Header background

Enrich Tenable vulnerability findings with Dynatrace runtime context

Dynatrace integrates with Tenable to provide a single pane of glass for security findings across various environments and products, allowing unified analysis, prioritization, and orchestration of findings. With the enriched runtime context, you can focus on critical issues that impact your production apps and help reduce noise for the DevSecOps teams that remediate those issues.

Managing vulnerabilities in a fragmented world

In today’s complex digital landscape, managing vulnerabilities effectively is crucial for maintaining robust security. However, the challenge often lies in the fragmentation of vulnerability data across different systems and tools.

Dynatrace provides deep insights into application runtime, offering a detailed view of how applications perform and where potential vulnerabilities might lie. On the other hand, Tenable focuses on infrastructure, conducting comprehensive scans of hosts, web applications, and compliance checks.

This division can lead to alert noise from critical security findings in infrastructure, which might not always be relevant to your production environment and applications. Understanding and integrating these insights is key to effectively prioritizing and addressing the most critical vulnerabilities.

Enhance security with the Dynatrace and Tenable integration

Managing vulnerabilities effectively is crucial for maintaining robust security. The integration of Dynatrace with Tenable Vulnerability Management and the Tenable One platform brings a comprehensive approach to vulnerability management and user activity monitoring.

By integrating Dynatrace with Tenable, you can:

  • Prioritize vulnerability findings with runtime context: Gain deeper insights into how vulnerabilities impact your applications in real time, allowing for more informed decision-making.
  • Discover security product coverage gaps: Identify areas where your security products might not be providing adequate coverage, ensuring that no vulnerabilities are overlooked.
  • Automate notifications and ticket creation for new findings: Streamline your response to new vulnerabilities with automated workflows.
  • Monitor and detect suspicious user activity: Analyze and detect suspicious user activity within the Tenable platform.

This integration enhances your ability to manage vulnerabilities and ensures that your security efforts are aligned with your production environment and applications.

Tenable extension with Dynatrace diagram

Integrating with Tenable

Dynatrace delivers this integration as an extension that allows granular control over the data flow between Tenable and the Dynatrace platform.

Leveraging OpenPipelineTM, Tenable vulnerability findings and activity logs are pushed to Dynatrace and stored in Grail TM where they’re mapped to semantic conventions that make them available in a unified schema for further analysis.

With this integration, we also provide additional artifacts to help you get started with security data visualization and automation use cases:

  • Sample dashboard for vulnerability findings: Surface all the vulnerability findings across various products. The dashboard connects the findings to monitored host entities for an impact view of your runtime exposures.Sample dashboard for vulnerability findings in Dynatrace screenshot
  • Sample dashboard for product scan coverage: Visualize and discover coverage gaps in your environment. The dashboard provides the host entity scan coverage to ensure comprehensive security assessments.Sample dashboard for product scan coverage in Dynatrace screenshot
  • Sample workflow for Slack notifications: Receive instant alerts in Slack for new critical vulnerability findings, keeping your team informed and responsive.
    Sample workflow for Slack notifications in Dynatrace screenshot
  • Sample workflow for Jira ticket creation: Automatically create Jira tickets for new critical vulnerabilities, ensuring they’re tracked and addressed promptly.Sample workflow for Jira ticket creation in Dynatrace screenshot

What’s next

Starting with asset scans from Tenable Vulnerability Management, Dynatrace gradually extends the support for additional vulnerability and misconfiguration scan types from Tenable.

Ready to explore the Dynatrace Tenable integration for yourself? Download the app from Dynatrace Hub.