Dynatrace broadens cloud application security coverage for Kubernetes and Node.js

Software intelligence company Dynatrace announced enhancements to its Application Security Module, which the company released in December 2020. These include extending Dynatrace’s AI-powered risk assessment for applications running on Node.js, the runtime environment underpinning the cloud-native applications of many of the world’s leading brands. In addition, Dynatrace is extending automatic software vulnerability detection in Kubernetes environments from workloads to the platform itself, and linking vulnerabilities discovered by Dynatrace to individual containers to streamline assessment and increase the speed of remediation.

Jay Lyman, Senior Analyst with 451 Research, a part of S&P Global Market Intelligence, commented, “46% of respondents rank security and compliance concerns as primary challenges of using cloud-native software such as containers, Kubernetes and serverless in their organizations, as we reported in our Voice of the Enterprise: DevOps, Workloads and Key Projects 2020 survey.” Further expanding Dynatrace’s vulnerability to detection across cloud-native architectures provides DevSecOps teams with more precise, real-time insights into the source, nature, and severity of software vulnerabilities in both their production and pre-production applications. This allows them to make more informed decisions in real-time, mitigate risks with greater speed and efficiency, and accelerate digital transformation with increased confidence.

“Dynatrace’s ability to accurately assess the risk of all runtime vulnerabilities in our cloud-native applications in real time is a game-changer for us,” said Mark Kaplan, Senior Director of IT at BARBRI. “Dynatrace eliminates the false positives, only identifying the true vulnerabilities. And if there is a vulnerability, Dynatrace tells us what it is, and shows precisely where it is in the code, dramatically reducing remediation time. This automation and intelligence give our developers time back for innovation. Unlike our previous solutions that produced reports on a periodic basis, with large gaps between scans, Dynatrace informs us of vulnerabilities the instant they appear, giving me more confidence that our applications are secure.”

As enterprises move to dynamic cloud-native architectures to accelerate their digital transformation, their security exposure and the overhead of mitigating risks is becoming a more prevalent concern. To address this challenge, the Dynatrace Application Security Module provides real-time, continuous runtime application self-protection (RASP) capabilities for cloud-native applications in production and pre-production.

“Modern DevSecOps processes and constantly changing cloud-native architectures have broken traditional approaches to application security and put more responsibility on developers,” said Steve Tack, SVP of Product Management at Dynatrace. “With our launch last December, we extended our platform’s automation and intelligence to cloud application security. We are enabling DevOps teams to continue to innovate at a fast pace, while giving security teams confidence that new cloud-native applications, services, and innovations are vulnerability-free. By expanding coverage to the Kubernetes platform and Node.js, we are providing intelligent vulnerability detection to a broader set of modern cloud environments.”

These enhancements will be available within the next 90 days. For additional information, please visit the Dynatrace blog.