Dynatrace Intros Davis Security Advisor
June 21, 2021
Security Advisor is an AI-powered enhancement to the Dynatrace® Application
Security Module that automatically surfaces, prioritizes, and details the
software libraries and open-source packages representing the greatest risk to an
organization. This empowers DevSecOps teams to make more informed, real-time
decisions and address the most critical vulnerabilities first, which allows them
to reduce the risk facing their organization with greater confidence and
efficiency, leaving more time to drive innovation.
Vulnerability severity, which is based on the common vulnerability scoring system (CVSS) rating of each vulnerability and whether the relevant code is used at runtime.
Threat context, which reflects whether there is a known public exploit for each vulnerability.
Asset exposure, which indicates whether the vulnerable code is communicating with the internet.
Potential business impact, which is determined by whether the processes that include the vulnerable library are connected to sensitive data.
“Cloud-native architectures fuel digital transformation, but traditional application security tools simply cannot keep up with the rapid pace of change in these environments and fail to surface key insights like whether vulnerable code is used at runtime,” said Steve Tack, SVP of Product Management at Dynatrace. “Manual processes and piecemeal solutions that don’t aggregate data from across these environments force teams to waste time chasing false positives and leave organizations vulnerable to risk. By automatically surfacing the most critical vulnerabilities and providing code-level detail and prioritization based on business impact, Dynatrace enables DevSecOps teams to work smarter, not harder, as they reduce their organizations’ risk exposure.”