Software intelligence company Dynatrace has extended the Application Security module to detect and protect against vulnerabilities in runtime environments such as the Java Virtual Machine (JVM), the Node.js runtime, and the .NET CLR.
In addition, Dynatrace supports applications running on Go, one of the fastest-growing programming languages, with usage growing 23 percent in the past year.
With these enhancements, the Dynatrace® platform provides a single solution for real-time visibility and vulnerability analysis across the entire application stack, including custom code, open source and third-party libraries, language runtimes, container runtimes, and container orchestrators. Dynatrace not only automatically detects vulnerabilities in each of these layers, but also analyzes them and provides real-time, actionable responses. It enables development and security teams to better assess risk, prioritize and remediate threats, and improve security faster.
“We have a proud heritage as a cloud-based business that uses agile delivery experiences, cutting-edge technologies and a state-of-the-art and secure development lifecycle to bring continuous innovation to our customers,” said Luca Domenella. cloud operations and DevOps at Soldo.
“Dynatrace Application Security helps make this possible by providing comprehensive visibility and analytics across all layers of our comprehensive application ecosystem, ensuring that no vulnerability escapes our secure DevOps lifecycle. Additionally, it helps you immediately understand the risk and potential impact of zero-day vulnerabilities like Log4Shell and automatically prioritizes the steps needed to address them. This saves our team from wasting weeks trying to find new alerts, and allows us to address new vulnerabilities in days or less.
Language runtimes are an important layer of the application stack, they allow applications to run well on any platform without rewriting or recompiling them. By extending the Application Security module to support runtimes in the most widely used programming languages, Dynatrace delivers the industry’s most comprehensive application vulnerability analysis covering all potential entry points in pre-production and production environments.
“The number of entry points that attackers use to target applications continues to increase. Vulnerabilities can enter applications from anywhere in the software supply chain, including open source or third-party components and application runtimes,” said Steve Tuck, vice president of product management at Dynatrace.
“Traditional methods cannot accurately capture vulnerabilities at runtime or analyze their potential exploits and impacts. Dynatrace is the only solution for AI-powered prioritization and runtime vulnerability analysis across the entire application stack for the most popular cloud technologies, including Golang. With these capabilities, DevSecOps teams can focus on remediating the most impactful vulnerabilities. This helps them innovate faster, with confidence that every layer of their application is free of vulnerabilities.”