Dynatrace

Dynatrace

Category: RASP
License: Commercial
Visit Website →

Dynatrace Application Security is a runtime protection module within the Dynatrace observability platform, combining APM capabilities with security monitoring.

What is Dynatrace Application Security?

Dynatrace Application Security provides runtime vulnerability detection and protection as part of the broader Dynatrace platform.

It leverages the same OneAgent technology used for performance monitoring to detect security issues in running applications.

The unique value proposition is the combination of observability and security in a single platform, eliminating the need for separate security agents.

Key Features

Runtime Vulnerability Detection

Dynatrace continuously monitors applications for vulnerabilities in:

  • Application code
  • Third-party libraries
  • Container images
  • Kubernetes configurations

Attack Detection and Protection

The platform detects and can block common attack types:

  • SQL injection
  • Command injection
  • JNDI injection (Log4Shell)
  • Path traversal attacks

AI-Powered Analysis (Davis AI)

Dynatrace uses its Davis AI engine to:

  • Correlate security events with performance data
  • Prioritize vulnerabilities based on actual exposure
  • Reduce false positives through context awareness

How It Works

Dynatrace uses a single agent (OneAgent) that provides both observability and security capabilities:

Application
    └── Dynatrace OneAgent
            ├── Performance monitoring
            ├── Distributed tracing
            ├── Vulnerability detection
            └── Attack protection

The agent automatically instruments applications without code changes.

Installation

Deploy OneAgent on your hosts:

Linux:

wget -O Dynatrace-OneAgent.sh "https://your-environment.live.dynatrace.com/api/v1/deployment/installer/agent/unix/default/latest"
sudo /bin/sh Dynatrace-OneAgent.sh

Kubernetes:

kubectl apply -f https://github.com/Dynatrace/dynatrace-operator/releases/latest/download/dynatrace-operator.yaml

Integration Ecosystem

Dynatrace integrates with:

  • CI/CD pipelines - Jenkins, GitLab, Azure DevOps
  • SIEM tools - Splunk, ServiceNow
  • Ticketing systems - Jira, ServiceNow
  • Container platforms - Kubernetes, OpenShift, ECS

When to Use Dynatrace

Dynatrace Application Security is ideal for organizations that:

  • Already use Dynatrace for observability
  • Want unified APM and security monitoring
  • Prefer AI-powered analysis and prioritization
  • Need minimal operational overhead for security

Other RASP Tools

Contrast Protect
Contrast Protect

Application Detection and Response (ADR) Beyond RASP

Datadog Application Security
Datadog Application Security

APM-Integrated Runtime Protection

Imperva RASP
Imperva RASP

Combines with Imperva WAF

Waratek
Waratek

Java Runtime Protection & Virtual Patching

See all RASP tools