides real-time detection and prioritization of vulnerabilities that have escaped into production environments.
-
Runtime application protection, which detects and blocks common application attacks, like SQL injection, command injection, and JNDI attacks.
Dynatrace was recently ranked #1 in the Security Operations Use Case, with a score of 4.6 out of 5, in the 2023 Gartner Critical Capabilities for APM and Observability Report, which the company believes reflects the impact and customer value of its platform's application security capabilities.
Steve Tack, SVP of Product Management at Dynatrace, said, "In today's
rapidly evolving threat landscape, organizations face an unprecedented
risk of cyberattacks that can wreak havoc on their operations and
customers' trust. With Dynatrace Security Analytics, analysts can
quickly investigate and verify what happened and leverage observability
and security data in full context to analyze and take proactive action
to strengthen defenses. Combining these new security analytics with our
platform's other application security capabilities enables our customers
to successfully deliver digital transformation with the confidence that
their hybrid and multicloud environments are well protected."